SIP - Protocol Analysis

Engineering personnel, software developers, 2nd and 3rd level technical support personnel

This course goes beyond the SIP architecture and focuses on a functional analysis SIP. The protocol is examined closely using many call flow examples which offer a very practical understanding of SIP's function. Important protocols that are closely utilized by SIP are also examined closely, such as DNS, RTP, ENUM, and SDP. Each SIP header is analyzed at an appropriate level to clearly illustrate how SIP functions.

The lab exercises will build proficiency with the use a protocol analyzer as you study how SIP functions in dozens of different call situations.

1. SIP Uniform Resource Indicators (URIs)

• Generic URI Information (RFC 2396)
• Direct or Proxy
• PSTN Number (RFC 2808)
• Instant Messaging
• Presence
• In Registrations

2. SIP Headers

• Via:, Branch, Max-Forwards:, SIP Dialog (To, From, tag= fields, Call-ID:)
• CSeq, Proxy-Authenticate:, Proxy-Authorize:, Contact: Expires:
• User-Agent:, Content-Length:, Allow:, Supported:, P-Access-Network-Info
• P-Charging-Vector:, P-Preferred-Identity:, P-Asserted-Identity:, Authorization:
• Security-Client:, Security-Server:, Content-Type:

3. Session Description Protocol (SDP)

• Session Parameters
• SDP Format
• Extending SDP
• SDPng
• Media Negotiation
• Changing Session Parameters
• Controlling the Media

4. SIP and the DNS - How to use the DNS to find the called party

• DNS basics – What the following are and what important things they are missing
  • A-record
  • SOA
  • NS record
  • MX record (important for comparison to the SRV record)
• The SRV record
  • Why we need it
  • What the SRV record is: RFC2782
  • How SIP uses the SRV record - RFC3263 Locating SIP servers
  • How to configure a SRV record
• The NAPTR record
  • Why we need it
  • What the NAPTR record is: RFC 2915
• ENUM
  • Why we need it
  • How ENUM uses NAPTR: RFC 3761: ENUM Protocol
  • How SIP uses ENUM

5. SIP and DHCP

• DHCP service (RFC 2131)
• DHCP option for SIP servers (RFC 3361)

6. SIP Call Flow Examples

• Call Attempt – Unsuccessful
  • CODEC Mismatch
  • Looping
  • Authentication failure
• Presence Subscription
• Registration with Authentication
• Presence Notification
• Instant Message Exchange
• Call Setup - Successful
• Call Hold
• Call Forward no answer
• Call Forward busy
• Call Forward all
• Call Transfer
• Unified Messaging
• RFC3515 Refer method
• RFC3725 3rd party call control

7. SIP Call Routing

• At Registration
• Creation of via-path for Response Routing
• Response Merging
• Loose Routing/Strict Routing
• Record Route Header
• Control Models
• Third-Party Call Control

8. RTP and Real-Time Control Protocol (RTCP)

• Dealing Packet Loss, Latency, Jitter
• How RTP Defines the Session
  • Session Description Protocol
  • The RTP Profile
  • The RTP Payload Type Field
  • RTP Telephony Events (RFC 2833)
• How RTP Removes Jitter
• How RTP Handles Packet Loss
• How RTP Identifies the Talking Party
• How RTP Handles Silence Suppression
• How RTP Handles Fixed Length Packets (Padding)
• How RTP is Used to Mix Voice (Conference Calls)
• The RTP Header
• RFC 2833 Protocol
• RTP Control Protocol
  • SDES
  • Sender/Receiver Reports
  • Bye Reports

9. DTMF Handling

• Inband
• RFC 2833
• SIP INFO

10. Presence

• SIMPLE - SIP for Instant Messaging and Presence Leveraging Extensions
• Terminology
• Framework
• Resource List Manipulation Requirements
• Authorization Policy Manipulation
• Acceptance Policy Requirements
• Notification Requirements
• Content Requirements
• General Requirements

11. SIP Timers

• T1, T2, T4
• Timer A – K

12. Security

• Security for Call Setup
• Authentication
• S/MIME
• TLS

13. NAT Traversal

• How NAT operates on SIP and SDP
• NAT types
• STUN
• TURN
• ICE

14. The IMS Architecture

• IMS and SIP
• Standards bodies, 3GPP/3GPP2, IETF, Open Mobile Alliance (OMA), TISPAN
• Components
  • HSS
  • Proxy-CSCF, Serving-CSCF, Interrogating-CSCF

HAND-ON LABs
1 Configure a DNS to support SIP and ENUM
2 Route MESSAGE, SUBSCRIBE, and NOTIFY using the BREKE SIP Proxy
3 Configure CounterPath X-Lite SIP Client for IM and PRESENCE
4 Configure trixbox
5 Perform Call traces

• SIP REGISTER without authentication
• SIP REGISTER with authentication
• SRV and NAPTR queries
• Simple SIP Call without INVITE authentication
• SIP call with INVITE authentication
• 100rel (PRACK)
• Busy call
• CODEC Mismatch
• Vacant Number (Call a number that does not exist)
• Abandoned Call (Hang up on an unanswered call)
• DTMF - SIP INFO
• DTMF - RFC 2833
• DTMF – in band
• Response 405 (example: X-lite phone, DTMF not supported)
• SIP NOTIFY (voice mail indication example)
• Call Forward Immediate
• Call Forward No Answer
• Call Transfer (REFER)
• Statistics included in the BYE (Improves QoS management)
• Forking (Multiple Proxy)
• NAT Traversal (RTP Relay)
• NAT Traversal (STUN)
• SIP Timers effect on call processing
• SIP calls on a bad wireless network
• Call park and retrieve
• Conference

6 Configure SIPp testing scripts

• Malformed packets Test error handling