11 TAC2000/2000.7

LABORATORY 117

Outline of the Hands-on Tutorial

SIP User-AgentSIP User-AgentRegisterRegisterMake callsMake calls

Fault-Finding ToolsFault-Finding ToolsObserve the Packets of SIP MessagesObserve the Packets of SIP Messages

SIP Registrar/Proxy ServerSIP Registrar/Proxy ServerConfiguring SER (SIP Express Router)Configuring SER (SIP Express Router)

How do you know other SIP islandsHow do you know other SIP islandsDNS SRV/ENUM/ISNDNS SRV/ENUM/ISN

How to authenticate usersHow to authenticate users LDAP, RADIUSLDAP, RADIUS

http://Download.ipv6.club.tw/APAN21/http://Download.ipv6.club.tw/APAN21/

22 TAC2000/2000.7

LABORATORY 117

SIP UAs and

SIP Message Analysis

Quincy WuQuincy Wu

National Chi Nan UniversityNational Chi Nan University

Email: solomon@ipv6.club.twEmail: solomon@ipv6.club.tw

33 TAC2000/2000.7

LABORATORY 117

Exercise 1: SIP UA operations

Download & Install SIP UADownload & Install SIP UA Download & Install EtherealDownload & Install Ethereal Packet Analysis Using EtherealPacket Analysis Using Ethereal

SIP signaling flowSIP signaling flowRTP trafficRTP trafficSIP headersSIP headersSDP ContentsSDP ContentsCall Hold/RetrieveCall Hold/Retrieve

44 TAC2000/2000.7

LABORATORY 117

Windows-based SIP UA

Microsoft Windows MessengerMicrosoft Windows Messenger NBEN UANBEN UA X-LiteX-Lite

55 TAC2000/2000.7

LABORATORY 117

SIP UA – Windows Messenger

By default, Windows XP installs Windows By default, Windows XP installs Windows Messenger Version Messenger Version 4.74.7

There are two messengers from MicrosoftThere are two messengers from Microsoft MSN Messenger 6.2, 7.0MSN Messenger 6.2, 7.0 Windows Messenger 4.7, 5.1Windows Messenger 4.7, 5.1

Inside Windows Messenger - How it Inside Windows Messenger - How it CommunicatesCommunicates http://www.microsoft.com/technet/http://www.microsoft.com/technet/

prodtechnol/winxppro/evaluate/prodtechnol/winxppro/evaluate/insid01.mspxinsid01.mspx

66 TAC2000/2000.7

LABORATORY 117

Step 1: Configure

77 TAC2000/2000.7

LABORATORY 117

Step 2: REGISTER

88 TAC2000/2000.7

LABORATORY 117

Step 3: Make A Call

99 TAC2000/2000.7

LABORATORY 117

Step 4: Ringing

1010 TAC2000/2000.7

LABORATORY 117

Step 5: Conversation

1111 TAC2000/2000.7

LABORATORY 117

Step 6: Answer A Call

1212 TAC2000/2000.7

LABORATORY 117

SIP UA – NBEN UA NBEN UA is a SIP User Agent NBEN UA is a SIP User Agent

which provides easy interface for which provides easy interface for IP telephony.IP telephony.

This software was developed as a This software was developed as a tool for VoIP tutorials in Taiwan.tool for VoIP tutorials in Taiwan.

You can type the digits and make You can type the digits and make phone calls directly, without phone calls directly, without typing the complete SIP URI typing the complete SIP URI ((sip:0944021021@sip.ipv6.club.tw:5060sip:0944021021@sip.ipv6.club.tw:5060))

It supports features like It supports features like Hold/Retrieve, Redial, Speed Dial, Hold/Retrieve, Redial, Speed Dial, Transfer.Transfer.

1313 TAC2000/2000.7

LABORATORY 117

Features NBEN UA runs on Windows 2000/XP/2003.NBEN UA runs on Windows 2000/XP/2003. Both signaling and media data are transported on UDP.Both signaling and media data are transported on UDP.

SIP: port 5060SIP: port 5060 RTP: port 9000RTP: port 9000

Supported audio codec:Supported audio codec: G.711 (64Kbps)G.711 (64Kbps) G.729 (8Kbps)G.729 (8Kbps) G.723.1 (6.3Kbps)G.723.1 (6.3Kbps)

1414 TAC2000/2000.7

LABORATORY 117

Download NBEN SIP UA Download link & Installation guide can be found at Download link & Installation guide can be found at http:/http://voip/voip

.ipv6.club.ipv6.club.tw.tw/Download//Download/ Phone numbers are assigned in a separate configuration file.Phone numbers are assigned in a separate configuration file.

Try to call each other and see the signaling of SIP.Try to call each other and see the signaling of SIP. Each SIP UA is required to possess a public IP address.Each SIP UA is required to possess a public IP address.

A patch is available to traverse NAT by utilizing STUN.A patch is available to traverse NAT by utilizing STUN.

1515 TAC2000/2000.7

LABORATORY 117

SIP UA - X-Lite X-Lite - The Best Free Softphone X-Lite - The Best Free Softphone A FREE premium SIP softphone with many PBX-like A FREE premium SIP softphone with many PBX-like

features.features. Open standards-based design (SIP) allows for maximum Open standards-based design (SIP) allows for maximum

network interoperation and integration.network interoperation and integration. Download from http://www.xten.com/Download from http://www.xten.com/

1616 TAC2000/2000.7

LABORATORY 117

Features Touch-tones [DTMF] Touch-tones [DTMF] 3 3 Lines, Multiple Proxies Lines, Multiple Proxies Line Hold Line Hold Inbound Call 'Ignore' Inbound Call 'Ignore' Inbound Call 'Go to Voicemail' Inbound Call 'Go to Voicemail' Dial/ Redial/Hangup Dial/ Redial/Hangup Caller ID [SIP ID] Caller ID [SIP ID] Call Timer Call Timer MuteMute Microphone & Speakers Levels Microphone & Speakers Levels Microphone & Speakers Meters Microphone & Speakers Meters Recent Calls Dialed Recent Calls Dialed Recent Calls ReceivedRecent Calls Received Speed DialSpeed Dial

G.711u+a/iLBC/GSM codecs G.711u+a/iLBC/GSM codecs NAT/Firewall support NAT/Firewall support Specify NAT IP to be written in Specify NAT IP to be written in

SIP messagesSIP messages Supports Windows Supports Windows

98SE/NT4/ME/2000/XP98SE/NT4/ME/2000/XP

1717 TAC2000/2000.7

LABORATORY 117

Step 1: Configuration

1818 TAC2000/2000.7

LABORATORY 117

Step 2: Make/Receive Calls Automatically send a Automatically send a

REGISTER request to registrar REGISTER request to registrar when the program starts up.when the program starts up.

Dial digits, and domain realm Dial digits, and domain realm will be appended automatically.will be appended automatically.

1919 TAC2000/2000.7

LABORATORY 117

Packets Capturing &

Analyzing

2020 TAC2000/2000.7

LABORATORY 117

Fault-Finding Tools EtherealEthereal

GUI on Windows XP/Linux/FreeBSDGUI on Windows XP/Linux/FreeBSD

Tcpdump/tEthereal/ngrepTcpdump/tEthereal/ngrep Plaintext on Linux/FreeBSDPlaintext on Linux/FreeBSD

SIPSAKSIPSAK ““Traceroute” of SIPTraceroute” of SIP

2121 TAC2000/2000.7

LABORATORY 117

Ethereal – What Is It? Every network manager at some time or other needs a Every network manager at some time or other needs a

tool that can capture packets off the network and tool that can capture packets off the network and analyze them. analyze them.

In the past, such tools were either very expensive, In the past, such tools were either very expensive, proprietary, or both.proprietary, or both.

With the advent of Ethereal, all that has changed. With the advent of Ethereal, all that has changed.

"A rose by any other name would smell as sweet.""A rose by any other name would smell as sweet." - William Shakespeare- William Shakespeare

2222 TAC2000/2000.7

LABORATORY 117

Features of Ethereal

Available for UNIX and Windows. Available for UNIX and Windows. Capture and display packets from any interface on a UNIX system. Capture and display packets from any interface on a UNIX system. Display packets captured under a number of other capture Display packets captured under a number of other capture

programs: programs: tcpdump tcpdump Network Associates Sniffer and Sniffer Pro Network Associates Sniffer and Sniffer Pro NetXray NetXray Microsoft Network Monitor Microsoft Network Monitor

Filter packets on many criteria. Filter packets on many criteria. Colorize packet display based on filters Colorize packet display based on filters Allow people to add new protocols to Ethereal.Allow people to add new protocols to Ethereal.

2323 TAC2000/2000.7

LABORATORY 117

Where to Get Ethereal

Official site: Official site: http://www.ethereal.com/http://www.ethereal.com/ Local mirror: Local mirror: http:/http://voip/voip.ipv6.club.ipv6.club.tw.tw/Download//Download/

2424 TAC2000/2000.7

LABORATORY 117

Install Ethereal under Windows

Install WinPcap 3.1.Install WinPcap 3.1.WinPcap is an architecture for packet capture and network WinPcap is an architecture for packet capture and network

analysis for the Win32 platforms. analysis for the Win32 platforms. It includes It includes

a kernel-level packet filter, a kernel-level packet filter, a low-level dynamic link library (packet.dll), and a low-level dynamic link library (packet.dll), and a high-level and system-independent library (wpcap.dll, based on a high-level and system-independent library (wpcap.dll, based on

libpcap version 0.6.2) libpcap version 0.6.2)

Install Ethereal 0.10.13. Install Ethereal 0.10.13.

2525 TAC2000/2000.7

LABORATORY 117

Starting Ethereal

2626 TAC2000/2000.7

LABORATORY 117

Capturing packets with Ethereal

2727 TAC2000/2000.7

LABORATORY 117

The Capture Preferences dialog box

2828 TAC2000/2000.7

LABORATORY 117

Stop after you have collected enough packets

2929 TAC2000/2000.7

LABORATORY 117

File – Save As

3030 TAC2000/2000.7

LABORATORY 117

Show Packet in New Window

3131 TAC2000/2000.7

LABORATORY 117

Capture Filters

3232 TAC2000/2000.7

LABORATORY 117

Filtering While Capturing

3333 TAC2000/2000.7

LABORATORY 117

Syntax of the tcpdump capture filter language

[[not] not] primitiveprimitive [and|or [not] [and|or [not] primitiveprimitive ...] ...] tcp port 23 and host 10.0.0.5tcp port 23 and host 10.0.0.5 tcp port 23 and not host 10.0.0.5tcp port 23 and not host 10.0.0.5

tcpdumptcpdump filter language is explained in the man page. filter language is explained in the man page.

3434 TAC2000/2000.7

LABORATORY 117Capturing SIP signaling(filter: udp port 5060)

3535 TAC2000/2000.7

LABORATORY 117

SIP Call Establishment It is simple, which contains a number of interim responses.It is simple, which contains a number of interim responses.

a

b

c

d

e

f

g

INVITE

Ringing

OK

ACK

Conversation

BYE

OK

3636 TAC2000/2000.7

LABORATORY 117Basic Call Flow

3737 TAC2000/2000.7

LABORATORY 117

3838 TAC2000/2000.7

LABORATORY 117

3939 TAC2000/2000.7

LABORATORY 117

4040 TAC2000/2000.7

LABORATORY 117

REGISTER

4141 TAC2000/2000.7

LABORATORY 117

200 OK

4242 TAC2000/2000.7

LABORATORY 117

INVITE

4343 TAC2000/2000.7

LABORATORY 117

SDP in INVITE

4444 TAC2000/2000.7

LABORATORY 117

200 OK

4545 TAC2000/2000.7

LABORATORY 117

SDP in 200 OK

4646 TAC2000/2000.7

LABORATORY 117

ACK

4747 TAC2000/2000.7

LABORATORY 117

Capturing the packets of Media Data

4848 TAC2000/2000.7

LABORATORY 117

RTP Traffic (udp port 9000)

What’s wrong?What’s wrong?

4949 TAC2000/2000.7

LABORATORY 117

Tools – Decode As RTP

5050 TAC2000/2000.7

LABORATORY 117

Display Filter

5151 TAC2000/2000.7

LABORATORY 117

Display – Colorize Display

5252 TAC2000/2000.7

LABORATORY 117

Emphasize the packets you are interested in

5353 TAC2000/2000.7

LABORATORY 117

Hold/Unhold of NBEN UA

5454 TAC2000/2000.7

LABORATORY 117

Hold

5555 TAC2000/2000.7

LABORATORY 117

Retrieve

5656 TAC2000/2000.7

LABORATORY 117

Summary We demonstrate the functions of Windows Messenger and We demonstrate the functions of Windows Messenger and

NBEN UA, which are two SIP User Agents with friendly user NBEN UA, which are two SIP User Agents with friendly user interface.interface.

We demonstrate the functions of Ethereal, which is a powerful We demonstrate the functions of Ethereal, which is a powerful tool for packets capturing & analyzing:tool for packets capturing & analyzing: Capture FiltersCapture Filters Colorized PacketsColorized Packets

Practice using this tool to capture SIP signaling in the following Practice using this tool to capture SIP signaling in the following call flowscall flows REGISTER – REGISTER – 200 OK200 OK INVITE – INVITE – 200 OK200 OK - ACK - ACK BYE – BYE – 200 OK200 OK Hold/RetrieveHold/Retrieve