Transcription
SIPUnderstanding the SessionInitiation ProtocolFourth EditionAlan B. JohnstonARTECHHOUSEBOSTON LONDONartechhouse.com
ContentsPreface to the Fourth EditionAcknowledgmentxxiiixxv1SIP and the Internet1.1Signaling1.2Internet Multimedia Protocol Stack21.2.1Physical Layer21.2.2Data/Link2Protocols111.2.6LayerNetwork LayerTransport LayerApplication LayerUtility Applications1.2.7Multicast101.3Internet Names111.4URLs, URIs, and URNs111.5Domain Name Service121.5.1DNS Resource Records141.5.2Address Resource Records (A or AAAA)141.5.3Service Resource Records (SRV)151.5.4Naming 51.6OpenPointer Resource Records (NAPTR)Standardsv349916
viSIP: Understanding the Session Initiation Protocol1.7Internet Standards Process181.8A Brief History of SIP191.9Conclusion21References212Introduction to SIP232.1A2.2SIP Call with2.3SIP2.4SIP Presence and Instant2.5Message Transport442.5.1UDP442.5.2TCP Transport452.5.3TLSTransportSCTP Transport462.6Transport Protocol 503SIP Clients and Servers513.1SIP UserAgents513.2PresenceAgents523.3Back-to-Back User Agents533.4SIP543.5SIP Servers563.5.1Proxy Servers573.5.2Redirect Servers612.5.43.5.3SimpleSession EstablishmentaProxyExampleServer31Registration 7Example3947633.6Uniform Resource Indicators643.7Acknowledgment of Messages66
ion693.11Questions70References724SIP Request DATE1024.268Support99URI and URL Schemes Used4.2.1SIP and SIPS URIs4.2.2Telephone4.2.3Presence and 12107Bodies1085SIP es115
SIP:viiithe Session Initiation ProtocolUnderstanding5.1.21805.1.3181 Call is5.1.4182 Call5.1.5183 Session5.1.6199 Early117RingingBeing 8Success1185.2.1200 OK1185.2.22025.2.3204 No iple Choices5.3.13005.3.2301 MovedPermanently1205.3.3302 MovedTemporarily1205.3.4305 Use Proxy1205.3.5380 Alternative Service120Client Error1205.4.1400 Bad Request1215.4.2401 Unauthorized1215.4.3402 Payment1215.4.4403 Forbidden1225.4.5404 Not Found1225.4.6405 Method Not Allowed1225.4.7406 ed1225.4.8407 Proxy5.4.94085.4.10409 Conflict1235.4.11410 Gone1235.4.12411123RequestTimeoutLength Required5.4.13 412 Conditional Request Failed5.4.14 413 Request Entity Too Large1231241241245.4.15414 Request-URI Too Long5.4.164155.4.174165.4.18417 Unknown Resource Priority1255.4.19420 Bad Extension1255.4.20421 Extension1255.4.21422 Session Timer Interval Too Small1255.4.22423 Interval Too Brief1255.4.23424 Bad Location Information1265.4.24428 UseUnsupported Media TypeUnsupported URI SchemeRequiredIdentityHeader124124126
Contentsix5.4.25429 Provide Referror Identity1265.4.26430 Flow Failed1265.4.27433 Anonymity Disallowed126Header436 Bad127Identity-Info5.4.29 437 Unsupported Certificate5.4.30 438 Invalid Identity Header5.4.28Hop Lacks Outbound127127Support1275.4.31439 First5.4.32440 Max Breadth Exceeded1275.4.33469 Bad Info1285.4.344945.4.35470 Consent Needed5.4.36480Temporarily kageSecurity Agreement RequiredLoop128128Does Not Exist128128128Detected5.4.39483 Too Many5.4.401295.4.44HopsIncomplete485 Ambiguous486 Busy Here487 Request Terminated488 Not Acceptable Here129484 Address5.4.45489 Bad Event1315.4.46491 Request1315.4.47493 .4.48 494 Security Agreement Required130130131131132Server Error1325.5.1500 Server Internal Error1335.5.2501 NotImplemented1335.5.3502 BadGateway1335.5.4503 Service Unavailable1335.5.5504 Gateway Timeout1335.5.6505 Version Not5.5.75135.5.8580 Preconditions Failure134Global Error1345.55.6SupportedMessage Too LargeBusy Everywhere5.6.16005.6.2603 Decline5.6.3604 Does Not Exist5.6.4606 s135References136
SIP: Understanding the Session Initiation ProtocolX6SIP Header Fields1396.1Request and Response Header ption6.1.13 story .126.2RequestHeader ation1566.2.3Call-Info1566.2.4Event156
ken161P-Asserted-Identity6.2.18 4163Referred-ByReply-To6.2.25 Replaces6.2.26 Reject-Contact6.2.27 Request-Disposition6.2.28 Require6.2.29 Resource-Priority6.2.30 RAck167Security-Client6.2.34 ress-If-Match1696.2.336.2.39Target-Dialog6.2.40 Trigger-Consent6.3168169169Response Header r1716.3.5Geolocation-Error171
xiiSIP: Understanding the Session Initiation ver1736.3.13Service-Route173SIP-ETag6.3.15 Unsupported6.3.16 3.146.4173174Message Body Header erences1787Wireless, Mobility, and IMS1837.1IP7.2SIPMobility1847.3IMS and SIP1917.4IMS Header 1936.4.46.5176176Mobility8Presence and Instant8.1Introduction8.2History183Messagingof IM and Presence197197197
xiiiContents8.3SIMPLE1998.4Presence with SIMPLE1998.4.1SIP Events Framework1998.4.2Presence Bodies2008.4.3Resource Lists2028.4.4Filtering2088.4.5Conditional Event Notifications and8.4.6Partial Publication8.4.7Presence Documents8.5InstantMessagingMode InstantCommon Profile for Instant8.5.3Instant8.68.6.1212with 4ETags213Messaging214MessagingDelivery Notification215MessagingMessage Composition IndicationMultiple Recipient MessagesSession Mode Instant ibleMessagingandPresence Protocol2228.6.2Jingle2228.6.3Interworking with 2249Services in SIP2279.1Gateway9.2Emergency9.3SIP9.4SIP Service9.5Voicemail2339.6SIP ideoRelayFacsimileExamplesService(VRS)232236236
xivSIP:Understanding theSession Initiation .8.3Non-SIP Conference Control2389.9Application Sequencing2399.10Other SIP Service Architectures2419.10.1Service-Oriented livery nces24310Network Address Translation10.1Introduction10.2Advantages of NAT10.3Disadvantages10.4How NAT Works10.5Typesto247NAT247248249of NAT250of NAT251Point-Independent Mapping NATAddress-Dependent Mapping NATAddress and Port-Dependent Mapping NAT25210.5.4Hairpinning Support25310.5.5IP t Options10.5.7 Mapping Refresh10.5.8 Filtering ModesNAT10.7NATsandSIP10.8Properties of a Friendly253254Pooling Options10.6253255255256Mapping Examples258NATorHowaNATShould BEHAVE25910.9STUN Protocol26010.10UNSAF262Requirements
Contents10.1110.11.1SIP Problems with NAT262Symmetric SIP26310.11.2 Connection Reuse26410.11.3 SIP Outbound26410.1210.12.1Media NAT Traversal Solutions265RTP26510.12.2 RTCP Attribute266SymmetricSelf-Fixing Approach26610.13Hole26610.14TURN: Traversal10.15ICE: rences27411Related Protocols27711.1PSTN Protocols27710.12.3PunchingUsing Relays DN11.1.3ISUPSIP hones278Gateway oof P Control ProtocolTransportTransport12.2.1RTCP12.2.2RTCP 87292293Reports294294
SIP: Understanding the Session Initiation Protocolxvi12.4RTP Audio Video Profiles29512.4.1Audio Codecs29612.4.2Video Codecs12.4.3Audio and Video298Multiplexing overSame al egotiating Media Sessions30513.1SessionTransportDescription Protocol (SDP)30513.1.1Protocol Version30713.1.2Origin30713.1.3Session Name and Information30813.1.4URI30813.1.5E-Mail Address and Phone Number30813.1.6Connection Data30813.1.7Bandwidth30913.1.8Time, Repeat Times, and Time Zones30913.1.9Encryption Keys30913.1.10 MediaDescriptions13.1.11 Attributes31031013.2SDP Extensions31213.3The Offer Answer Model313Rules for315Rules for315Generating an Offer13.3.2Generating an Answer13.3.3 Rules for Modifying a Session13.3.4 Special Case—Call Hold13.3.131531613.4Static and13.5SIP ences320Dynamic PayloadsExchanges316317
Contentsxvii14Internet Threats and Attacks14.1Introduction32314.2Attack Types32314.2.1Denial of Service (DoS)32314.2.2Man-in-the-Middle32814.2.3Replay and32914.2.4Theft of n14.2.7Poisoning14.2.8Credential ste Attacks332Attacks(DNSandARP)Identity Theft14.2.10 Session14.3323332333334334Attack Methods33614.3.1Port Scans33614.3.2Malicious Code33714.3.3Buffer Overflow33814.3.5Password Theft/Guessing34014.3.6Tunneling34014.3.7Bid 15SIP15.1BasicSecurity and IdentitySecurity y 347348349Security 415.2.4DNSSEC354
xviiiSIP:15.2.515.315.3.115.3.2Understandingthe Session Initiation ProtocolSecure MIME355SIP355SecurityModelBasic Authentication355AuthenticationDigestPretty Good 215.3.6Secure 2 SIP URI Identity367Identity36815.4.3Trust Domains for Asserted15.4.4Interdomain SIP15.4.5SIP and Certificates37915.4.6Other estions386References38716Media Security39116.1Introduction39116.2Secure RTP39216.3Generation of MediaIdentity370Identity373Identity Methods394Encryption 39616.4SDP39716.5Multimedia Internet Keying (MIKEY)39816.6DTLS-SRTP40116.7ZRTP Media Path16.8Questions404References404395KeysKey EncryptionKey Management and ExchangeSecurity DescriptionsKey AgreementKey Agreement forVoIP396402
Contentsxix17SIP PSTN Gateway Security40717.1Introduction17.2PSTN17.3Gateway Security40917.3.1Gateway Security Architecture41017.3.2Gateway Types41117.3.3Gateways and Caller ID41217.3.4Caller ID erworkingTelephoneNumberMapping in the DNS18Peer-to-Peer eferences18.3407419419of on42818.7Questions429References42919Web Real-Time Communications43119.1Introduction19.2WebRTC Basics43219.3WebRTC Architecture43319.4WebRTC 38Identity ProtocoltoSignalingWebRTCfor WebRTC426431
SIP: Understanding the Session Initiation ProtocolXX20Call Flow Examples44120.1SIP Call with Authentication, Proxies, andRecord-Route20.2441SIP Call with Stateless and Stateful Proxies withCalledParty Busy20.3SIPPSTN CallThrough Gateway45320.4PSTNSIP CallThrough Gateway45720.5Parallel Search20.6Call20.7SIP Presence and InstanttotoSetupwith449460ProxyServerMessage Example466468References47221Future Directions47321.1Bug21.2More ng21.6IPv6 Transition47521.7More SIP47621.8Security Deployment47621.9Better476Fixes and ClarificationsIdentityFeatures Work 76Appendix477A.1ABNF RulesA.2IntroductionReferences477toXML479482
ContentsAbout the Authorxxi483
viii SIP: Understandingthe SessionInitiation Protocol 5.1.2 180Ringing 117 5.1.3 181 Callis BeingForwarded 117 5.1.4 182CallQueued 117 5.1.5 183SessionProgress 117 5.1.6 199EarlyDialogTerminated 118 5.2 Success 118 5.2.1 200OK 118 5.2.2 202Accepted 119 5.2.3 204NoNotification 119 5.3 Redirection 119 5.3.1 300MultipleChoices 120 5.3.2 301 MovedPermanently 120 5.3.3 302MovedTemporarily 120
