8/10/2019 SIP Registration Process

1/2

Registration:

Before we describe the flow of a typical SIP call, let's have a look at how SIP user agentsregister with a SIP registrar. The example below shows a situation where an SIP softphone(namely, the Ekiga client) registers with an Asterisk PBX. The Asterisk's IP address is

10.10.1.99, while the client is at 10.10.1.13 and wants to register the telephone number13.

In order to register, the SIP telephone needs the send the REGISTER request:

The registrar server will immediately reply with the provisional response "100 Trying". This

indicates that the request has been received (and thus the client does not need toretransmit it) and that it is being processed. While processing the request, the registrardiscovers that the user agent needs to authenticate. It therefore responds with "401

Unauthorized". For the user agent, this means that it has to send the REGISTER requestonce more, this time providing authentication.

REGISTER sip: 10.10.1.99 SIP/2.0CSeq: 1 REGISTER

Via: SIP/2.0/UDP 10.10.1.13:5060;branch=z9hG4bK78946131-99e1-de11-8845-080027608325;rport

User-Agent: Ekiga/3.2.5From:

;tag=d60e6131-99e1-de11-8845-080027608325Call-ID: e4ec6031-99e1-de11-8845-080027608325@vvt-laptopTo:

Contact: ;q=1

Expires: 3600Content-Length: 0Max-Forwards: 70

We probably do not need to show the "100 Trying" response. The text of the "401Unauthorized" message is as follows:

SIP/2.0 401 Unauthorized

Via: SIP/2.0/UDP 10.10.1.13:5060;branch=z9hG4bK78946131-99e1-de11-8845-080027608325;

received=10.10.1.13;rport=5060

From: ;

tag=d60e6131-99e1-de11-8845-080027608325

8/10/2019 SIP Registration Process

2/2

To: ;tag=as5489aeadCall-ID: e4ec6031-99e1-de11-8845-080027608325@vvt-laptop

CSeq: 1 REGISTER

User-Agent: Asterisk PBXSupported: replacesWWW-Authenticate: Digest realm="atlanta.example.com", qop="auth",

nonce="ea9c8e88df84f1cec4341ae6cbe5a359", opaque="", stale=FALSE,

algorithm=MD5Content-Length: 0

In the "401 Unauthorized" response, the important header is WWW-Authenticate:. It

instructs the client to authenticate using the digest authentication (RFC2617). The nonce(a

short for "number used once") parameter is a "challenge string". The client will combine the

challenge string with the user's password and compute the MD5 hash of the resulting string.The server will compute its own hash using the same method and compare it with the MD5

hash provided by the client. The digest authentication is the most frequently used method

because the password is never sent over the network in plain text. The "basic"authentication has been deprecated in SIP 2.0 as it is insecure (sending a password in plaintext is generally a bad idea).

The realm parameter indicates the domain of the proxy server, so that the client knowswhich password to use. The qop (quality of protection)parameter indicates that the

server supports integrity protection for either the request line alone (auth) or for both therequest line and the message body (auth-int).

Once the client computes the MD5 digest, it will re-send the REGISTER request. Themessage will look like this:

REGISTER sip: 10.10.1.99 SIP/2.0

CSeq: 2 REGISTERVia: SIP/2.0/UDP 10.10.1.13:5060;

branch=z9hG4bK32366531-99e1-de11-8845-080027608325;rport

User-Agent: Ekiga/3.2.5From: ;

tag=d60e6131-99e1-de11-8845-080027608325Call-ID: e4ec6031-99e1-de11-8845-080027608325@vvt-laptop

To: Contact: ;q=1

Authorization: Digest username="bob", realm="atlanta.example.com"nonce="ea9c8e88df84f1cec4341ae6cbe5a359", opaque="",

uri="sips: ss2.biloxi.example.com",

response="dfe56131d1958046689d83306477ecc"Expires: 3600Content-Length: 0

Max-Forwards: 70

The registrar server will again first respond with "100 Trying" and then compare the two

MD5 hashes (the one provided by the client with the one computed by the registrar itself).If they match, the registrar will respond with "200 OK" and insert the endpoint to the

location database. The database is usually shared between the registrar and the proxy

server so that the proxy can use it to contact users. The response "200 OK" contains oneimportant parameter, Expires.It tells the client that the registration will expire after thegiven number of seconds and the client will be required to register again.

http://www.ietf.org/rfc/rfc2617.txthttp://www.ietf.org/rfc/rfc2617.txthttp://www.ietf.org/rfc/rfc2617.txthttp://www.ietf.org/rfc/rfc2617.txt