NGNMM SIP Workshop - PowerPoint PPT Presentation
1 / 35
Title:
NGNMM SIP Workshop
Description:
Final : 2XX,3XX,4XX,5XX,6XX. 3. NGN-MM SIP Workshop. 3 ... Request/Status Linie. Headers. Tom linie. Besked Payload. SIP Besked Format. 10. NGN-MM SIP Workshop ... – PowerPoint PPT presentation
Number of Views:48
Avg rating:3.0/5.0
Title: NGNMM SIP Workshop
1
SESSION INITIATION PROTOCOL
2
The Basics - Protokollen
- SIP er en Request/Response protokol
- SIP Requests
- INVITE
- ACK
- OPTIONS
- BYE
- CANCEL
- REGISTER
- SIP Responses
- Provisional 1XX
- Final 2XX,3XX,4XX,5XX,6XX
3
The Basics - Sessions elementer
- Dialog
- Peer to Peer forbindelse mellem 2 UA
- Oprettes af fx. INVITE/2xx
- Nedlægges af fx. BYE
- Transaction
- INVITE/200 Ok er en transaktion
- INVITE/302 Moved/ACK er en transaktion
- ACK (til en INVITE/2xx) er en transaktion
- Inside/Outside Dialog
4
The Basics - SIP elementer
- User Agent (UA) - UAServer/UAClient
- SIP Servere
- SIP Proxy
- SIP Registrar
- SIP Redirect
- "Location Service"
5
The Basics - Proxy Funktionalitet
2 INVITE aab_at_aalborg.dk
1 INVITE aab_at_aalborg.dk
3 200 Ok
4 200 Ok
6
The Basics - Redirect Funktionalitet
2 302 Moved
1 INVITE aab_at_aalborg.dk
3 INVITE aab_at_odense.dk
4 200 Ok
7
The Basics - State or no State
- Call Stateful Proxy (Dialog)
- Record Route / Route
- Stateful Proxy (Transaction)
- Stateless Proxy
8
The Basics - "SIP Element Arkitektur"
- Core'n adskiller SIP elementer (Proxy, UA,
Redirect, ) fra hinanden - TU'en initierer/overvåger Transaktioner
- Transaction Layer Client side lt-gt Server side
- Client transaction Sender Requests, modtager
Responses. - Server transaction Modtager Requests, sender
Responses. - Transport Layer opretter/nedlægger netværks
forbindelser - Syntax Encoding, sørger rigtig syntax
formatering efter BNF def.
SIP elementer er sammensat af forskellige lag
9
The Basics - sipHelloWorld_at_sip.dk
INVITE sip4533597991_at_voip.tele.dkuserphone
SIP/2.0 Via SIP/2.0/UDP snom2.voip.tele.dk5060b
ranchz9hG4bK-jkfy3ru4lk74 Max-Forwards 70 From
"snom2" ltsip4533597992_at_voip.tele.dkgttagke9mjx3t
a9 To ltsip4533597991_at_voip.tele.dkuserphonegt Ca
ll-ID 000965085068-63jzxk7vdb82_at_194.182.147.182 C
Seq 1 INVITE Contact ltsip4533597992_at_snom2.voip.
tele.dk5060line1gt User-Agent snom Version
1.12h Accept-Language en Accept
application/sdp Allow INVITE, ACK, CANCEL, BYE,
REFER, OPTIONS, NOTIFY, PRACK Supported timer,
100rel, replaces Session-Expires
7200 Content-Type application/sdp Content-Length
286
10
The Basics - sipHelloWorld_at_sip.dk
SIP/2.0 200 OK Via SIP/2.0/UDP
snom2.voip.tele.dk5060branchz9hG4bK-jkfy3ru4lk7
4 From "snom2"ltsip4533597992_at_voip.tele.dkgttagk
e9mjx3ta9 To ltsip4533597991_at_voip.tele.dkuserph
onegttag0007eb9f1798000a74208d4 Call-ID
000965085068-63jzxk7vdb82_at_194.182.147.182 Date
Wed, 31 Jul 2002 125619 GMT CSeq 1
INVITE Server Cisco-SIP-IP-Phone/3 Contact
sip4533597991_at_7960-2.voip.tele.dk5060 Content-Ty
pe application/sdp Content-Length 223
ACK sip4533597991_at_voip.tele.dk5060 Via
SIP/2.0/UDP snom2.voip.tele.dk5060branchz9hG4bK
-jkfy3ru4lk74 Max-Forwards 70 From "snom2"
ltsip4533597992_at_voip.tele.dkgttagke9mjx3ta9 To
ltsip4533597991_at_voip.tele.dkuserphonegttag0007e
b9f1798000a74208d4 Call-ID 000965085068-63jzxk7vd
b82_at_194.182.147.182 CSeq 1 ACK Route
ltsip4533597991_at_7960-2.voip.tele.dk5060gt Content-
Length 0
11
The Basics - Routing Overblik
aarhus.dk
aalborg.dk
3 INVITE aab_at_aalborg.dk
4 100 Trying
8 180 Ringing
11 200 Ok
5 INVITE aab_at_aalborg.dk
2 100 Trying
1 INVITE aab_at_aalborg.dk
6 100 Trying
14 ACK
9 180 Ringing
12 200 Ok
7 180 Ringing
13 ACK
10 200 Ok
15 ACK
12
The Basics - Routing Detaljerne
INVITE sipaab_at_aalborg.dkuserphone SIP/2.0 Via
SIP/2.0/UDP aarhus.dk5060branchz9hG4bK-jkfy3ru4
lk74 From "De Hvide" ltsipagf_at_aarhus.dkgttagke9m
jx3ta9 To ltsipaab_at_aalborg.dkuserphonegt Contact
ltsipagf_at_194.182.147.1825060line1gt
INVITE sipaab_at_aalborg.dkuserphone SIP/2.0 Via
SIP/2.0/UDP sip.aarhus.dk5060branchz9hG4bK5a310
7238f767ad8800795fa159 Via SIP/2.0/UDP
aarhus.dk5060branchz9hG4bK-jkfy3ru4lk74receive
d194.182.147.182 From "De Hvide"
ltsipagf_at_aarhus.dkgttagke9mjx3ta9 To
ltsipaab_at_aalborg.dkuserphonegt Record-Route
ltsipsip.aarhus.dklrgt Contact
ltsipagf_at_194.182.147.1825060line1gt
INVITE sipaab_at_aalborg.dkuserphone SIP/2.0 Via
SIP/2.0/UDP sip.aalborg.dk5060branchz9hG4bKb792
e3152278d65de6552386e1a Via SIP/2.0/UDP
sip.aarhus.dk5060branchz9hG4bK5a3107238f767ad88
00795fa159received194.182.147.248 Via
SIP/2.0/UDP aarhus.dk5060branchz9hG4bK-jkfy3ru4
lk74received194.182.147.182 To
ltsipaab_at_aalborg.dkuserphonegt From "De
Hvide"ltsipagf_at_aarhus.dkgttagke9mjx3ta9 Record-Ro
ute ltsipsip.aalborg.dklrgt,
ltsipsip.aarhus.dklrgt Contact
ltsipagf_at_194.182.147.1825060line1gt
13
The Basics - Routing Detaljerne
SIP/2.0 200 OK Via SIP/2.0/UDP
sip.aalborg5060branchz9hG4bKb792e3152278d65de65
52386e1areceived194.182.147.250 Via
SIP/2.0/UDP sip.aarhus.dk5060branchz9hG4bK5a310
7238f767ad8800795fa159received194.182.147.248 Vi
a SIP/2.0/UDP aarhus.dk5060branchz9hG4bK-jkfy3
ru4lk74received194.182.147.182 Record-Route
ltsipsip.aalborg.dklrgt,
ltsipsip.aarhus.dklrgt To "De Roede"ltsipaab_at_aalb
org.dkuserphonegt From "De Hvide"ltsipagf_at_aarhus
.dkgttagke9mjx3ta9 Contact sipaab_at_194.182.147.1
845060
SIP/2.0 200 OK Via SIP/2.0/UDP
sip.aarhus.dk5060branchz9hG4bK5a3107238f767ad88
00795fa159received194.182.147.248 Via
SIP/2.0/UDP aarhus.dk5060branchz9hG4bK-jkfy3ru4
lk74received194.182.147.182 Record-Route
ltsipsip.aalborg.dklrgt,
ltsipsip.aarhus.dklrgt To "De Roede"ltsipaab_at_aalb
org.dkuserphonegt From "De Hvide"ltsipagf_at_aarhus
.dkgttagke9mjx3ta9 Contact sipaab_at_194.182.147.1
845060
SIP/2.0 200 OK Via SIP/2.0/UDP
aarhus.dk5060branchz9hG4bK-jkfy3ru4lk74receive
d194.182.147.182 Record-Route
ltsipsip.aalborg.dklrgt,
ltsipsip.aarhus.dklrgt To "De Roede"ltsipaab_at_aalb
org.dkuserphonegt From "De Hvide"ltsipagf_at_aarhus
.dkgttagke9mjx3ta9 Contact sipaab_at_194.182.147.1
845060
14
The Basics - Routing Detaljerne
ACK sipaab_at_194.182.147.184 SIP/2.0 Via
SIP/2.0/UDP aarhus.dk5060branchz9hG4bK-jkfy3ru4
lk74 From "De Hvide" ltsipagf_at_aarhus.dkgttagke9m
jx3ta9 To ltsipaab_at_aalborg.dkuserphonegttag000
7eb9f1798000a74208d4a-5b59 Route
ltsipsip.aalborg.dklrgt Route ltsipsip.aarhus.dk
lrgt
ACK sipaab_at_194.182.147.184 SIP/2.0 Via
SIP/2.0/UDP sip.aarhus.dk5060branchz9hG4bK5a310
7238f767ad8800795fa159 Via SIP/2.0/UDP
aarhus.dk5060branchz9hG4bK-jkfy3ru4lk74receive
d194.182.147.182 From "De Hvide"
ltsipagf_at_aarhus.dkgttagke9mjx3ta9 To
ltsipaab_at_aalborg.dkuserphonegttag0007eb9f179800
0a74208d4a-5b59 Route ltsipsip.aalborg.dklrgt
ACK sipaab_at_194.182.147.184 SIP/2.0 Via
SIP/2.0/UDP sip.aalborg5060branchz9hG4bKb792e31
52278d65de6552386e1a Via SIP/2.0/UDP
sip.aarhus.dk5060branchz9hG4bK5a3107238f767ad88
00795fa159received194.182.147.248 Via
SIP/2.0/UDP aarhus.dk5060branchz9hG4bK-jkfy3ru4
lk74received194.182.147.182 From "De Hvide"
ltsipagf_at_aarhus.dkgttagke9mjx3ta9 To
ltsipaab_at_aalborg.dkuserphonegttag0007eb9f179800
0a74208d4a-5b59
15
The Basics - SDP Offer/Answer
Offer
v0 oUserA 2890844526 2890844526 IN IP4
aarhus.dk sSession SDP cIN IP4 194.182.147.182
t0 0 maudio 49172 RTP/AVP 0 artpmap0
PCMU/8000
v Version (altid 0) o Owner/Inititator s
Session Name c Connection Information (ip
adresse) t Time (altid 0 0 for unicast) m Media
description and port ( RTP Profiles) a Parameter
(media parameter)
Answer
v0 oUserB 2890844527 2890844527 IN IP4
aalborg.dk sSession SDP cIN IP4
194.182.147.184 t0 0 maudio 3456 RTP/AVP 0
artpmap0 PCMU/8000
- Retning - a sendrecv,recvonly,sendonly,
inactive - Flere media strømme (flere m linier)
- Afslå media stræmme (port 0)
- Re-Invite til ændring af media strømme
- Beskrivelse af Capabilities (OPTIONS, port 0)
16
The Basics - Sikkerhed
- Authentication / Authorization
- Integrity
- Confidentiality
- Digest/HTTP Authentication
- En-vejs autentificering
- S/MIME Typer
- Kryptering af SIP payload
- Transport Layer Security (TLS)
- To-vejs autentificering
- Transport lags kryptering
17
The Basics - Sikkerhed Authentication Digest
Challenge
- UAS'er kan vælge at bruge et challenge til at
autentificere UAC'er - Endpoints, Registrars og Redirect 401
Unathorized - Proxy 407 Proxy Authentication Required
SIP/2.0 407 Proxy Authorization Required Via
SIP/2.0/UDP here.com5060branchz9hG4bK74bf9
received100.101.102.103 From BigGuy
tag9fxced76sl To LittleGuy tag3flal12sf
CSeq 1 INVITE Proxy-Authenticate Digest
realm"wcom.com", nonce"f84f1cec41e6cbe5aea9c8e88
d359", opaque"", staleFALSE, algorithmMD5
Content-Length 0
INVITE sipUserB_at_there.com SIP/2.0 From
BigGuytag9fxced76sl To LittleGuy CSeq 2
INVITE Proxy-AuthorizationDigest
username"UserA", realm"wcom.com",
nonce"wf84f1ceczx41ae6cbe5aea9c8e88d359",
opaque"", uri"sipUserB_at_there.com",
response"42ce3cef44b22f50c6a6071bc8"
Content-Length 147
18
The Basics - Sikkerhed Digest/HTTP Authentication
- User-to-User
- End to End autentificering
- Proxy-to-User
- Hop by Hop autentificering
- Multible authentificerings headere
- Bygger på fælles hemmelighed
19
The Basics - Sikkerhed S/MIME
- Integritet kan opnåes med S/MIME typer
- Public/Private Key par
- Kryptering af payload
- Kryptering af SDP
- Kryptering af SIP besked ikke muligt
- Men man kan tunnle krypterede SIP beskeder
- Public Key distribuering via SIP
- (Kan gøre firewall traversal besværlig)
20
The Basics - SikkerhedTLS
- Transport lags mekanisme over TCP
- Hop by Hop autentificering ved udveksling af
certificater - Integritet og konfidentialitet vha. kryptering
21
The Basics - EnumURI
- Enum Konvertering af E.164 nummer til URL, ved
DNS opslag. - Eksempel
E.164 4589458181 4589458181 1818549854 1.8.1
.8.5.4.9.8.5.4.e164.arpa
22
The Basics - SIP DNS Opslag
- Vha DNS lookups kan SIP Servere lokaliseres
- NAPTR queries returnerer services og transport
protokoller for domænet _sip._tcp.aalborg.dk - SRV queries returnerer FQDN og port af serveren
som hoster servicen sip.aalborg.dk - A queries returnerer IP-adresse af FQDN
23
Trying the Basics - Test Setup
24
The Basics - SIP Event Model
- Notifier
- Mailbox
- Presence
- Køleskab
Subscriber
- SUBSCRIBE/NOTIFY Framework
- Indenfor/udenfor dialog (opretter dialog)
- Tidsbegrænset abonnement på tilstandsændringer
- Event Packages udformes til specifikke services
- Message Waiting
- Conference State
- Dialog State
- Refer
SUBSCRIBE
200 Ok
NOTIFY
200 Ok
NOTIFY
200 Ok
SUBSCRIBE
200 Ok
NOTIFY
200 Ok
25
The Basics - INFO Method
- Transport af (små) informationer
- Indenfor dialog
- Information i payloaden
- Anvendelser
- DTMF transport
- Sender styrke (Mobil)
- Takserings information
- Billed overførsel eller andet non-stream
UAC
UAS
Dialog
INFO
200 Ok
Dialog
26
The Basics - REFER Method
- Henvisning til 3. part URI
- Indenfor/Udenfor dialog (opretter dialog)
- REFER er samtidig en SUBSCRIBE på resultatet af
henvisningen - Refer-to eksempler
- sipaab_at_aalborg.dkmethodINVITE (viderestilling)
- http//aabsupport.dk/romario.html
- ftp//aabsupport.dk/public/methodGETsourceaab-
ringetone.mp3
UA
UA
REFER
202 Accepted
NOTIFY
200 Ok
Action
NOTIFY
200 Ok
27
The Basics - PRACK Method
- Aknowledge af Provisional Responses (1xx, bortset
fra 100) - Anvendelsen af PRACK sikres ved angivelse af
"Require 100rel" - Sikrer interoperabilitet med PSTN
UA
UA
INVITE
100 Trying
180 Ringing
PRACK
200 Ok (PRACK)
200 Ok (INVITE)
ACK
28
The Basics - UPDATE Method (timer)
- Ændre sessions parametre
- Specielt før INVITE er afsluttet
- "Early Media"
- "On Hold"
- Ændrer ikke dialogens tilstand
- Session Timer / Session Refresh
- Sessions Keep A Live uafhængig af mediastrøm
UA
UA
INVITE sdp1
180 Ringing
PRACK
200 Ok (PRACK)
UPDATE sdp1'
200 Ok sdp2'
200 Ok (INVITE)
ACK
29
The Basics - Preconditions QoS
- Sikrer betingelser er opfyldt før den kaldte
alarmeres. - Tilføjelse til SDP
- Current/Desired state
- End2End/Segmented QoS
- Strength (none/optional/mandatory)
- Direction (send/recv/sendrecv)
- Bruger Offer/Answer modellen
UA
UA
INVITE sdp1
183 Progress sdp2
PRACK
200 Ok (PRACK)
Reservation
Reservation
UPDATE sdp1'
200 Ok sdp2'
180 Ringing
Offer
Answer
maudio 20000 RTP/AVP 0 cIN IP4 192.0.2.1
acurrqos e2e none adesqos mandatory e2e
sendrecv
maudio 30000 RTP/AVP 0 cIN IP4 192.0.2.4
acurrqos e2e none adesqos mandatory e2e
sendrecv aconfqos e2e recv
200 Ok (INVITE)
ACK
30
SIP Advanced - 3. Party Call Control
Controller C
User A
User B
3PCC Flow 1
- INVITE uden nogen sdp
- Når A løfter af, modtager C et sdp offer (offer
1) - C proxyer offer 1 til B
- B svarer med et answer (answer 1)
- C afslutter INVITE handshake med B
- C afslutter INVITE handshake med A
1INVITE (no sdp)
2 200 Ok (offer 1)
3 INVITE (offer 1)
4 200 Ok (answer 1)
5 ACK
6 ACK (answer 1)
RTP
- Simpelt
- Ingen manipulation af sdp
- TimeOut problem - B skal svare inden 32 sek
(default)
31
SIP Advanced - 3. Party Call Control
3PCC Flow 2
- INVITE med BlackHole sdp (0.0.0.0)
- A svarer med en sdp (sdp2)
- C proxyer sdp2 til B
- C afslutter BlackHole INVITE mod A
- B svarer med sdp3
- C afslutter INVITE mod B
- C re-INVITEr A med sdp3
- A gentager sit svar (sdp2)
- C afslutter INVITE mod A
Controller C
User A
User B
NOT RECOMMENDED
1INVITE (bh sdp1)
2 200 Ok (sdp2)
3 INVITE (sdp2)
4 ACK
5 200 Ok (sdp3)
6 ACK
7re-INVITE (sdp3)
- Ingen TimeOut problem
- Ingen manipulation af sdp
- Media typer skal være kendt - Controller sdp
awareness - Tidlige UA implementationer behandler ikke
BlackHole sdp'er korrekt - A må ændre answer sdp (sdp2) - Inifite loop
8 200 Ok (sdp2)
9 ACK
RTP
32
SIP Advanced - 3. Party Call Control
3PCC Flow 3
- INVITE uden sdp
- A svarer med offer1
- C sender BlackHole answer1 til A
- C INVITEr B uden sdp
- B svarer med offer2
- C tilpasser offer2 så det passer med offer1 og
re-INVITEr A - A svarer med answer2'
- C tilpasser answer2' så det passer med offer2 og
afslutter mod B - C afslutter INVITE mod A
Controller C
User A
User B
1INVITE (no sdp)
2 200 Ok (offer1)
3 ACK (bh answer1)
4 INVITE (no sdp)
5 200 Ok (offer2)
6re-INVITE (offer2')
7 200 Ok (answer2')
8 ACK (answer2)
9 ACK
- (Næsten) Ingen TimeOut problem - re-INVITE
- BlackHole er ikke et problem
- Media typen behøver ikke være kendt
- sdp manipulation - media typer skal tilpasses
- Manglende fællesnævner i media typer skal
detekteres - Ikke simpelt
RTP
33
SIP Advanced - 3. Party Call Control
3PCC Flow 4 (3a)
- INVITE med NoMedia sdp
- A svarer med NoMedia answer1
- C afslutter INVITE mod A
- C INVITEr B uden sdp
- B svarer med offer2
- C tilpasser offer2 så det passer med offer1 og
re-INVITEr A - A svarer med answer2'
- C tilpasser answer2' så det passer med offer2 og
afslutter mod B - C afslutter INVITE mod A
Controller C
User A
User B
1INVITE (nm offer1)
2 200 Ok (nm answer1)
3 ACK
4 INVITE (no sdp)
5 200 Ok (offer2)
6re-INVITE (offer2')
7 200 Ok (answer2')
8 ACK (answer2)
9 ACK
- (Næsten) Ingen TimeOut problem - re-INVITE
- BlackHole er ikke et problem
- Media typen behøver ikke være kendt
- sdp manipulation - men minimal
- Manglende fællesnævner i sdp skal detekteres
- Simplere end Call Flow 3
RTP
34
SIP Advanced - 3. Party Call Control
- Kan det garanteres at B svarer hurtigt, skal Flow
1 bruges - Kan hurtigt B svar ikke garanteres, skal Flow 4
bruges. Flow 3 kan bruges, men har ingen fordele
I forhold til Flow 4 - Flow 2 skal aldrig bruges
- Controller forbliver i signalerings-flowet og
styrer derfor også nedtagning af kaldet - Kan kombineres med
- Early Media
- Preconditions
35
SIP Advanced - 3. Party Call Control
3PCC Application - Click2Dial
Controller
Danske Bank
User Phone
User Browser
1 HTTP POST
2 HTTP 200 Ok
3INVITE (nm offer1)
4 200 Ok (nm answer1)
5 ACK
6 INVITE (no sdp)
7 200 Ok (offer2)
8re-INVITE (offer2')
9 200 Ok (answer2')
10 ACK (answer2)
11 ACK
RTP
Recommended
CrystalGraphics Presentations
