1 / 30

An introduction to SIP

An introduction to SIP. Simon Millard Professional Services Manager Aculab. An introduction to SIP. Agenda SIP concepts Media SIP signalling NAT traversal Security. SIP concepts. SIP is the Session Initiation Protocol

isra
Télécharger la présentation

An introduction to SIP

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. An introduction to SIP Simon Millard Professional Services Manager Aculab

  2. An introduction to SIP • Agenda • SIP concepts • Media • SIP signalling • NAT traversal • Security

  3. SIP concepts • SIP is the Session Initiation Protocol • Its job is to set up a session (maybe a phone call) between two or more users

  4. SIP concepts • SIP’s view of the network is the same as the Internet’s • Intelligence at the edge • Re-use of proven devices and concepts • There is the ability to negotiate supported features • Can set up any type of media • SIP separates media from signalling

  5. Media For IP telephony we are concerned with RTP RTCP RTP CODECs UDP IP Ethernet, optical, radio, …

  6. ETH IP UDP RTP AUDIO CHK Media • More data is sent than in a TDM call • Silence elimination • CNG • VAD

  7. Media compression • The rain in Spain falls mainly on the plain • Lossless • $ r# in Sp# falls m#ly on $ pl# • $ = the #=ain • Lossy • Th rn n Spn flls mnly n th pln

  8. SIP signalling • Coded in ASCII • Verbs (methods) and responses • INVITE initiate a session • ACK confirm session established • BYE terminate a session • CANCEL cancel a pending INVITE • REGISTER bind an address to a location • ++

  9. SIP signalling • Responses – as per HTTP • 1xx information • 100 trying, 180 ringing • 2xx success • 200 OK • 3xx redirection • 300 multiple choices • 4xx client error • 404 not found • 5xx server failure • 6xx global failure

  10. SIP signalling • Media for the session is described by the SDP (session description protocol)

  11. sip:simon@192.168.0.100 response Signalling – UAs • SIP based on UAs (User Agents) • UAC initiates requests • UAS responds to requests UAC UAS

  12. sip:simon@work sip:simon@aculab.com sip:simon@home Signalling – Proxies • Route signalling • Do not initiate requests or responses • Pass through unknown messages unchanged • Stateless or stateful Aculab Proxy

  13. Signalling – Registrars • Allow a SIP device to dynamically register a location • This allows them to be contactable when mobile Aculab Registrar REGISTER sip:simon@aculab.com Location database 192.168.0.102

  14. request for sip:simon@aculab.com moved to sip:simon@xx.xx.xx.xx request for sip:simon@xx.xx.xx.xx sip:simon@aculab.com registered from xx.xx.xx.xx Signalling – Redirect Servers • Respond to a request by redirecting it to another device Aculab Redirect Server 192.168.0.102

  15. Signalling – B2BUA • A back-to-back User Agent is somewhat similar to a Proxy, but terminates and initiates SIP signalling B2BUA UA UA

  16. location server DNS server simon? simon@192.168.0.100:5060 SIP SRV b.com proxy.b.com proxy.b.com INVITE INVITE INVITE BYE Putting it all together proxy.a.com RTP

  17. NAT traversal • Network Address Translation • IP-Masquerading • Source and/or destination addresses re-written • Most widely used to allow multiple hosts on a private network to access the Internet from a single public IP address • Solved the IP address shortage of IPv4

  18. NAT traversal • NAT binding is created by the NAT to map a private to a public address • Binding lifetime • Period of time for which the binding remains open • Binding will be closed if there is no traffic for a period of time

  19. NAT traversal • Full cone • Internal IP address and port mapped one-to-one to external IP address and port • External host can reach internal by sending to IP:port

  20. NAT traversal • Restricted cone • Internal IP:port mapped one-to-one to external IP:port • External host can reach internal client only if traffic has already been sent to it

  21. NAT traversal • Port restricted • External host can reach internal port only if traffic has already been sent to it from that port

  22. NAT traversal • Symmetric • Requests from an internal IP:port are mapped to a unique external IP:port • Only a host which receives a packet can send packets back

  23. NAT traversal • STUN • STUN is a client/server protocol • Client sends request to STUN server which responds with the IP address of the NAT and the port which was opened for the request

  24. NAT traversal • STUN works with full cone, restricted cone and port restricted NATs • Will not work with symmetric NAT • IP address of the STUN server is different to that of the destination endpoint • Peers communicate discovered IP:port information • In a full cone, any endpoint can initiate the session

  25. Security • SIP signalling • Digest authentication, based on knowledge of a shared secret

  26. Security • SIP signalling • TLS – Transport Layer Security • Based on public key cryptography • Client requests TLS session • Server responds with public certificate • Client verifies certificate • Mutual exchange of session keys • Send/receive application data using keys • Can be used hop-by-hop • SIPS requires TLS used end-to-end

  27. Security • Media • Uses SRTP (secure RTP) • AES encryption typically using 128 bit keys • Assumes secure key exchange prior to the session running • Most commonly used are Mikey and SDES (SDES within SDP so need to secure the SIP session)

  28. Summary • Session Initiation Protocol leverages Internet technologies • Signalling and media paths • Other devices • NAT traversal issues • Security

  29. Thank you simon.millard@aculab.comVisit Aculab on booth 1217

More Related