11 TAC2000/2000.7
LABORATORY 117
Outline of the Hands-on Tutorial
SIP User-AgentSIP User-AgentRegisterRegisterMake callsMake calls
Fault-Finding ToolsFault-Finding ToolsObserve the Packets of SIP MessagesObserve the Packets of SIP Messages
SIP Registrar/Proxy ServerSIP Registrar/Proxy ServerConfiguring SER (SIP Express Router)Configuring SER (SIP Express Router)
How do you know other SIP islandsHow do you know other SIP islandsDNS SRV/ENUM/ISNDNS SRV/ENUM/ISN
How to authenticate usersHow to authenticate users LDAP, RADIUSLDAP, RADIUS
http://Download.ipv6.club.tw/APAN21/http://Download.ipv6.club.tw/APAN21/
22 TAC2000/2000.7
LABORATORY 117
SIP UAs and
SIP Message Analysis
Quincy WuQuincy Wu
National Chi Nan UniversityNational Chi Nan University
Email: [email protected]: [email protected]
33 TAC2000/2000.7
LABORATORY 117
Exercise 1: SIP UA operations
Download & Install SIP UADownload & Install SIP UA Download & Install EtherealDownload & Install Ethereal Packet Analysis Using EtherealPacket Analysis Using Ethereal
SIP signaling flowSIP signaling flowRTP trafficRTP trafficSIP headersSIP headersSDP ContentsSDP ContentsCall Hold/RetrieveCall Hold/Retrieve
44 TAC2000/2000.7
LABORATORY 117
Windows-based SIP UA
Microsoft Windows MessengerMicrosoft Windows Messenger NBEN UANBEN UA X-LiteX-Lite
55 TAC2000/2000.7
LABORATORY 117
SIP UA – Windows Messenger
By default, Windows XP installs Windows By default, Windows XP installs Windows Messenger Version Messenger Version 4.74.7
There are two messengers from MicrosoftThere are two messengers from Microsoft MSN Messenger 6.2, 7.0MSN Messenger 6.2, 7.0 Windows Messenger 4.7, 5.1Windows Messenger 4.7, 5.1
Inside Windows Messenger - How it Inside Windows Messenger - How it CommunicatesCommunicates http://www.microsoft.com/technet/http://www.microsoft.com/technet/
prodtechnol/winxppro/evaluate/prodtechnol/winxppro/evaluate/insid01.mspxinsid01.mspx
66 TAC2000/2000.7
LABORATORY 117
Step 1: Configure
77 TAC2000/2000.7
LABORATORY 117
Step 2: REGISTER
88 TAC2000/2000.7
LABORATORY 117
Step 3: Make A Call
99 TAC2000/2000.7
LABORATORY 117
Step 4: Ringing
1010 TAC2000/2000.7
LABORATORY 117
Step 5: Conversation
1111 TAC2000/2000.7
LABORATORY 117
Step 6: Answer A Call
1212 TAC2000/2000.7
LABORATORY 117
SIP UA – NBEN UA NBEN UA is a SIP User Agent NBEN UA is a SIP User Agent
which provides easy interface for which provides easy interface for IP telephony.IP telephony.
This software was developed as a This software was developed as a tool for VoIP tutorials in Taiwan.tool for VoIP tutorials in Taiwan.
You can type the digits and make You can type the digits and make phone calls directly, without phone calls directly, without typing the complete SIP URI typing the complete SIP URI ((sip:[email protected]:5060sip:[email protected]:5060))
It supports features like It supports features like Hold/Retrieve, Redial, Speed Dial, Hold/Retrieve, Redial, Speed Dial, Transfer.Transfer.
1313 TAC2000/2000.7
LABORATORY 117
Features NBEN UA runs on Windows 2000/XP/2003.NBEN UA runs on Windows 2000/XP/2003. Both signaling and media data are transported on UDP.Both signaling and media data are transported on UDP.
SIP: port 5060SIP: port 5060 RTP: port 9000RTP: port 9000
Supported audio codec:Supported audio codec: G.711 (64Kbps)G.711 (64Kbps) G.729 (8Kbps)G.729 (8Kbps) G.723.1 (6.3Kbps)G.723.1 (6.3Kbps)
1414 TAC2000/2000.7
LABORATORY 117
Download NBEN SIP UA Download link & Installation guide can be found at Download link & Installation guide can be found at http:/http://voip/voip
.ipv6.club.ipv6.club.tw.tw/Download//Download/ Phone numbers are assigned in a separate configuration file.Phone numbers are assigned in a separate configuration file.
Try to call each other and see the signaling of SIP.Try to call each other and see the signaling of SIP. Each SIP UA is required to possess a public IP address.Each SIP UA is required to possess a public IP address.
A patch is available to traverse NAT by utilizing STUN.A patch is available to traverse NAT by utilizing STUN.
1515 TAC2000/2000.7
LABORATORY 117
SIP UA - X-Lite X-Lite - The Best Free Softphone X-Lite - The Best Free Softphone A FREE premium SIP softphone with many PBX-like A FREE premium SIP softphone with many PBX-like
features.features. Open standards-based design (SIP) allows for maximum Open standards-based design (SIP) allows for maximum
network interoperation and integration.network interoperation and integration. Download from http://www.xten.com/Download from http://www.xten.com/
1616 TAC2000/2000.7
LABORATORY 117
Features Touch-tones [DTMF] Touch-tones [DTMF] 3 3 Lines, Multiple Proxies Lines, Multiple Proxies Line Hold Line Hold Inbound Call 'Ignore' Inbound Call 'Ignore' Inbound Call 'Go to Voicemail' Inbound Call 'Go to Voicemail' Dial/ Redial/Hangup Dial/ Redial/Hangup Caller ID [SIP ID] Caller ID [SIP ID] Call Timer Call Timer MuteMute Microphone & Speakers Levels Microphone & Speakers Levels Microphone & Speakers Meters Microphone & Speakers Meters Recent Calls Dialed Recent Calls Dialed Recent Calls ReceivedRecent Calls Received Speed DialSpeed Dial
G.711u+a/iLBC/GSM codecs G.711u+a/iLBC/GSM codecs NAT/Firewall support NAT/Firewall support Specify NAT IP to be written in Specify NAT IP to be written in
SIP messagesSIP messages Supports Windows Supports Windows
98SE/NT4/ME/2000/XP98SE/NT4/ME/2000/XP
1717 TAC2000/2000.7
LABORATORY 117
Step 1: Configuration
1818 TAC2000/2000.7
LABORATORY 117
Step 2: Make/Receive Calls Automatically send a Automatically send a
REGISTER request to registrar REGISTER request to registrar when the program starts up.when the program starts up.
Dial digits, and domain realm Dial digits, and domain realm will be appended automatically.will be appended automatically.
1919 TAC2000/2000.7
LABORATORY 117
Packets Capturing &
Analyzing
2020 TAC2000/2000.7
LABORATORY 117
Fault-Finding Tools EtherealEthereal
GUI on Windows XP/Linux/FreeBSDGUI on Windows XP/Linux/FreeBSD
Tcpdump/tEthereal/ngrepTcpdump/tEthereal/ngrep Plaintext on Linux/FreeBSDPlaintext on Linux/FreeBSD
SIPSAKSIPSAK ““Traceroute” of SIPTraceroute” of SIP
2121 TAC2000/2000.7
LABORATORY 117
Ethereal – What Is It? Every network manager at some time or other needs a Every network manager at some time or other needs a
tool that can capture packets off the network and tool that can capture packets off the network and analyze them. analyze them.
In the past, such tools were either very expensive, In the past, such tools were either very expensive, proprietary, or both.proprietary, or both.
With the advent of Ethereal, all that has changed. With the advent of Ethereal, all that has changed.
"A rose by any other name would smell as sweet.""A rose by any other name would smell as sweet." - William Shakespeare- William Shakespeare
2222 TAC2000/2000.7
LABORATORY 117
Features of Ethereal
Available for UNIX and Windows. Available for UNIX and Windows. Capture and display packets from any interface on a UNIX system. Capture and display packets from any interface on a UNIX system. Display packets captured under a number of other capture Display packets captured under a number of other capture
programs: programs: tcpdump tcpdump Network Associates Sniffer and Sniffer Pro Network Associates Sniffer and Sniffer Pro NetXray NetXray Microsoft Network Monitor Microsoft Network Monitor
Filter packets on many criteria. Filter packets on many criteria. Colorize packet display based on filters Colorize packet display based on filters Allow people to add new protocols to Ethereal.Allow people to add new protocols to Ethereal.
2323 TAC2000/2000.7
LABORATORY 117
Where to Get Ethereal
Official site: Official site: http://www.ethereal.com/http://www.ethereal.com/ Local mirror: Local mirror: http:/http://voip/voip.ipv6.club.ipv6.club.tw.tw/Download//Download/
2424 TAC2000/2000.7
LABORATORY 117
Install Ethereal under Windows
Install WinPcap 3.1.Install WinPcap 3.1.WinPcap is an architecture for packet capture and network WinPcap is an architecture for packet capture and network
analysis for the Win32 platforms. analysis for the Win32 platforms. It includes It includes
a kernel-level packet filter, a kernel-level packet filter, a low-level dynamic link library (packet.dll), and a low-level dynamic link library (packet.dll), and a high-level and system-independent library (wpcap.dll, based on a high-level and system-independent library (wpcap.dll, based on
libpcap version 0.6.2) libpcap version 0.6.2)
Install Ethereal 0.10.13. Install Ethereal 0.10.13.
2525 TAC2000/2000.7
LABORATORY 117
Starting Ethereal
2626 TAC2000/2000.7
LABORATORY 117
Capturing packets with Ethereal
2727 TAC2000/2000.7
LABORATORY 117
The Capture Preferences dialog box
2828 TAC2000/2000.7
LABORATORY 117
Stop after you have collected enough packets
2929 TAC2000/2000.7
LABORATORY 117
File – Save As
3030 TAC2000/2000.7
LABORATORY 117
Show Packet in New Window
3131 TAC2000/2000.7
LABORATORY 117
Capture Filters
3232 TAC2000/2000.7
LABORATORY 117
Filtering While Capturing
3333 TAC2000/2000.7
LABORATORY 117
Syntax of the tcpdump capture filter language
[[not] not] primitiveprimitive [and|or [not] [and|or [not] primitiveprimitive ...] ...] tcp port 23 and host 10.0.0.5tcp port 23 and host 10.0.0.5 tcp port 23 and not host 10.0.0.5tcp port 23 and not host 10.0.0.5
tcpdumptcpdump filter language is explained in the man page. filter language is explained in the man page.
3434 TAC2000/2000.7
LABORATORY 117Capturing SIP signaling(filter: udp port 5060)
3535 TAC2000/2000.7
LABORATORY 117
SIP Call Establishment It is simple, which contains a number of interim responses.It is simple, which contains a number of interim responses.
a
b
c
d
e
f
g
INVITE
Ringing
OK
ACK
Conversation
BYE
OK
3636 TAC2000/2000.7
LABORATORY 117Basic Call Flow
3737 TAC2000/2000.7
LABORATORY 117
3838 TAC2000/2000.7
LABORATORY 117
3939 TAC2000/2000.7
LABORATORY 117
4040 TAC2000/2000.7
LABORATORY 117
REGISTER
4141 TAC2000/2000.7
LABORATORY 117
200 OK
4242 TAC2000/2000.7
LABORATORY 117
INVITE
4343 TAC2000/2000.7
LABORATORY 117
SDP in INVITE
4444 TAC2000/2000.7
LABORATORY 117
200 OK
4545 TAC2000/2000.7
LABORATORY 117
SDP in 200 OK
4646 TAC2000/2000.7
LABORATORY 117
ACK
4747 TAC2000/2000.7
LABORATORY 117
Capturing the packets of Media Data
4848 TAC2000/2000.7
LABORATORY 117
RTP Traffic (udp port 9000)
What’s wrong?What’s wrong?
4949 TAC2000/2000.7
LABORATORY 117
Tools – Decode As RTP
5050 TAC2000/2000.7
LABORATORY 117
Display Filter
5151 TAC2000/2000.7
LABORATORY 117
Display – Colorize Display
5252 TAC2000/2000.7
LABORATORY 117
Emphasize the packets you are interested in
5353 TAC2000/2000.7
LABORATORY 117
Hold/Unhold of NBEN UA
5454 TAC2000/2000.7
LABORATORY 117
Hold
5555 TAC2000/2000.7
LABORATORY 117
Retrieve
5656 TAC2000/2000.7
LABORATORY 117
Summary We demonstrate the functions of Windows Messenger and We demonstrate the functions of Windows Messenger and
NBEN UA, which are two SIP User Agents with friendly user NBEN UA, which are two SIP User Agents with friendly user interface.interface.
We demonstrate the functions of Ethereal, which is a powerful We demonstrate the functions of Ethereal, which is a powerful tool for packets capturing & analyzing:tool for packets capturing & analyzing: Capture FiltersCapture Filters Colorized PacketsColorized Packets
Practice using this tool to capture SIP signaling in the following Practice using this tool to capture SIP signaling in the following call flowscall flows REGISTER – REGISTER – 200 OK200 OK INVITE – INVITE – 200 OK200 OK - ACK - ACK BYE – BYE – 200 OK200 OK Hold/RetrieveHold/Retrieve