View
70
Download
1
Category
Tags:
Preview:
Citation preview
The protocols used in an IP phone call are:
SIP (Session Initiation Protocol):A standardized signaling protocol (RFC 3261) which works over TCP (typically on port 5060) at the application OSI layer. Its role is to create, modify or terminate phone sessions. SIP behaves very similarily to HTTP in that SIP clients send requests to the server which will answer with responses (status). The difference with HTTP is that SIP clients can also respond to requests made by a server.Other signaling protocols are H.323 or the Cisco protocol SCCP. SIP is progressively replacing these two protocols.
SDP (Session Description Protocol)A standardized protocol (RFC 4566) providing information about multimedia initialization settings such as VoIP calls.
RTP (Real-time Transport Protocol): A standardized transport protocol (RFC 3550) working over UDP at the transport OSI layer.
RTCP:A protocol closely linked with RTP (also defined in RFC 3550). It does not transport any data but gives information about the quality of the service provided by RTP.
1. SIP Registration
2. SIP Initialization/Closure
3. SDP
4. RTP
5. RTCP
6. CHECKS
1. SIP Registration
Here is a Wireshark capture of the SIP registration process.Babar registrates with the trixbox server.
1
2
3
4
5
6
Let's look at the SIP message headers:
1. REGISTER
The client tries to register with the server.
REGISTER sip:local SIP/2.0 Via: SIP/2.0/UDP 192.168.1.102:15772;branch=z9hG4bK-d87543-280a581fa364af43-1--d87543-;rport Max-Forwards: 70 Contact: To: "Babar" From: "Babar";tag=11573036 Call-ID: ZGVmYmM0OWRhNzYyMmI5M2FmODIwZjk1YTA2ZTI2Y2I. CSeq: 1 REGISTER Expires: 3600 Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, NOTIFY, MESSAGE, SUBSCRIBE, INFO User-Agent: X-Lite release 1011s stamp 41150 Content-Length: 0
2. 100 - Trying
The server indicates to the client that it is performing searches.
SIP/2.0 100 Trying Via: SIP/2.0/UDP 192.168.1.102:15772;branch=z9hG4bK-d87543-280a581fa364af43-1--d87543-; received=192.168.1.102;rport=15772 From: "Babar";tag=11573036 To: "Babar" Call-ID: ZGVmYmM0OWRhNzYyMmI5M2FmODIwZjk1YTA2ZTI2Y2I. CSeq: 1 REGISTER User-Agent: Asterisk PBX Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY Contact: Content-Length: 0
3. 401 - Unauthorized
The server rejects the client registration and sends it back a challenge digest composed of an algorithm type, a "realm" and a "nonce".The "nonce" is a random value created on the Asterisk server and sent to the client. It has a limited lifetime which prevents replay attacks. Each challenge digest contains a different nonce value. The "realm" is the SIP domain name.
Digest authentication checks that both communicate parties know a shared password.
401 Unauthorized Via: SIP/2.0/UDP 192.168.1.102:15772;branch=z9hG4bK-d87543-280a581fa364af43-1--d87543-; received=192.168.1.102;rport=15772 From: "Babar";tag=11573036 To: "Babar";tag=as1647de36 Call-ID: ZGVmYmM0OWRhNzYyMmI5M2FmODIwZjk1YTA2ZTI2Y2I. CSeq: 1 REGISTER User-Agent: Asterisk PBX Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY WWW-Authenticate: Digest algorithm=MD5, realm="asterisk", nonce="29b8191d" Content-Length: 0
4. REGISTER
The client sends a new registration request but this time with a digest response composed of the:"username", "realm", "nonce", "uri", "response" and the algorithm.
The "URI" (Uniform Resource Identifier) is a string of characters used to identify a resource.
The "nonce" sent by the server is used to compute a "response".
REGISTER sip:local SIP/2.0 Via: SIP/2.0/UDP 192.168.1.102:15772;branch=z9hG4bK-d87543-5f795c5af206133a-1--d87543-;rport Max-Forwards: 70
Contact: To: "Babar" From: "Babar";tag=11573036 Call-ID: ZGVmYmM0OWRhNzYyMmI5M2FmODIwZjk1YTA2ZTI2Y2I. CSeq: 2 REGISTER Expires: 3600 Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, NOTIFY, MESSAGE, SUBSCRIBE, INFO User-Agent: X-Lite release 1011s stamp 41150 Authorization: Digest username="203",realm="asterisk",nonce="29b8191d",uri="sip:local", response="7306cfba1b131f2f04363b68d908f855",algorithm=MD5 Content-Length: 0
5. 100 - Trying
The server warns the client that it is performing searches.
SIP/2.0 100 Trying Via: SIP/2.0/UDP 192.168.1.102:15772;branch=z9hG4bK-d87543-5f795c5af206133a-1--d87543-; received=192.168.1.102;rport=15772 From: "Babar";tag=11573036 To: "Babar" Call-ID: ZGVmYmM0OWRhNzYyMmI5M2FmODIwZjk1YTA2ZTI2Y2I. CSeq: 2 REGISTER User-Agent: Asterisk PBX Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY Contact: Content-Length: 0
6. 200 - OK
After computation, the server is able, to validate the client password thanks to the digest response it just received.With the digest authentication process, no password is exchanged between the client and the server.
The server can send a message to the client to validate the registration.
SIP/2.0 200 OK Via: SIP/2.0/UDP 192.168.1.102:15772;branch=z9hG4bK-d87543-5f795c5af206133a-1--d87543-; received=192.168.1.102;rport=15772 From: "Babar";tag=11573036 To: "Babar";tag=as1647de36 Call-ID: ZGVmYmM0OWRhNzYyMmI5M2FmODIwZjk1YTA2ZTI2Y2I.
CSeq: 2 REGISTER User-Agent: Asterisk PBX Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY Expires: 3600 Contact: ;expires=3600 Date: Fri, 21 Dec 2007 22:15:51 GMT Content-Length: 0
SIP registration picture
Top of the page
2. SIP Initialization/Closure & SDP
Here is a Wireshark capture of the SIP initialization and closure processes.Bambou (extension 202) calls Babar (extension 203), talks to it and then hangs up (closure/termination).
Let us see in detail the steps needed for SIP to establish a VoIP call before voice data can be exchanged between two parties.
The process to establish an SIP link between two hosts is very similar to the one used for TCP:
TCP SIP
step1:
SYN INVITE
step2:
SYN/ACK 200 - OK
step3:
ACK ACK
1
2
3
4
5
6
7
8
9
10
11
12
13
14
The same steps displayed by Wireshark. (click to enlarge)
Let us look at the SIP message headers:
1. INVITE
The client indicates to the server that it wants to establish a phone call.
INVITE sip:203@192.168.1.222 SIP/2.0 Via: SIP/2.0/UDP 192.168.1.106;rport;branch=z9hG4bKmazrqogm Max-Forwards: 70 To: < sip:203@192.168.1.222> From: "Bambou" < sip:202@192.168.1.222>;tag=kbcql Call-ID: jcaqhewsybtyksb@192.168.1.106 CSeq: 565 INVITE Contact: < sip:202@192.168.1.106> Content-Type: application/sdp Allow: INVITE,ACK,BYE,CANCEL,OPTIONS,PRACK,REFER,NOTIFY,SUBSCRIBE,INFO,MESSAGE Supported: replaces,norefersub,100rel User-Agent: Twinkle/1.1
Content-Length: 307
2. 407 - Proxy Authentication Required
The server rejects the client invitation and sends back a challenge digest composed of an algorithm type, a "realm" and a "nonce".The "nonce" is a random value created on the Asterisk server and sent to the client. It has a limited lifetime which prevents replay attacks. Each challenge digest contains a different nonce value.
Digest authentication checks that both communicating parties know a shared password. The "realm" is the SIP domain name.
SIP/2.0 407 Proxy Authentication Required Via: SIP/2.0/UDP 192.168.1.106;branch=z9hG4bKmazrqogm;received=192.168.1.106;rport=5060 From: "Bambou" < sip:202@192.168.1.222>;tag=kbcql To: < sip:203@192.168.1.222>;tag=as219a888b Call-ID: jcaqhewsybtyksb@192.168.1.106 CSeq: 565 INVITE User-Agent: Asterisk PBX Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY Proxy-Authenticate: Digest algorithm=MD5, realm="asterisk", nonce="138dd154" Content-Length: 0
3. ACK
The client acknowledges the message
ACK sip:203@192.168.1.222 SIP/2.0 Via: SIP/2.0/UDP 192.168.1.106;rport;branch=z9hG4bKmazrqogm
Max-Forwards: 70 To: < sip:203@192.168.1.222>;tag=as219a888b From: "Bambou" < sip:202@192.168.1.222>;tag=kbcql Call-ID: jcaqhewsybtyksb@192.168.1.106 CSeq: 565 ACK User-Agent: Twinkle/1.1 Content-Length: 0
4. INVITE
The client sends a new invitation request but this time with a digest response composed of the:"username", "realm", "nonce", "uri", "response" and the algorithm.
The "nonce" sent by the server is used to compute a "response".The "URI" (Uniform Resource Identifier) is a string of characters used to identify a resource.
After computation, the server will be able, to validate the client password with the digest response it just received.With the digest authentication process, no password is exchanged between the client and the server.
INVITE sip:203@192.168.1.222 SIP/2.0
Via: SIP/2.0/UDP 192.168.1.106;rport;branch=z9hG4bKtomragum Max-Forwards: 70 Proxy-Authorization: Digest username="202",realm="asterisk",nonce="138dd154",uri="sip:203@192.168.1.222", response="c46a93637d0af311c7f9cd3bb542cd08",algorithm=MD5 To: < sip:203@192.168.1.222> From: "Bambou" < sip:202@192.168.1.222>;tag=kbcql Call-ID: jcaqhewsybtyksb@192.168.1.106 CSeq: 566 INVITE Contact: < sip:202@192.168.1.106> Content-Type: application/sdp Allow: INVITE,ACK,BYE,CANCEL,OPTIONS,PRACK,REFER,NOTIFY,SUBSCRIBE,INFO,MESSAGE Supported: replaces,norefersub,100rel User-Agent: Twinkle/1.1 Content-Length: 307
5. 100 - Trying
The server warns the sender (Bambou - 202) that it is trying to reach the recipient (Babar - 203)
SIP/2.0 100 Trying Via: SIP/2.0/UDP 192.168.1.106;branch=z9hG4bKtomragum;received=192.168.1.106;rport=5060 From: "Bambou" < sip:202@192.168.1.222>;tag=kbcql To: < sip:203@192.168.1.222> Call-ID: jcaqhewsybtyksb@192.168.1.106 CSeq: 566 INVITE User-Agent: Asterisk PBX Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY Contact: < sip:203@192.168.1.222> Content-Length: 0
SIP Process picture
6. INVITE
The server invites the recipient (Babar - 203).
INVITE sip:203@192.168.1.102:9097;rinstance=fc31ac7abb1cc558 SIP/2.0 Via: SIP/2.0/UDP 192.168.1.222:5060;branch=z9hG4bK407630a5;rport
From: "Bambou" < sip:202@192.168.1.222>;tag=as65501eef To: < sip:203@192.168.1.102:9097;rinstance=fc31ac7abb1cc558> Contact: < sip:202@192.168.1.222> Call-ID: 4ddd4d6e5fc3aacf5e6994da26ac2f94@192.168.1.222 CSeq: 102 INVITE User-Agent: Asterisk PBX Max-Forwards: 70 Date: Sun, 16 Dec 2007 20:15:10 GMT Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY Content-Type: application/sdp Content-Length: 240
7. 180 - Ringing
The server sends a message to the sender (Bambou - 202) in order to ring its phone.
SIP/2.0 180 Ringing Via: SIP/2.0/UDP 192.168.1.106;branch=z9hG4bKtomragum;received=192.168.1.106;rport=5060 From: "Bambou" < sip:202@192.168.1.222>;tag=kbcql To: < sip:203@192.168.1.222>;tag=as0de70729 Call-ID: jcaqhewsybtyksb@192.168.1.106 CSeq: 566 INVITE User-Agent: Asterisk PBX Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY Contact: < sip:203@192.168.1.222> Content-Length: 0
8. 180 - Ringing
The recipient (Babar - 203) tells the server that its phone is ringing.
SIP/2.0 180 Ringing Via: SIP/2.0/UDP 192.168.1.222:5060;branch=z9hG4bK407630a5;rport=5060 Contact: < sip:203@192.168.1.102:9097;rinstance=fc31ac7abb1cc558> To: < sip:203@192.168.1.102:9097;rinstance=fc31ac7abb1cc558>;tag=115eda75 From: "Bambou"< sip:202@192.168.1.222>;tag=as65501eef Call-ID: 4ddd4d6e5fc3aacf5e6994da26ac2f94@192.168.1.222 CSeq: 102 INVITE User-Agent: X-Lite release 1011s stamp 41150
Content-Length: 0
9. 200 - OK
The recipient (Babar - 203) confirms the server invitation.
SIP/2.0 200 OK Via: SIP/2.0/UDP 192.168.1.222:5060;branch=z9hG4bK407630a5;rport=5060 Contact: < sip:203@192.168.1.102:9097;rinstance=fc31ac7abb1cc558> To: < sip:203@192.168.1.102:9097;rinstance=fc31ac7abb1cc558>;tag=115eda75 From: "Bambou"< sip:202@192.168.1.222>;tag=as65501eef Call-ID: 4ddd4d6e5fc3aacf5e6994da26ac2f94@192.168.1.222 CSeq: 102 INVITE Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, NOTIFY, MESSAGE, SUBSCRIBE, INFO Content-Type: application/sdp User-Agent: X-Lite release 1011s stamp 41150 Content-Length: 187
SIP Process picture
10. ACK
The server acknowledges the recipient (Babar - 203) confirmation.
ACK sip:203@192.168.1.102:9097;rinstance=fc31ac7abb1cc558 SIP/2.0 Via: SIP/2.0/UDP 192.168.1.222:5060;branch=z9hG4bK64b6b476;rport
From: "Bambou" < sip:202@192.168.1.222>;tag=as65501eef To: < sip:203@192.168.1.102:9097;rinstance=fc31ac7abb1cc558>;tag=115eda75 Contact: < sip:202@192.168.1.222> Call-ID: 4ddd4d6e5fc3aacf5e6994da26ac2f94@192.168.1.222 CSeq: 102 ACK User-Agent: Asterisk PBX Max-Forwards: 70 Content-Length: 0
11. 200 - OK
The server confirms the sender (Bambou - 202) invitation (step 4).
SIP/2.0 200 OK
Via: SIP/2.0/UDP 192.168.1.106;branch=z9hG4bKtomragum;received=192.168.1.106;rport=5060 From: "Bambou" < sip:202@192.168.1.222>;tag=kbcql To: < sip:203@192.168.1.222>;tag=as0de70729 Call-ID: jcaqhewsybtyksb@192.168.1.106 CSeq: 566 INVITE User-Agent: Asterisk PBX Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY Contact: < sip:203@192.168.1.222> Content-Type: application/sdp Content-Length: 240
12. ACK
The sender (Bambou - 202) acknowledges the server confirmation.The phone call can begin. The RTP protocol will transport the VoIP packets and the RTCP will control the link quality.
ACK sip:203@192.168.1.222 SIP/2.0 Via: SIP/2.0/UDP 192.168.1.106;rport;branch=z9hG4bKixdtxpvy Max-Forwards: 70 Proxy-Authorization: Digest username="202",realm="asterisk",nonce="138dd154",uri="sip:203@192.168.1.222", response="c46a93637d0af311c7f9cd3bb542cd08",algorithm=MD5 To: < sip:203@192.168.1.222>;tag=as0de70729 From: "Bambou" < sip:202@192.168.1.222>;tag=kbcql Call-ID: jcaqhewsybtyksb@192.168.1.106 CSeq: 566 ACK User-Agent: Twinkle/1.1 Content-Length: 0
13. BYE
The sender (Bambou - 202) hangs up.
BYE sip:203@192.168.1.222 SIP/2.0 Via: SIP/2.0/UDP 192.168.1.106;rport;branch=z9hG4bKassptnfl Max-Forwards: 70 To: < sip:203@192.168.1.222>;tag=as0de70729 From: "Bambou" < sip:202@192.168.1.222>;tag=kbcql Call-ID: jcaqhewsybtyksb@192.168.1.106 CSeq: 567 BYE User-Agent: Twinkle/1.1 Content-Length: 0
SIP Process picture
14. 200 - OK
The server confirms the sender's (Bambou - 202) BYE message with an OK.
SIP/2.0 200 OK Via: SIP/2.0/UDP 192.168.1.106;branch=z9hG4bKassptnfl;received=192.168.1.106;rport=5060 From: "Bambou" < sip:202@192.168.1.222>;tag=kbcql To: < sip:203@192.168.1.222>;tag=as0de70729 Call-ID: jcaqhewsybtyksb@192.168.1.106 CSeq: 567 BYE User-Agent: Asterisk PBX Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY Contact: < sip:203@192.168.1.222> Content-Length: 0 X-Asterisk-HangupCause: Normal Clearing
15. BYE
The server tells the recipient (Babar - 203) that the sender (Bambou - 202) hanged up.
BYE sip:203@192.168.1.102:9097;rinstance=fc31ac7abb1cc558 SIP/2.0 Via: SIP/2.0/UDP 192.168.1.222:5060;branch=z9hG4bK07b32129;rport
From: "Bambou" < sip:202@192.168.1.222>;tag=as65501eef To: < sip:203@192.168.1.102:9097;rinstance=fc31ac7abb1cc558>;tag=115eda75 Call-ID: 4ddd4d6e5fc3aacf5e6994da26ac2f94@192.168.1.222 CSeq: 103 BYE User-Agent: Asterisk PBX Max-Forwards: 70 Content-Length: 0
16. 200 - OK
The recipient (Babar - 203) confirms the BYE message with an OK.
SIP/2.0 200 OK Via: SIP/2.0/UDP 192.168.1.222:5060;branch=z9hG4bK07b32129;rport=5060 Contact: < sip:203@192.168.1.102:9097;rinstance=fc31ac7abb1cc558> To: <
sip:203@192.168.1.102:9097;rinstance=fc31ac7abb1cc558>;tag=115eda75 From: "Bambou"< sip:202@192.168.1.222>;tag=as65501eef Call-ID: 4ddd4d6e5fc3aacf5e6994da26ac2f94@192.168.1.222 CSeq: 103 BYE User-Agent: X-Lite release 1011s stamp 41150 Content-Length: 0
SIP Process picture
Top of the page
3. SDP
SDP is closely related to SIP.The Wireshark capture is the same one used to illustrate the SIP initialization and closure processes.
Below, the SIP message header of the first capture line (INVITE) containing SDP infomation (in bold).
INVITE sip:203@192.168.1.222 SIP/2.0 Via: SIP/2.0/UDP 192.168.1.106;rport;branch=z9hG4bKmazrqogm Max-Forwards: 70 To: < sip:203@192.168.1.222> From: "Bambou" < sip:202@192.168.1.222>;tag=kbcql Call-ID: jcaqhewsybtyksb@192.168.1.106 CSeq: 565 INVITE Contact: < sip:202@192.168.1.106> Content-Type: application/sdp Allow: INVITE,ACK,BYE,CANCEL,OPTIONS,PRACK,REFER,NOTIFY,SUBSCRIBE,INFO,MESSAGE Supported: replaces,norefersub,100rel User-Agent: Twinkle/1.1 Content-Length: 307
v=0 o=201 2086878285 1015399812 IN IP4 192.168.1.106 s=- c=IN IP4 192.168.1.106 t=0 0 m=audio 8000 RTP/AVP 98 97 8 0 3 101 a=rtpmap:98 speex/16000 a=rtpmap:97 speex/8000 a=rtpmap:8 PCMA/8000 a=rtpmap:0 PCMU/8000 a=rtpmap:3 GSM/8000 a=rtpmap:101 telephone-event/8000 a=fmtp:101 0-15 a=ptime:20
Top of the page
4. RTP
The RTP protocol is used to transport the voice data and thus enable to two people to speak together.
Top of the page
5. RTCP
RTCP is used in conjunction with RTP to check the communication quality.
Top of the page
6. CHECKS
Extended statistics can be obtained in the "reports" sections of the FreePBX interface.
Call logs:
Daily load:
Recommended