vo ip sip
DESCRIPTION
TRANSCRIPT
© 2007 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 1
VoIP & SIP Signaling
Hussam El Kebbi
Presentation_ID 2© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential
Overview VoIP Architecture What is VoIP ? Benefits of VoIP Components of a VoIP Network Quiz VoIP Telephone Call Overview on a VoIP Connection
Analog/Digital Interfaces
Steps of Conversion Transport Layer QoS in VoIP/Solutions for QoS Issues Calculating Bandwidth Requirements for VoIP Cisco IOS Configurations for VoIP Quiz
Presentation_ID 3© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential
SIP Architecture What is SIP? SIP Capabilities SIP URI / Components Quiz
SIP Message Format SIP Message Request/Response Fields Header Fields Quiz
SIP Call Flow Using Proxy Server/Using Multiple Servers How are the Codecs Negotiated / SDP Information SIP Security Mechanisms QUIZ
Overview
Presentation_ID 4© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential
VoIP Architecture
Presentation_ID 5© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential
VoIP Architecture
Voice over IP (VoIP) defines a way to carry voice calls over an IP network including the digitization and packetization of the voice streams
What is VoIP ?
http://www.cisco.com/en/US/tech/tk652/tk701/tsd_technology_support_protocol_home.html
Presentation_ID 6© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential
Benefits of VoIP
More efficient use of bandwidth and equipment
Reduce operating costs
Consolidated network expenses
Improved employee productivity
Access to new communication devices
VoIP Architecture
CCNP: Optimizing Converged Networks v5.0NT, Chapter 2
Presentation_ID 7© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential
Components of a VoIP NetworkThese are the most common elements in VoIP networks:
VoIP Architecture
CCNP: Optimizing Converged Networks v5.0NT, Chapter 2
Presentation_ID 8© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential
Quiz
Define VoIP, and list two of its benefits ?
List three of VoIP network components ?
VoIP Architecture
Presentation_ID 9© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential
VoIP Telephone Call
Presentation_ID 10© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential
To setup a VoIP communication we need: Convert analog voice to digital signals (bits) Now the bits have to be compressed in a good format for
transmission Insert our voice packets in data packets using a real-time protocol
(typically RTP over UDP over IP) We need a signaling protocol to call users (SIP - H.323) At Receiving we have to disassemble packets, extract data, then
convert them to analog voice signals All that must be done in a real time fashion cause we cannot waiting
for too long for a vocal answer! (QoS )
Overview on a VoIP connection
http://tldp.org/HOWTO/VoIP-HOWTO-4.html
VoIP Telephone Call
Presentation_ID 11© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential
Foreign Exchange Station (FXS)
Foreign Exchange Office (FXO)
Ear and Mouth (E&M)
Legacy Analog Interfaces in VoIP Networks
Digital Interfaces
Analog Interfaces
VoIP Telephone Call
CCNP: Optimizing Converged Networks v5.0NT, Chapter 2
Click me
Presentation_ID 12© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential
Converting Analog Signals to Digital Signals Sample the analog signal (Sampling)
Quantize sample into a binary expression (Quantization)
Compress the samples to reduce bandwidth
Converting Digital Signals to Analog Signals Decompress the samples
Decode the samples into voltage amplitudes
Reconstruct the analog signal
CCNP: Optimizing Converged Networks v5.0NT, Chapter 2
VoIP Telephone CallSteps of Conversion
Click me
Presentation_ID 13© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential
To calculate the total bandwidth, find the total packet size, including all the headers plus payload and divide by the payload size. Multiply the result by the nominal bandwidth for the codec. The result is the total bandwidth requirement.
VoIP Telephone Call
Calculating Bandwidth Requirements for VoIP
CCNP: Optimizing Converged Networks v5.0NT, Chapter 2
You can calculate the bandwidth using the Voice Codec Bandwidth Calculator at http://tools.cisco.com/Support/VBC/do/CodecCalc1.do.
Presentation_ID 14© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential
Real-time applications such as voice and video require a guaranteed connection with consistent and predictable delay characteristics.
IP does not guarantee reliability, flow control, error detection, or error correction TCP offers both connection-oriented and reliable transmission
- Handles sequencing and error detection to ensure that the destination application receives a reliable stream of data UDP, like IP, is a connectionless protocol.
- Routes data to its correct destination port but does not attempt to perform any sequencing or to ensure data reliability
Transport Layer
VoIP Telephone Call
CCNP: Optimizing Converged Networks v5.0NT, Chapter 2
Presentation_ID 15© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential
RTP solves the problem enabling the receiver to put the packets back into the correct order and not wait too long for packets that have either lost their way or are taking too long to arrive
- RTP transports the digitized samples of real-time information
- The packets can be correctly reordered
- The packets can have appropriate delays inserted between packets
Transport Layer
VoIP Telephone Call
VoIP doesn't use TCP because it is too heavy for real time applications
CCNP: Optimizing Converged Networks v5.0NT, Chapter 2
Presentation_ID 16© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential
Latency: Delay for packet delivery
Jitter: Variations in delay of packet delivery
Packet loss: Too much traffic in the network causes the network to drop packets
Burstiness of Loss and Jitter: Loss and Discards (due to jitter) tend to occur in bursts
QoS (Quality of Service) is a major issue in VOIP implementations, things to consider are:
VoIP Telephone Call
QoS in VoIP
http://www.voip-info.org/wiki/view/QoS
Presentation_ID 17© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential
Solution for QoS issues
Resource reservation : Make sure that the VoIP call has the bandwidth needed allocated from point to point before the conversation takes place.
Prioritization: Here, the end point suggest a priority on the packets and each router decides if it will honour this request or not.
Network Traffic Tuning: Boxes you can add to a network to manage bandwidth usage and create QOS even if the other network devices don't support it.
VoIP Telephone Call
http://www.voip-info.org/wiki/view/QoS
Presentation_ID 18© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential
Cisco IOS Configurations for VoIP
http://www.cisco.com/en/US/products/hw/routers/ps221/products_configuration_guide_chapter09186a008007c9bc.html
Presentation_ID 19© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential
Quiz Which three components should be taken into
consideration when calculating the voice bandwidth needed to set up a call on a VoIP network? (Choose three)
1. Voice payload size
2. RTP, UDP, and IP headers
3. Layer 2 encapsulation
4. Low latency queuing (LLQ)
5. Classification and marking of the voice traffic
6. Call Admission Control enabled on the network
VoIP Telephone Call
Presentation_ID 20© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential
Does VoIP use TCP as transport protocol?Why?
VoIP Telephone CallQuiz
Presentation_ID 21© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential
SIP Architecture
Presentation_ID 22© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential
SIP Architecture
The Internet Engineering Task Force's (IETF's) standard for multimedia conferencing over IP
A signaling protocol used to create, manage and terminate sessions in an IP based network.
A client/server protocol, which is similar to HTTP Influencing the marketplace, a growing number of IP
Telephony Service Providers (ITSP)/ cellular phone providers, Microsoft real-time communication platforms, and Cisco applications are based on SIP
Session Initiation Protocol (SIP) is :What is SIP?
Presentation_ID 23© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential
Presence, Instant Messaging and Voice
Presentation_ID 24© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential
Determine the location of the target end point
Determine the media capabilities of the target end point—Via Session Description Protocol (SDP)
Determine the availability of the target end point Establish a session between the originating and target end point
Handle the transfer and termination of calls
SIP Capabilities :
SIP Architecture
Click me
Presentation_ID 25© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential
A user of an online service An appearance on a multiline phone A mailbox on a messaging system A telephone number at a gateway service
SIP URIs have a format based on e-mail address formats, namely user@domain. There are two common schemes. An ordinary SIP URI is of the form: sip:[email protected]
The URI may also include a password, port number, and related parameters.
SIP ArchitectureSIP Universal Resource Indicators
http://www.cisco.com/web/about/ac123/ac147/archived_issues/ipj_6-1/sip.html
A resource within a SIP configuration is identified by a URI. Examples of communications resources include the following:
Presentation_ID 26© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential
User agent client (UAC)
User agent server (UAS)
SIP Components
Functional Components : Proxy server : Perform call routing, authentication, authorization, address resolution, and loop detection
Redirect server : UAs and proxy servers can contact a redirect server to find the location of an end point
Registrar : Processes requests from UACs for registration of their current location
SIP Architecture
SIP is a peer-to-peer protocol, can function in one of the following roles:
Click me
SIP User Agents
Presentation_ID 27© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential
Quiz
What is SIP?
Name 3 Funtional Components of SIP Architecture?
SIP Architecture
Presentation_ID 28© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential
SIP Message Format
Presentation_ID 29© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential
SIP Message Format
SIP is a simple, ASCII text-based protocol that uses requests and responses to establish communication among the various components in the network
generic-message = start-line ;start-line = Request-Line / Status-Line*message-headerCRLF ; carriage-return line-feed sequence [ message-body ]
SIP Message
http://www.tech-invite.com/Ti-sip-abnf.html
Presentation_ID 30© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential
Status-Line = SIP-Version SP Status code SP Reason-phrase CRLF
SIP version : The SIP version being used.
Status-code : A 3-digit integer result code of the attempt to understand and satisfy the request.
Reason-phrase : A textual description of the status code.
SIP Message Format
Response Fields
Request FieldsRequest-Line = Method SP Request-URI SP SIP-Version CRLF Method : Register, Invite, Ack, Cancel, Bye, and Options Request-URI : It indicates the user or service to which this request is being addressed SIP version : Is case-insensitive but implementations must send upper case
Presentation_ID 31© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential
Provisional (1xx): The request was received and is being processed.
Success (2xx): The action was successfully received, understood, and accepted.
Redirection (3xx): Further action needs to be taken in order to complete the request.
Client Error (4xx): The request contains bad syntax or cannot be fulfilled at this server.
Server Error (5xx): The server failed to fulfill an apparently valid request.
Global Failure (6xx): The request cannot be fulfilled at any server.
SIP Message FormatResponseThe SIP response types defined in RFC 3261 are in the following categories:
www.cisco.com/web/about/ac123/ac147/archived_issues/ipj_6-1/sip.html
Presentation_ID 32© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential
Header Fields
To : Specifies the desired "logical" recipient of the request
From : Indicates the logical identity of the initiator of the request
CSeq : Provide a means to uniquely identify transactions
Call-ID : Acts as a unique identifier to group together a series of messages
Contact : Provides a URI whose meaning depends on the type of request or response it is in.
Via : Indicates the path taken by the request so far and indicates the path that should be followed in routing responses
SIP Message Format
A valid SIP request formulated by a UAC MUST, at a minimum, contain following header fields:
http://www.networksorcery.com/enp/protocol/sip.htm
Presentation_ID 33© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential
INVITE sip:[email protected] SIP/2.0Via: SIP/2.0/UDP 12.26.17.91:5060Max-Forwards: 70To: Bob <sip:[email protected]: Alice <sip:[email protected];tag=1928301774Call-ID: [email protected]: 314159 INVITEContact: <sip:[email protected]>Content-Type: application/sdpContent-Length: 142
SIP Message Format
Request Example
http://www.cisco.com/web/about/ac123/ac147/archived_issues/ipj_6-1/sip.html
Presentation_ID 34© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential
Response Example SIP/2.0 200 OK
Via: SIP/2.0/UDP server10.biloxi.comVia: SIP/2.0/UDP bigbox3.site3.atlanta.comVia: SIP/2.0/UDP 12.26.17.91:5060To: Bob <sip:[email protected];tag=a6c85cfFrom: Alice <sip:[email protected];tag=1928301774Call-ID: [email protected]: 314159 INVITEContact: <sip:[email protected]>Content-Type: application/sdpContent-Length: 131
SIP Message Format
http://www.cisco.com/web/about/ac123/ac147/archived_issues/ipj_6-1/sip.html
Presentation_ID 35© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential
Quiz
SIP Message code basis are ?
Binary
ASCII
What are the Fields of SIP Message ?
SIP Message Format
Presentation_ID 36© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential
SIP Call Flow
Presentation_ID 37© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential
SIP Call FlowFigure 1, Using proxy server
Presentation_ID 38© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential
Figure 2, Using multiple servers
SIP Call Flow
Presentation_ID 39© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential
How are the Codecs negotiated? SDP is the protocol used by the UAs to tell each other what codecs they
support. SDP is embedded into the SIP Messages.SDP is intended for describing multimedia sessions for the purposes
of session announcement, session invitation, and other forms of multimedia session initiation
SDP, defined in RFC 2327, describes the content of sessions, including telephony, Internet radio, and multimedia applications
SIP Call Flow
Session Descripton Protocol (SDP)
v=0 o=CiscoSystemsCCM-SIP 2000 1000 IN IP4 10.6.2.10 s=SIP Call c=IN IP4 10.6.2.10 t=0 0 m=audio 24580 RTP/AVP 0 101 a=sendrecv a=rtpmap:0 PCMU/800
http://www.ietf.org/rfc/rfc2327.txt
Presentation_ID 40© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential
Media streams: A session can include multiple streams of differing content. SDP currently defines audio, video, data, control, and application as stream types.
Addresses: SDP indicates the destination addresses, which may be a multicast address, for a media stream.
Ports: For each stream, the UDP port numbers for sending and receiving are specified.
Payload types: For each media stream type in use (for example, telephony), the payload type indicates the media formats that can be used during the session.
Start and stop times: These apply to broadcast sessions, for example, a television or radio program. The start, stop, and repeat times of the session are indicated.
Originator: For broadcast sessions, the originator is specified, with contact information. This may be useful if a receiver encounters technical difficulties.
http://www.cisco.com/web/about/ac123/ac147/archived_issues/ipj_6-1/sip.html
SIP Call FlowSDP Information :
Presentation_ID 41© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential
Why SDP is used ?
SIP Call FlowQuiz
Presentation_ID 42© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential
SIP Security Internet Telephony uses a variety of signaling protocols,
such as H.323, SIP, MGCP and MEGACO, for initiating VOIP calls.
SIP, like other Internet Protocols, is vulnerable to known Internet attacks.
VOIP suffers from all known attacks associated with any Internet application or subsystem
SIP Security Mechanisms
Saverio Niccolini, Ph. D.Research Staff Member @ Network Laboratories NEC Europe Ltd
Presentation_ID 43© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential
SIP Client-A drops the call just initiated
SIP Security Mechanisms
Saverio Niccolini, Ph. D.Research Staff Member @ Network Laboratories NEC Europe Ltd
DoS Attack
Presentation_ID 44© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential
Call Hijack
SIP Security Mechanisms
Saverio Niccolini, Ph. D.Research Staff Member @ Network Laboratories NEC Europe Ltd
Threats
Presentation_ID 45© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential
Identity TheftSIP Security Mechanisms
Saverio Niccolini, Ph. D.Research Staff Member @ Network Laboratories NEC Europe Ltd
Presentation_ID 46© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential
Registration and call signaling/media should be authenticated
End-to-end
- Digest authentication (challenge - response)
- S/MIME Hop-by-hop
- TLS, IPsec
- SIPS
SIP Security Mechanisms
Presentation_ID 47© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential
Ways to ensure signaling security in SIP: HTTP Digest: prone to eavesdropping, replay, and MiTM attacks.
Provides authentication only.
TLS: Hop-by-hop SIP transport security; not end-to-end! Provides confidentiality, authentication, encryption.
S/MIME : End-to-end signaling and body security. Provides confidentiality, authentication, encryption.
IPSec: Layer 3 security. Provides confidentiality and encryption.
SIP Security Mechanisms
Presentation_ID 48© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential
Quiz
Which are Hop-by-hop / End-to-end SIP transport security?
TLS
IPSEC
HTTP Digest
S/MIMe End-to-end
SIP Security Mechanisms
Presentation_ID 49© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential
Presence, Instant Messaging and Voice
Thank You Hussam El Kebbi
Presentation_ID 50© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential
Presentation_ID 51© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential
Presentation_ID 52© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidentialhttp://www.cs.columbia.edu/IRT/sipc/doc/html/images/monitor.png
Presentation_ID 53© 2007 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialCCNP: Optimizing Converged Networks v5.0NT, Chapter 2
Presentation_ID 54© 2007 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialCisco Interfaces
BRI
T1
EI
Presentation_ID 55© 2007 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialCCNP: Optimizing Converged Networks v5.0NT, Chapter 2
Presentation_ID 56© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidentialhttp://www.cisco.com/univercd/cc/td/doc/product/voice/sipsols/biggulp/bgsipov.pdf
Presentation_ID 57© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidentialhttp://www.tech-invite.com/Ti-sip-abnf.html
Presentation_ID 58© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential
SIP Components / Servers / Services
SIP User Agents
Registrar RedirectLocation
Database
SIP Proxy
SIP Servers /Services
REGISTER“Here I am”
INVITE“I want to talk
to another UA”
Proxied INVITE“I’ll handle it for
you”
“Where is this name/phone#?”
3xx Redirection“They moved,
try this address”
SIP User Agents SIP-GW
http://www.cisco.com/