Sip Detailed , Call flows , Architecture descriptions , SIP services , sip security , sip...

SIPSIP

Original Slides by Alan Johnston and Henry Sinnreich, MCI (at VON’03)

ALTANAI BISHTtara181989@gmail.comhttp://altanaitelecom.wordpress.com

Contents

SIP OverviewSIP Overview SIP in detailSIP in detail SIP Call Flow Scenarios SIP Security SIP Programming

SIP Overview

What SIP is, Multimedia Protocol Stack, Short History and Related Protocols are included.

Why packet switching? Why SIP?

0102030405060708090

1980 1985 1987 1990 1995 2000 2001

electromechanalogdigital

Technology evolution of PSTN

Session Initiation Protocol OverviewSession Initiation Protocol Overview

Application Layer Signaling Protocol Used to establish, modify, and terminate

multimedia sessions Part of Internet Multimedia Architecture Can use UDP, TCP, TLS, SCTP, etc. Based on HTTP (Web)

Similar text-based structure Uses URIs (Uniform Resource Indicators)

Applications include (but not limited to): Voice, video, gaming, instant messaging,

presence, call control, etc.

Security & Privacy

SIP Authentication Challenge/Response based on shared secret - SIP

Digest Mechanism also used by HTTP Used for client devices

Encryption using private/public keys Used between servers

Privacy and security SIP signaling can be encrypted

S/MIME (Secure/Multipurpose Internet Mail Extensions) Defined in RFC 2633

SIP can be transported over IPSec

Defined in RFC 2401 TLS (Transport Layer Security)

Defined in RFC 2246

Internet Multimedia ProtocolsInternet Multimedia Protocols

SIP Requests and ResponsesSIP Requests and Responses

SIP Responses use a numerical code and a “reason phrase”

1xx Informational2xx Final3xx Redirection4xx Client Error5xx Server Error6xx Global Failure

SIP Request types are called “methods”

INVITEACKOPTIONSCANCELBYEREGISTER

Related Protocols: SDPRelated Protocols: SDP

SIP carries (encapsulates) SDP messages SDP specifies codecs and media termination

points Only one of many possible MIME attachments

carried by SIP SDP – Session Description Protocol

Used to describe media session. Carried as a message body in SIP messages. Is a text-based protocol Uses RTP/AVP Profiles for common media types Defined by RFC 2327

E.g. RFC 3551 “RTP Profile for Audio and Video Conferences with Minimal Control”

Related Protocol: RTP

RTP – Real-time Transport Protocol Used to transport media packets over IP RTP adds a bit-oriented header containing:

name of media source timestamp codec type sequence number

Defined by H. Schulzrinne et al, RFC 1889. Profiles defined by RFC 1890. RTCP for exchange of participant and quality

reports.

SIP Uniform Resource Indicators (URIs)SIP Uniform Resource Indicators (URIs)

Same form as email addresses: user@domain Two URI schemes:

sip:henry@siptest.mci.com is a SIP URIMost common form introduced in RFC 2543 sips:henry@siptest.mci.com is a Secure SIP URI

New scheme introduced in RFC 3261Requires TLS over TCP as transport for security

Two types of SIP URIs: Address of Record (AOR) (identifies a user)

sip:henry@mci.com (Needs DNS SRV records to locate SIP Servers for mci.com domain) Contact (identifies a device and is usually a Fully Qualified

Domain Name, FQDN) sip:henry@127.24.45.4 or sip:henry@cube43.lab.mci.com (Which

needs no resolution for routing)

SIP “Trapezoid”

Outbound Proxy Server

User Agent B

Inbound Proxy Server

User Agent A

Media (RTP)

DNS Server

Location Server

SIP Elements – User Agents

Capable of sending and receiving SIP requests.

UAC – User Agent Client UAS – User Agent ServerEnd Devices

SIP phone PC/laptop with

SIP Client PDA mobile phone

PSTN Gatewaysare a type of User Agent

DNS Server

Location Server

User Agent BUser Agent A

Media (RTP)

SIP Elements – Proxy Servers

Forward or “proxy” requests on behalf of User Agents

Consult databases: DNS Location Server

Types: Stateless Transaction

Stateful Call Stateful

No media capabilities Ignore SDP.

Normally bypassed once dialog established, but can Record-Route to stay in path.

DNS Server

Location Server

Media (RTP)

SIP Elements – Other Servers

Location Server

Database of locations of SIP User Agents

Queried by Proxies in routing

Updated by User Agents by Registration

DNS Server

SRV (Service) Records used to locate Inbound Proxy Servers

DNS Server

Location Server

Media (RTP)

SIP Client and Server

SIP Elements are either User Agents (end devices that initiate and

terminate media sessions) Servers (that assist in session setup)

Proxies Registrars Redirect servers

A User Agent acts as a Client when it initiates a request (UAC) Server when it responds to a request (UAS)

SIP Registrar, 1 SIP server that can receive and process REGISTER requests A user has an account created which allows them to

REGISTER contacts with a particular server The account specifies a SIP “Address of Record (AOR)”

SIP Registrar, 2

SIP Registrars store the location of SIP endpoints Each SIP endpoint Registers

with a Registrar using it’s Address of Record and Contact address

Address of Record for John Smith in From: headerFrom: John Smith <sip:jsmith@zultys.com

Contact: header tells Registrar where to send messagesContact: John Smith <sip:jsmith@192.168.1.100>

SIP Proxies query SIP Registrars for routing information Incoming calls addressed to sip:jsmith@zultys.com

now routed by the Proxy to the Contact: header URL sip:jsmith@192.168.1.100

Proxy Server

SIP Proxy servers route SIP messages Stateless Proxies use stateless protocols like

UDP to talk to endpoints Low Proxy overhead Ephemeral connections, dropped as soon as message

is forwarded Stateful Proxies use TCP or other stateful

protocols to set up a permanent connection High Proxy overhead Endpoint connection must be set up, maintained and

torn down for the duration of the session

SIP Proxy Server SIP Server which acts on behalf of User

Agents Receives a SIP request Adds some headers Modifies some of the headers Forwards request to next hop server or client

Stateless vs. Stateful Proxy

Stateless Proxy Forwards every request downstream and response

upstream Keeps no state (does not have any notion of a transaction) Never performs message retransmissions Stateless proxies scale very well

can be very fast good for network cores

Stateful Proxy Maintains state information for the duration of either the:

Transaction (request) Transaction Stateful

Dialogue (from INVITE to BYE) Dialogue Stateful

Performs message retransmission

SIP Redirect Server Receives a request and returns a redirection

response (3xx) Contact header in response indicates where

request should be retried Similar to database query All Server types are logical NOT Physical

Locating SIP Servers

Manual provisioning DHCP SIP Option 120

RFC 3361 Multicast (deprecated) DNS SRV method

Get local domain name automatically from DHCP server Perform SRV record query through DNS on that domain

for _sip._udp.<domain name> Send SIP REGISTER message to resolved server

phone is up and running without user intervention

SIP in detail

Now, we are going to study SIP in detail including SIP Request, SIP Response and SIP Header

SIP Request Methods, 1

SIP used for Peer-to-Peer Communication though it uses a Client-Server model

Requests are called “methods” Six methods are defined in base RFC

3261: INVITE ACK OPTIONS BYE CANCEL REGISTER

SIP Request Methods, 2

REGISTER Register contact with Registrar

INVITE/ACK/BYE/CANCEL/UPDATE Creates, negotiates and tears down a call (dialogue)

MESSAGE Creates an Instant Messaging session

SUBSCRIBE Subscribe to a service (like message waiting

indication) NOTIFY

Notify a change in service state (new Voicemail)

SIP Methods - INVITE, 1

INVITE requests the establishment of a session

Carried in Message Body (SDP) Type of session IP Address Port Codec

SIP Methods - INVITE, 2

An INVITE during an existing session (dialogue) is called a re-INVITE

re-INVITEs can be used to Place calls on or remove calls from hold Change session parameters and codecs

The SIP UPDATE method is the proposed replacement for this technique

SIP Methods - ACK ACK completes the three way session setup

handshake (INVITE, final response, ACK) Only used for INVITE If INVITE did not contain media information

ACK must contain the media information

SIP Methods - OPTIONS

OPTIONS requests the capabilities of another User Agent

Response lists supported methods, extensions, codecs, etc.

User Agent responds to OPTIONS the same as if an INVITE (e.g. if Busy, returns 486 Busy Here)

Very basic presence information

SIP Methods – BYE and CANCEL

BYE terminates an established session User Agents stop sending media packets (RTP)

CANCEL terminates a pending session. INVITE sent but no final response (non-1xx)

yet received. User Agents and Proxies stop processing

INVITE Can be sent by a proxy or User Agent Useful for “forking proxy”

Parallel search using multiple registration Contacts. First successful wins, rest are cancelled.

SIP Methods - REGISTER

Registration allows a User Agent to upload current location and URLs to a Registrar

Registrar can upload into Location Service

Incoming requests can then be proxied or redirected to that location

Built in SIP support of mobility UAs do not need static IP addresses

Obtain IP address via DHCP, REGISTER indicating new IP Address as contact

SIP Request URI The Request-URI indicates the destination address

of the request Proxies and other servers route requests based on

Request-URI. The Request-URI is modified by proxies as the

address is resolved. INVITE sip:bob@biloxi.com SIP/2.0 Via: SIP/2.0/UDP pc33.atlanta.com;branch=z9hG4bK776asdhds Max-Forwards: 70 To: Bob <sip:bob@biloxi.com> From: Alice <sip:alice@atlanta.com>;tag=1928301774 Call-ID: a84b4c76e66710@pc33.atlanta.com CSeq: 314159 INVITE Contact: <sip:alice@pc33.atlanta.com> Content-Type: application/sdp Content-Length: 142

(Alice's SDP not shown)

Request-URI

SIP From and To Tags

Tags are pseudo-random numbers inserted in To or From headers to uniquely identify a call leg

INVITE request From header contains a tag

Any User Agent or Server generating a response adds a tag to the To header in the response To: sip:john@company.com;tag=123456

SIP Method - INFO

Used to transport mid-call signaling information

Only one pending INFO at a time Typical use - PSTN signaling message

carried as MIME attachment E.g. ISDN User-to-User information

Defined in RFC 2976

SIP Method - REFER

Indicates that recipient (identified by the Request-URI) should contact a third party using the contact information provided in the request

Typical Use: Call Transfer features Allowed outside an established dialogue

SIP Method - PRACK

Provisional Response ACKnowlegement Used to acknowledge receipt of

provisional response 183 Session Progress Does not apply to 100 Trying responses Only provisional responses 101-199 may be

sent reliably and acknowledged with PRACK If no PRACK sent, response retransmitted Defined in RFC 3262

SIP Methods – SUBSCRIBE and NOTIFY

SUBSCRIBE requests notification of when a particular event occurs Use Expires=0 to unsubscribe

A NOTIFY message is sent to indicate the event status

Sample Applications Presence Message waiting indication for voicemail

Defined in RFC 3265

SIP Method - MESSAGE

Extension to SIP for Instant Messaging (IM)

MESSAGE requests carry the content in the form of MIME body

parts use the standard MIME headers to identify

the content

SIP Responses

SIP Requests generate Responses with codes borrowed from HTTP

Classes: 1xx Informational 2xx Final 3xx Redirection 4xx Client Error 5xx Server Error 6xx Global Failure

Response example “404 Not Found”

SIP Responses: 1xx-3xx

SIP Response Code Brief Description100 Trying Request received and action is being taken180 Ringing UA received INVITE and is alerting user181 Call Is Being Forwarded Used by proxy to indicate call is being forwarded182 Queued Called party unavailable, call queued183 Session Progress Used in early media and QoS setup200 OK Request successful300 Multiple Choices Address resolved to several choices 301 Moved Permanently User can no longer be found at Req-URI address302 Moved Temporarily Temporarily cannot find user at Req-URI address305 Use Proxy Resource MUST be accessed through proxy.380 Alternative Service Call not successful. Alternatives possible.

SIP Responses: 4xxSIP Response Code Brief Description

400 Bad Request Request not understood due to malformed syntax401 Unauthorized Request requires user authentication402 Payment Required Reserved for future use403 Forbidden UAS understood request and refuses to fulfill it404 Not Found UAS finds that user doesn't exist in the domain 405 Method Not Allowed Method is understood but not allowed406 Not Acceptable Response content not allowed by Accept header407 Proxy Authentication Required Client must first authenticate itself with proxy408 Request Timeout UAS could not produce response in time410 Gone UAS resource unavailable; no forwarding addr.413 Request Entity Too Large Request contains body longer than UAS accepts414 Request-URI Too Long Req-URI longer than server is willing to interpret415 Unsupported Media Type Format of the body not supported by UAS416 Unsupported URI Scheme Scheme of URI unknown to server420 Bad Extension UAS not understand protocol extension 421 Extension Required UAS needs particular extension process request423 Registration Too Brief Contact header field expiration time too small480 Temporarily Unavailable UAS contacted successfully but user unavailable481 Call/Transaction Does Not Exist UAS Rx request not matching any existing dialog 482 Loop Detected UAS has detected a loop483 Too Many Hops UAS received request containing Max-Forwards=0484 Address Incomplete UAS Rx request with incomplete Request-URI 485 Ambiguous The Request-URI was ambiguous486 Busy Here UAS contacted successfully but user busy487 Request Terminated Request terminated by a BYE or CANCEL request488 Not Acceptable Here Same as 606 but only applies to addressed entity491 Request Pending UAS Rx req. & have pending req. for same dialog493 Undecipherable UAS Rx request with encrypted MIME body & not have decryption key

SIP Responses: 5xx-6xx

SIP Reponse Code Brief Description500 Server Internal Error UAS unexpected condition & cannot fulfill request501 Not Implemented UAS not support functionality to fulfill the request502 Bad Gateway UAS Rx invalid response from a downstream server503 Service Unavailable UAS can't process due to overload or maintenance504 Server Time-out UAS not Rx response from external server505 Version Not Supported UAS not support SIP version in request513 Message Too Large Message length exceeded UAS capabilities600 Busy Everywhere End systems contacted, user busy at all of them603 Decline End systems contacted, user explicitly decline604 Does Not Exist Anywhere UAS has information Req-URI user not exist606 Not Acceptable Some aspects of Session Desc. not acceptable

SIP Message DetailsSIP Message DetailsINVITE sip:wh@200.201.202.203 SIP/2.0INVITE sip:wh@200.201.202.203 SIP/2.0Via: SIP/2.0/UDP proxy.munich.de:5060;branch=z9hG4bK8542.1Via: SIP/2.0/UDP 100.101.102.103:5060;branch=z9hG4bK45a35h76Max-Forwards: 69To: Heisenberg <sip:w.heisenberg@munich.de>From: E. Schroedinger <sip:schroed5244@aol.com>;tag=312345Call-ID: 105637921@100.101.102.103CSeq: 1 INVITEContact: sip:schroed5244@100.101.102.103Content-Type: application/sdpContent-Length: 159

First line of a SIP message is Start Line which contains: the method or Request type: INVITE (session setup

request). the Request-URI which indicates who the request is for

sip:wh@200.201.202.203 Note: Request-URI can be either an AOR or Contact (FQDN) This Request-URI is a FQDN, but the initial Request-URI was

an AOR (same as To URI) the SIP version number SIP/2.0

SIP Headers

SIP Requests and Responses contain Headers (similar to Email headers) Required Headers

To From Via Call-ID CSeq Max-Forwards

Optional Headers: Subject, Date, Authentication (and many others)

SIP Message DetailsSIP Message DetailsINVITE sip:w.h@200.201.202.203 SIP/2.0Via: SIP/2.0/UDP proxy.munich.de:5060;branch=z9hG4bK8542.1Via: SIP/2.0/UDP proxy.munich.de:5060;branch=z9hG4bK8542.1Via: SIP/2.0/UDP 100.101.102.103:5060;branch=z9hG4bK45a35h76Via: SIP/2.0/UDP 100.101.102.103:5060;branch=z9hG4bK45a35h76Max-Forwards: 69To: Heisenberg <sip:w.heisenberg@munich.de>From: E. Schroedinger <sip:schroed5244@aol.com>;tag=312345 Call-ID: 105637921@100.101.102.103CSeq: 1 INVITEContact: sip:schroed5244@100.101.102.103Content-Type: application/sdpContent-Length: 159

Via headers show the path the request has taken The bottom Via header is inserted by the User Agent which

initiated the request Additional Via headers are inserted by each proxy in the path

The Via headers are used to route responses back the same wayRequired branch parameter contains a “cookie” (z9hG4bK) then a transaction-ID.

SIP Message DetailsSIP Message DetailsINVITE sip:w.h@200.201.202.203 SIP/2.0Via: SIP/2.0/UDP proxy.munich.de:5060;branch=z9hG4bK8542.1Via: SIP/2.0/UDP 100.101.102.103:5060;branch=z9hG4bK45a35h76Max-Forwards: 69Max-Forwards: 69To: Heisenberg <sip:w.heisenberg@munich.de>From: E. Schroedinger <sip:schroed5244@aol.com>;tag=312345 Call-ID: 105637921@100.101.102.103CSeq: 1 INVITEContact: sip:schroed5244@100.101.102.103Content-Type: application/sdpContent-Length: 159

Max-Forwards is a count decremented by each proxy that forwards the request.When count goes to zero, request is discarded and 483 Too Many Hops response is sent.Used for stateless loop detection.

SIP Message DetailsSIP Message DetailsINVITE sip:w.h@200.201.202.203 SIP/2.0Via: SIP/2.0/UDP proxy.munich.de:5060;branch=z9hG4bK8542.1Via: SIP/2.0/UDP 100.101.102.103:5060;branch=z9hG4bK45a35h76Max-Forwards: 69To: Heisenberg <sip:w.heisenberg@munich.de>To: Heisenberg <sip:w.heisenberg@munich.de>From: E. Schroedinger <sip:schroed5244@aol.com>;tag=312345 From: E. Schroedinger <sip:schroed5244@aol.com>;tag=312345 Call-ID: 105637921@100.101.102.103Call-ID: 105637921@100.101.102.103CSeq: 1 INVITEContact: sip:schroed5244@100.101.102.103Content-Type: application/sdpContent-Length: 159

Dialog (formerly called call leg) information is in headers:

To tag, From tag, and Call-ID (Note: Not URIs)To and From URIs usually contain AOR URIs.All requests and responses in this call will use this same Dialog information.Call-ID is unique identifier usually composed of

pseudo-random string “@” hostname or IP Address

SIP Message DetailsSIP Message Details

CSeq Command Sequence Number Initialized at start of call (1 in this example) Incremented for each subsequent request Used to distinguish a retransmission from a new

requestAlso contains the request type (method) - INVITE

INVITE sip:w.h@200.201.202.203 SIP/2.0Via: SIP/2.0/UDP proxy.munich.de:5060;branch=z9hG4bK8542.1Via: SIP/2.0/UDP 100.101.102.103:5060;branch=z9hG4bK45a35h76Max-Forwards: 69To: Heisenberg <sip:w.heisenberg@munich.de>From: E. Schroedinger <sip:schroed5244@aol.com>;tag=312345 Call-ID: 105637921@100.101.102.103CSeq: 1 INVITECSeq: 1 INVITEContact: sip:schroed5244@100.101.102.103Content-Type: application/sdpContent-Length: 159

SIP Message DetailsSIP Message DetailsINVITE sip:w.h@200.201.202.203 SIP/2.0Via: SIP/2.0/UDP proxy.munich.de:5060;branch=z9hG4bK8542.1Via: SIP/2.0/UDP 100.101.102.103:5060;branch=z9hG4bK45a35h76Max-Forwards: 69To: Heisenberg <sip:w.heisenberg@munich.de>From: E. Schroedinger <sip:schroed5244@aol.com>;tag=312345 Call-ID: 105637921@100.101.102.103CSeq: 1 INVITEContact: sip:schroed5244@100.101.102.103Contact: sip:schroed5244@100.101.102.103Content-Type: application/sdpContent-Length: 159

Contact header contains a SIP FQDN URI for direct communication between User Agents

If Proxies do not Record-Route, they can be bypassed

If Record-Route is present in 200 OK, then a Route header is present in all future requests in this dialog.

Contact header is also present in 200 OK response

SIP Message DetailsSIP Message Details

Content-Type indicates the type of message body attachment (others could be text/plain, application/cpl+xml, etc.)Content-Length indicates the octet (byte) count of the message body.Message body is separated from SIP header fields by a blank line (CRLF).

INVITE sip:w.h@200.201.202.203 SIP/2.0Via: SIP/2.0/UDP proxy.munich.de:5060;branch=z9hG4bK8542.1Via: SIP/2.0/UDP 100.101.102.103:5060;branch=z9hG4bK45a35h76Max-Forwards: 69To: Heisenberg <sip:w.heisenberg@munich.de>From: E. Schroedinger <sip:schroed5244@aol.com>;tag=312345 Call-ID: 105637921@100.101.102.103CSeq: 1 INVITEContact: sip:schroed5244@100.101.102.103Content-Type: application/sdpContent-Type: application/sdpContent-Length: 159Content-Length: 159

SDP Message Body DetailsSDP Message Body Details

v=0o=Tesla 289084526 28904529 IN IP4 lab.high-voltage.orgs=-c=IN IP4 100.101.102.103t=0 0m=audio 49170 RTP/AVP 0a=rtpmap:0 PCMU/8000

Version number (ignored by SIP) Origin (only version used by SIP - 28904529) Subject (ignored by SIP) Connection Data (IP Address for media - 100.101.102.103) Time (ignored by SIP) Media (type - audio, port - 49170, RTP/AVP Profile - 0) Attribute (profile - 0, codec - PCMU, sampling rate – 8000 Hz)

SIP Response DetailsSIP Response Details

Via, To, From, Call-ID, & CSeq are all copied from request.

To now has a tag inserted by UASContact and Message Body contain UAS information.

SIP/2.0 200 OKSIP/2.0 200 OKVia: SIP/2.0/UDP proxy.munich.de:5060;branch=z9hG4bK8542.1Via: SIP/2.0/UDP 100.101.102.103:5060;branch=z9hG4bK45a35h76To: Heisenberg <sip:w.heisenberg@munich.de>;tag=24019385tag=24019385From: E. Schroedinger <sip:schroed5244@aol.com>;tag=312345 Call-ID: 105637921@100.101.102.103CSeq: 1 INVITEContact: sip:wh@200.201.202.203Contact: sip:wh@200.201.202.203Content-Type: application/sdpContent-Length: 173

v=0v=0o=Heisenberg 2452772446 2452772446 IN IP4 200.201.202.203o=Heisenberg 2452772446 2452772446 IN IP4 200.201.202.203s=SIP Calls=SIP Callc=IN IP4 200.201.202.203c=IN IP4 200.201.202.203t=0 0t=0 0m=audio 56321 RTP/AVP 0m=audio 56321 RTP/AVP 0a=rtpmap:0 PCMU/8000a=rtpmap:0 PCMU/8000

SIP Call Flow Scenarios

As followings …

SIP Call Flow Scenarios

Call Attempt - Unsuccessful Presence Subscription Registration Presence Notification Instant Message Exchange Call Setup – Successful Call Hold Call Transfer

Call Flows and full message details: “SIP Basic Call Flow Examples” I-D by A. Johnston et al. “SIP Service Examples” I-D by A. Johnston et al.

SIP Call Setup Attempt Scenario

1. INVITE Contact: A SDP A

DNS Server Location Server

1. A “dials” SIP AOR URI sip:B@mci.com. User Agent A sends INVITE to outbound Proxy Server.

2. Outbound Proxy sends 100 Trying response.

2. 100 Trying

User Agent B (Not Signed In)

User Agent A

3. Outbound Proxy does DNS query to find proxy server for mci.com domain

4. DNS responds with IP address of mci.com Proxy Server

3. DNS Query: mci.com?

2. 100 Trying

4. Response: 1.2.3.4

User Agent A

5. Outbound Proxy sends INVITE to Inbound Proxy Server.

6. Inbound Proxy sends 100 Trying response.

2. 100 Trying

6. 100 Trying

User Agent A

7. Inbound Proxy consults Location Server.

8. Location Server responds with “Not Signed In.”

2. 100 Trying

6. 100 Trying

7. LS Query: B? 8. Response: Not Signed In

User Agent A

9. Inbound Proxy sends 480 Temporarily Unavailable response.

10. Outbound Proxy sends ACK response.

2. 100 Trying

6. 100 Trying

7. LS Query: B? 8. Response: Not Signed

9. 480 Temporarily Unavailable10. ACK

User Agent A

11. Outbound Proxy forwards 480 response to A.

12. A sends ACK response.

2. 100 Trying

6. 100 Trying

7. LS Query: B? 8. Response: Not Signed

9. 480 Temporarily Unavailable

11. 480 Temporarily Unavailable

10. ACK

12. ACK

User Agent A

SIP Presence Example

1. SUBSCRIBE

DNS ServerPresence

Server

1. A wants to be informed when B signs on, so sends a SUBSCRIBE

2. Outbound Proxy forwards to Inbound Proxy

3. Inbound Proxy forwards to B’s Presence Server

2. SUBSCRIBE

3. SUBSCRIBE

User Agent A

1. SUBSCRIBE

DNS ServerPresence

Server

4. Presence Server authorizes subscription by sending a 200 OK.

5. & 6. 200 OK proxied back to A.6. 200 OK

2. SUBSCRIBE

5. 200 OK

3. SUBSCRIBE 4. 200 OK

User Agent A

DNS ServerPresence

Server

7. Presence Server sends NOTIFY containing current presence status of B (Not Signed In).

8. and 9. NOTIFY is proxied back to A.

10. A acknowledges receipt of notification with 200 OK.

11. & 12. 200 OK is proxied back to B’s Presence Server.

10. 200 OK

11. 200 OK

7. NOTIFY <Not Signed In> 12. 200 OK

User Agent A

8. NOTIFY <Not Signed In>

9. NOTIFY <Not Signed In>

SIP Registration Example

DNS ServerLocation Server

2. Update database:B = B@2.3.4.5

1. REGISTER Contact: B@2.3.4.5

1. B signs on to his SIP Phone which sends a REGISTER message containing the FQDN URI of B’s User Agent.

2. Database update is sent to the Location Server

SIP Registration Example

DNS ServerLocation Server

2. Update database:B = B@2.3.4.5 3. OK

1. REGISTER Contact: B@2.3.4.5

4. 200 OK Contact: B@2.3.4.5

3. Location Server database update is confirmed.

4. Registration is confirmed with a 200 OK response.

DNS ServerPresence

Server

13. Presence Server learns of B’s new status from the Location Server and sends a NOTIFY containing new status of B (Signed In).

14. & 15. NOTIFY is proxied back to A.

16. A acknowledges receipt of notification with 200 OK.

17. & 18. 200 OK is proxied back to Presence Server.

16. 200 OK

17. 200 OK

18. 200 OK

13. NOTIFY <Signed In>

SIP Instant Message Scenario

1. MESSAGE <Can you talk now?>

1. A sends an Instant Message to B saying “Can you talk now?” in a MESSAGE request.

2., 3. & 4. MESSAGE request is proxied, Location Server queried.

5. Inbound Proxy forwards MESSAGE to B.

6. User Agent B responds with 200 OK.

7. & 8. 200 OK is proxied back to A.

8. 200 OK

7. 200 OK

3. LS Query: B? 4. Response: sip:B@2.3.4.5

6. 200 OK

SIP Instant Message Scenario

Location Server

DNS Server1. B sends an Instant

Message to A saying “Sure.” in a MESSAGE sent to A’s AOR URI.

2. & 3. DNS Server is queried.

4. Outbound Proxy forwards MESSAGE to Inbound Server.

5. & 6. Location Server is queried.

7. Inbound Proxy forwards to A.

8. User Agent A responds with 200 OK.

9. & 10. 200 OK is proxied back to B.

8. 200 OK

9. 200 OK

10. 200 OK

5. LS Query: A? 6. Response: sip:A@4.5.3.2

2. DNS Query: globalipcom.com?

7. MESSAGE <Sure.>

4. MESSAGE <Sure.>

1. MESSAGE <Sure.>

1. to 5. A retries INVITE to B which routes through two Proxy Servers.

6. Location Server responds with the FQDN SIP URI of B’s SIP Phone.

7. Inbound Proxy Server forwards INVITE to B’s SIP Phone.

2. 100 Trying

4. 100 Trying

5. LS Query: B 6. Response: sip:B@2.3.4.5

SIP Call Setup Scenario

10. 180 Ringing

8. User Agent B alerts B and sends 180 Ringing response.

9. & 10. 180 Ringing is proxied back to A.

9. 180 Ringing

8. 180 Ringing

10. 180 Ringing

11. B accepts call and User Agent B sends 200 OK response.

9. 180 Ringing

8. 180 Ringing

11. 200 OK Contact: B SDP B

10. 180 Ringing

14. ACK is sent by A to confirm setup call bypassing proxies.

Media session begins between A and B!

9. 180 Ringing

8. 180 Ringing

14. ACK

Media (RTP)

SIP Call Hold (re-INVITE)

DNS Server Location Server 15. B places A on

hold by sending a re-INVITE.

16. A accepts with a 200 OK.

17. B sends ACK to A.

No media between A and B.15. INVITE

SDP a=sendonly

17. ACK User Agent BUser Agent

16. 200 OK SDP A

SIP Call Transfer Scenario

20. NOTIFY <100 Trying>

21. 200 OK

18. B transfers A to C using REFER.

19. Transfer is accepted by A with 202 Accepted response.

20. Notification of trying transfer is sent to B in NOTIFY.

21. B sends 200 OK response to NOTIFY

18 REFER Refer-To: sip:C@mci.com

19. 202 Accepted

1. to 5. A sends new INVITE to C which routes through two Proxy Servers.

6. Location Server responds with the FQDN SIP URI of C’s SIP Phone.

7. Inbound Proxy Server forwards INVITE to C’s SIP Phone.

2. 100 Trying

4. 100 Trying

5. LS Query: C? 6. Response: sip:C@6.7.8.9

User Agent C

1. INVITE Contact: A Ref-By: B SDP A

10. 180 Ringing

DNS Server Location Server 8. User Agent C

alerts C and sends 180 Ringing response.

9. & 10. 180 Ringing is proxied back to A.

11. C accepts call and sends 200 OK response.

14. ACK is sent by A to confirm setup call.

Media session between A and C begins.

9. 180 Ringing

8. 180 Ringing

14. ACK

User Agent CMedia (RTP)

User Agent BUser Agent

11. 200 OK Contact: C SDP C

20. Notification of successful transfer is sent to B in NOTIFY.

21. B sends 200 OK response to NOTIFY

22. B hangs up by sending a BYE.

23. 200 OK response to BYE is sent.

20. NOTIFY <200 OK>

21. 200 OK 22. BYE

23. 200 OK User Agent BUser Agent A

SIP Security

Authorization

SIP uses standard HTTP Digest Authentication with minor revisions Simple Challenge/Response scheme

REGISTER -> <- 407 Challenge + nonce REGISTER + MD-5 hash (pw + nonce) ->

<- 200 OK Password is never sent in the clear, just the MD-5 hash

generated with the password and nonce Defeats Man-in-the-middle attacks since source address

can’t be spoofed or second REGISTER will never arrive Required by many Internet Telephony Service

Providers (ITSPs) Service Provider supplies Username and password SIP leverages Digest Authentication features to do this

TLS and sips:

Implementation of TLS is mandatory for proxies, redirect servers and registrars

The ;transport=tls URI parameter value is deprecated A sips: URI scheme (otherwise identical to the sip:

scheme) indicates that all hops between the requestor and the resource identified by the URI must be encrypted with TLS.

If the request is retargeted once the resource is reached, it must use secured transports.

S/MIME

Provides end-to-end security of message body and/or headers.

Certificate identified by end user address Public key can be transported in SIP Entire message can be protected by “tunneling” the

message in an S/MIME body

Header Fields

Signature

Attacks

IPhreakers IP knowledge Known weaknesses Evolution 2600Hz -> voicemail/int’l GWs -> IP telephony Internal or external threat ? Targets: home user, enterprise, government, etc ?

Protocol implementations PROTOS

The human element

Attacks : denial of service

Denial of service Network Protocol (SIP INVITE) Systems / Applications Phone

Availability (BC/DR) Requires: power Alternatives (Business Continuity/Disaster Recovery) ? E911 (laws and technical aspect) GSM PSTN-to-GSM

Attacks : fraud

Call-ID spoofing

User rights takeover Fake authentication server

Effects Access to voicemail Value added numbers Social engineering Replay

Attacks: interception

Interception “Who talks with who” (Network sniffing, Servers (SIP, CDR,

etc) LAN

Physical access to the LAN ARP attacks Unauthenticated devices (phones and servers) Different layers (MAC address, user, physical port, etc)

Where to intercept ? Where is the user located ? Networks crossed ?

Lawful Intercept CALEA ETSI standard Architecture and risks

Attacks : systems

Systems Mostly none is hardened by default Worms, exploits, Trojan horses

Attacks : phone(S)IP phone

Startup DHCP, TFTP, etc.

Physical access Hidden configuration tabs

TCP/IP stacks Firmware/configuration Trojan horse/rootkit

Defense

Signaling: SIP Secure SIP vs SS7 (physical security)

Transport: Secure RTP (with MiKEY) Network: QoS [LLQ] (and rate-limit) Firewall: application level filtering Phone: signed firmware Identification: TLS

Clients by the server Servers by the client

3P: project, security processes and policies

SIP Programming

SIP based Application Interfaces

These include : JAIN SIP

Low level and very complex API CNRSIP API is one of available reference implementations.

SIP Servlets proposed within JAIN

SIP API for J2ME intermediate level API (minimal SIP knowledge required)

SIP CGI CPL ( Call Processing Language)

XML based

HTTP Servlets

HTTP Java Servlets Widely Used in Web Application Development

Applications Consist of Sets of HTTP Servlets, Each of Which Processes a Single Web Request in the Application

HTTP Servlets Return Web Pages to Display

HTTP Servlets Can Create “Session Data” e.g., shopping cart, that spans multiple

requests

“Container” Manages HTTP Servlet Lifecycles, Fault Tolerance, Session State

HTTP Servlets Collected into a War File – Web Archive

HTTP Servlets

Web Server

Developer

Deployer

War File

SIP Servlet API

Java extension API for SIP servers Similar in spirit to HTTP servlet API Server matches incoming messages against local rules in

order to decide which servlet to pass message to The API gives full control to servlets to handle SIP

messages, e.g. has full access to headers and body proxy or redirect requests respond to or reject requests forward responses upstream initiate requests

Servers may choose to provide constrained environment to selected servlets (e.g. using sandbox security model)

Basic SIP Servlet Model

S ervlet E ngine

S IP S erverreques ts

res ponses

reques ts

responses

s e rvle ts e rvle t

Location of SIP Server and servlet engine: in same Java Virtual Machine different process, same host different hosts: 1:1, 1:n, n:1, n:m

Example: Routing Services

Servlet proxies request to one or more destinations

- forwards response to caller

S erver

s e rvle tUA C UA S

S IP S IP

Example: Servlet as UAS

S erver

s e rvle t

Servlets can reject (screen) callsCan accept and set up media streams

Benefits of Servlet Model

Powerful: Full access to SIP signaling

Performance: No need to fork new process for each request The same servlet can handle many requests simultaneously

Safety: type checked; no pointers; exception handling Convenience:

high level abstractions. Tight integration with server: logging, security, location

database Lifecycle model allows servlets to

maintain state, e.g. database connections manage timers

Access to wide range of APIs

An Example: RejectServlet

import org.ietf.sip.*;

public class RejectServlet extends SipServletAdapter { protected int statusCode, reasonPhrase;

public void init(ServletConfig config) { super.init(config); try { statusCode = Integer.parseInt(getInitParameter("status-code")); reasonPhrase = getInitParameter("reason-phrase"); } catch (Exception _) { statusCode = SC_INTERNAL_SERVER_ERROR; } } public boolean doInvite(SipRequest req) { SipResponse res = req.createResponse(); res.setStatus(statusCode, reasonPhrase); res.send(); return true; } }

Relationship to JAIN SIP

JAIN SIP is a generic, low-level interface for accessing SIP services Can be used in

Clients Servers Gateways

Focuses purely on the protocol

Complete access to SIP capabilities

Supports transactions only SIP Servlet Container is a

particular application of JAIN SIP

SIP Protocol

SIP ServletContainer

JAIN SIP

SIP Servlet API

Relationship to JAIN SIP

Servlets focus on high volume carrier grade servers

Add significant, non-SIP protocol functions Lifecycle management Domain objects Context and configuration Deployment descriptors Archive files Synchronization primitives Security

Add significant SIP protocol functions Construction of requests and

responses from domain objects

Hide many parts of JAIN SIP Direct access to many headers

is not provided Write access to most

everything is often restricted Servlets should be defined to

allow a SIP container to be built using JAIN SIP SIP Objects in Servlet API

defined with interfaces that match JAIN SIP signatures

Cannot directly expose JAIN SIP objects, though

SIP CGI

Almost identical to HTTP CGI Language independent ( Perl, Tcl, C, C++, ... ) Any binary may be executed as a separate program

Suitable for services that contains substantial web content

Passes message parameters through environmental variables to a separate program.

More flexible but more risky

Feb. 1, 2001: RFC 3050 (Common Gateway Interface for SIP) published

Call Processing Language (CPL)

Designed by the IETF to support sophisticated telephony services

May be used by both SIP or H.323. XML based scripting language for describing controlling

call services Simple Syntax Extendible Easily edited by GUI tools Scripts runs on network SIP signaling server to create

end user services Lightweight CPL interpreter is need to parser & validate

scripts

CPL Example

A simple script that blocks anonymous callers

<?xml version="1.0" ?><!DOCTYPE cpl PUBLIC "-//IETF//DTD RFCxxxx CPL 1.0//EN" "cpl.dtd"><cpl> <incoming> <address-switch field="origin" subfield="user"> <address is="anonymous"> <reject status="reject" reason="I don't accept anonymous calls" /> </address> </address-switch> </incoming></cpl>

Sip Detailed , Call flows , Architecture descriptions , SIP services , sip security , sip...

Mobile

SIP Message Manipulation - AudioCodes · Reference Guide 6 Document #: LTRT-28648 SIP Message Manipulation List of Tables Table 2-1: Message Types Examples and Descriptions

[MS-SIP]: Session Initiation Protocol ExtensionsMS-SIP].pdfSession Initiation Protocol Extensions SIP. . SIP message.

1 TAC2000/2000.7 LABORATORY 117 Analyzing SIP Call Flows Dr. Quincy Wu National Chiao Tung University Email: solomon@ipv6.club.tw

sip report sip

SIP Call Flows - Cisco - Global Home · PDF fileB-2 Cisco Unified IP Phone 7960G and 7940G Administration Guide for Release 8.0 (SIP) OL-7890-01 Appendix B SIP Call Flows Call Flow

SIP Basics · Dennis Baron, January 5, 2005 np119 Page 2 Outline • What is SIP • SIP system components • SIP messages and responses • SIP call flows • SDP basics/CODECs

Cisco SIP IP Phone 7960 Administrator Guide · phone call flows and compliance information. Who Should Use This Guide Network engineers, system administrators, or telecommunication

Lync and Skype for Business SIP, Media and Call Flows · PDF fileSignaling Vs Media Once we understood what's modality, how it flows and Signaling Vs Media, it's the right time to

Enterprise architecturemyy.haaga-helia.fi/~ict2tn010/enterpriseArchitecture/TOGAF.pdf–process flows, architectural requirements, project plans, models, diagrams, descriptions,lists,

SIP Call Flows...Appendix B SIP Call Flows Call Flow Scenarios for Successful Calls B-4 Cisco SIP IP Phone 7960 Administrator Guide 78-10497-01 Step Action Description 1 Setup—PBX

MAX SIP - COMPLET SIP · TRUNK SIP 4 TRUNK SIP 8 TRUNK SIP 16 TRUNK SIP 32 TRUNK SIP 4 TRUNK SIP 8 TRUNK SIP 4-FTTH TRUNK SIP 8-FTTH MAX SIP COMPLET SIP 4 1 2000min. 100min.----15€-30€

Testing SIP Call Flows Using XML Protocol Templates · Testing SIP Call Flows Using XML Protocol Templates 37 sequences of exchanges are described as SIP Call Flows. Clearly call

MANAGING CALL FLOWS USING SIP - diginet.com Call Flows Using SIP.pdfMANAGING CALL FLOWS USING SIP Mark A. Miller, P.E. President DigiNet Corporation A technical briefing from: June

Course Descriptions -171- Course Descriptions

Session Initiation Protocol (SIP). Features of SIP SIP is a lightweight, transport-independent, text-based protocol. SIP has the following features: SIP

Model Descriptions CALPUFF Puff vs. Plumeanalysis and parameterized treatments of slope flows, kinematic terrain effects, terrain blocking effects, a divergence minimization procedure,

SIP Call Flows

Business Talk IP SIP - Technical Guide Shoretel 14 · 2018. 10. 15. · Notes: - in the diagram above, the SIP and proprietary internal flows are hidden. ... SIP User Agent IP Office

Take a sip of sip

Upperside SIP 2004: SIP Tutorial