You are on page 1of 38

Session initiation protocol Team 18

COLLEGE OF ENGINEERING

CMPE-208 NETWORK ARCHITECTURE AND PROTOCOLS


FALL-2017

PROJECT REPORT ON
SESSION INITIATION PROTOCOL
Submitted to:

Prof. Shai Silberman


Submitted by:

Kodati Rahul Rao (011419148)


Mahesh Saripalli (011476218)
Saloni Kajale (012438998)
Gowtham Katari (011815557)

(TEAM – 18)

1
Session initiation protocol Team 18

TEAM CONTRIBUTION

We are enthusiastic to present our Project analysis on Session Initiation Protocol (SIP) after an
earnest study of numerous protocols in the class. We can’t thank our Professor Shai Silberman
enough for the guideline and the teaching that he provided us to express ourselves and sharpen
our technical edge. We appreciate the way in which the laboratory submissions were designed
to understand the pragmatic face of the protocols in profound depth.
We the team members – Rahul, Mahesh, Gowtham and Saloni performed the analysis on one of
the most famous application- Skype and observed that Ekiga and Xlite will be more efficient to
analyze the Session Initiation Protocol.
We have setup the environment on a Windows as well as a Mac system and collected the
information from various resources. Additionally, we have also performed Wireshark analysis
and captured the SIP packets.
We also took a deep dive in understanding the flow of SIP packets and what patterns they
follow.

2
Session initiation protocol Team 18

Overview

VoIP stands for Voice over Internet protocol which is one of the latest and most exalted
technologies being used. It enables one to make and receive calls via. the Internet instead of
using the PSTN(Public Switched Telephone Network) lines. It is being pushed out for
commercial use since the last ten years. With the increasing cost of using a telephone network,
it became necessary to have an alternative for reducing the cost. VoIP thus plays a key role in
reducing this cost as well as provides the user with the facility of communicating with a person
over a distant area.
A Session Initiation Protocol (SIP) is a connection management protocol usually used to
initiate a session over a VoIP network. It is a standard IETF protocol for signalling and it runs
on top of several different transport protocols. A web protocol is simply a rule book that
governs the particular elements in technology that speak to each other. It makes sure that all the
elements talk with each other in the same language. SIP and VoIP simply govern the setup and
the transmission of voice calls over the Internet. Session Initiation plays the main role in an IP
system.

3
Session initiation protocol Team 18

Table of Contents

1. Lab Setup
1.1 Wireshark Installation…………………………………………………...05
1.2 Installing Ekiga ………………………………………………………....07
2. Introduction
2.1 IP System …...……………………………………………………..…..09
2.2 Types of PBX …………………………………………………….…...11
2.3 VoIP………………………………………………………….………...12
2.4 Advantages of VoIP…………………………………………...……….13
2.5 Applications………………………………………………..……….….14
3. About Ekiga ………………………………………………………………..15
4. Session Initiation Protocol
4.1 SIP overview ……………………………………………………….....16
4.2 Reason for selecting SIP………………………………….…………...18
4.3 SIP architecture …………………………………………………….....19
4.4 SIP REQUEST messages.………………………………...…………...20
4.5 SIP RESPONSE messages.……………….…………………………....22

5. SIP Implementation
5.1 SIP Wireshark analysis on Ekiga.net …….………………………..…..26
5.2 SIP scenarios……………....…………………………………………....28
5.3 SIP invite message header format……………………………………....30
6.SIP Security Issues………………………..……………………………………32
7.Difficulties faced……………..………..………………………………………..35
8.RFC Standards……...………………...………………………………………..36
9.Conclusion …………………………..………………………………………….37
10.References ……….…………..……………………………………….………38

4
Session initiation protocol Team 18

1. Lab Setup

● Operating System: Windows OS.


● Tool used : Wireshark
● Application Used: Ekiga

1.1 Wireshark Installation


● The analysis of the Session Initiation Protocol is performed on a Windows system
● The assessment is carried out on WIRESHARK which is an open source tool for network
and packet analysis.
● Wireshark is downloaded and installed from www.wireshark.org . Follow all the defaults
● After launching Wireshark a screen should appear like the one shown below:

Figure: Wireshark User Interface

5
Session initiation protocol Team 18

Figure: Different Telephony options available in Wireshark

6
Session initiation protocol Team 18

1.2 Installing Ekiga:


Download and install the application from the link given below: http://ekiga.org/download-ekiga-
binaries-or-source-code

Follow all the defaults.


You will get a chat window like the one shown below:

The next steps is to create a sip account.


This can be done from the link provided below:
https://ekiga.im/?page=register

7
Session initiation protocol Team 18

Provide the account details with which you have registered from the above link by clicking the
edit and then the configurations button:

Fig: Registering Ekiga account using SIP address

You should be able to see that the status has been changed to Registered as shown below

8
Session initiation protocol Team 18

2.Introduction:

2.1 IP system:

IP systems are designed to make telephone calls over the internet .


The IP systems can communicate with :
● Other IP systems
● Traditional networks
● via. the mobile networks
Thus, they are designed to communicate with different devices.

Usually, telephone calls are made using circuit switching networks where we create a dedicated
channel called a circuit for the duration of the transmission.

9
Session initiation protocol Team 18

When you lift the handset and initiate the communication with the network you hear a dialing
tone that signifies you are in contact with the public network. This public network will then
transfer your call when the recipient answers it thus, establishing a closed circuit.
And the circuit remains open throughout the rest of the communication process.

With IP systems we use a technique called packet switching where the data is broken down into
small packets which are transmitted via. the Internet. These packets take different paths but they
end up at the recipient's phone. Once the packets arrive at the recipient's side they are
reassembled into the caller’s voice .

10
Session initiation protocol Team 18

2.2 Types of Private Branch Exchange (PBX) :


When a user initiates a telephone call his extension will be linked to a public telephone system
and this telephone system will make the call via either a traditional line or a mobile network or
via the Internet to the person you are trying to get reach. This system is known as a PBX or a
Private Branch Exchange System. It combines both the traditional and IP telephony system. It
is usually located in the physical premises.
Another type of PBX is a Hosted PBX. A Hosted PBX is also located in the user’s premises but
is hosted on the cloud .
If you want to introduce the Internet in the communication there are a number of parameters
that you need to consider. These include the following :

11
Session initiation protocol Team 18

● Bandwidth : To make sure that there is sufficient range of frequencies within a given
band.
● Router : To check that your router has the capability, quality and power it needs for
making calls over the Internet. A large number of IP systems are let down by using a poor
router
● Data: In case of data there are number of parameters to be taken into account. This
includes voice data and data in the form of emails. In some cases voice and email will
have equal priority and in some other cases voice data is given more priority over email
data. Emails and voice data have separate internet connection inside the company.
There are a wide range of phones and devices that you can use to make telephone calls.
Some of the devices are
● IP phone : These phones have all the software and hardware to directly connect to your
router. It looks like a traditional phone . It has all the functionalities like call forwarding ,
hold , speed dial etc.
● Wi-Fi phones: These phones connect with your router wirelessly unlike IP phones
which make use of wires to do so.
● Softphone : This is actually a virtual phone which you can operate on your laptop. It uses
the mic and speakers of your laptop . It looks and functions like a phone. Ekiga and Xlite
are the two most commonly used softphones .

2.3 VoIP
VoIP is a technology that allows you to make voice calls using an Internet connection instead of
using a regular phone line. The voice that comes through VoIP is digitized in order to be routed
across the Internet. In the traditional networks like 3G we have circuit switched and packet
switched networks for handling data and voice respectively. When it comes to LTE networks it
is completely packet switched or IP based. There is no circuit switched network for handling
calls for LTE. For this reason , we have a separate service based IMS network. So if the call is
made using IMS network then it is called VoIP.
In traditional systems like GSM and UMTS SS7 signalling protocol is used for carrying the
signalling messages. This is done by SIP protocol between LTE and IMS networks.

12
Session initiation protocol Team 18

There are two digital coding standards that are most commonly used for VoIP:
1. H.323
2. SIP

2.4 ADVANTAGES OF MAKING TELEPHONE CALLS OVER THE INTERNET


(Advantages of VoIP):
● The main advantage of VoIP is it can be easily installed and configured.
● VoIP phones are easy to maintain .
● The main advantage of VoIP is that we can increase the number of phones in a particular
area after installation of some phones. i.e. phones can be scaled up and down easily .
● Using the telephone network only two people can communicate at a time but because of
VoIP more than two people can communicate simultaneously at a time .
● Hardware and software required for VoIP phones are way cheaper than a normal
telephone. Just a normal computer with an internet connection serves the purpose .

13
Session initiation protocol Team 18

2.5 Applications:

● Softphones (Ekiga, Xlite,....)


● Voice Mail
● Back to Back user agent(B2BUA)
● Proxy server
● Chat rooms

14
Session initiation protocol Team 18

3. ABOUT APPLICATION EKIGA :


Ekiga formerly known as Gnome Meeting is a VoIP, IP Telephony, and Video conferencing
application that allows you to make audio and video calls to remote users using SIP or H.323
compatible hardware and software. It is one of the most commonly used softphone around the
world.
Ekiga is the first open source application to support both H.323 and SIP, as well as audio and
video
It has similar advantages as Skype. It is mostly commonly used in VoIP applications. It uses
SIP address in order to communicate with other SIP compatible softphones.
Using Ekiga a user can connect with other user if he knows the SIP id of the other user.
The source code can be downloaded from https://ekiga.im/index.php?page=register
Ekiga supports many audio and video codecs and all modern VoIP features for both SIP and
H.323.

15
Session initiation protocol Team 18

4. SESSION INITIATION PROTOCOL


4.1 Session Initiation protocol Overview:

Figure: Session Initiation Protocol

Session Initiation Protocol most commonly known as SIP is an application layer protocol. It is
concerned with the advance signalling and control functionality of multimedia devices in the IP
network .
It can also be used for things like instant messaging ,generating alerts ,event notifications etc. It
is an attractive protocol just as HTTP .Session Initiation protocol is a text based transfer of
messages type of protocol although it is not a transfer protocol in the sense that it is only used
for such text based signalling is used for connection setup .once the connection has been
established the rest of the things like media streams are taken care by other protocols .
SIP is used to setup and start the VoIP communication. The main advantage of SIP is that it
does not reserve resources or assume real or virtual circuits to start a communication.
SIP messages are text-based and easier to process than those used in other VoIP protocols. SIP
uses the following standards to provide basic functionality:

16
Session initiation protocol Team 18

Session Description Protocol (SDP) (RFC 2327) – used to define parameters for the media
session.
· Real-time Transport Protocol (RTP) (RFC 3550) – used to transport the media.
· RTP Control Protocol (RTCP) (RFC 3550) – used to transmit control data for the RTP
stream.
· Compressors/Decompressors (CODECS) – used to encode and compress the media.
· Feature standards – SIP is highly extensible, with many supporting standards used to define
feature implementation. See RFC 3665 for an example.
· Following figure illustrates the protocol

17
Session initiation protocol Team 18

4.2 REASON FOR SELECTING SIP:


With the growing distance between people some of the most famous applications like Skype
came into picture . We found awesome about the application an gave a thought that how an
application works behind the scenes, Thus we have found SIP is used to initialize the
communication.
over the internet . And it is one of the most important application layer protocol. And it also
used by many companies like cisco.

18
Session initiation protocol Team 18

4.3 SIP architecture :

Common terms used in SIP :


Request/Response transaction model between end points are called User agents
User Agent: entity that performs both UAC and UAS
UAC(User Agent Client ): the one which sends SIP requests
UAS(User Agent Server ): the one which receives SIP Requests and returns responses

19
Session initiation protocol Team 18

SIP messages :
4.4 SIP REQUESTS MESSAGES:
INVITE : This message indicates that a client is being invited to participate in a session
ACK: This message confirms that aa client has receives final response to an INVITE request
BYE :Terminates the call and can be sent by either the caller or the callee
CANCEL :this message cancels any pending requests
OPTIONS: Queries the capabilities of servers (OPTIONS Ping )
REGISTER :Registers the address in the To Header field with a SIP server
PRACK : this message is known as Provisional Acknowledgement
SUBSCRIBE: This message subscribes for an event or Notification
NOTIFY: This message Notifies the subscriber of a New Event
PUBLISH : This message publishes an event to the server
INFO: This message sends mid-session information that does not modify the session date
UPDATE :This message modifies the state of a session before a final response is received
MESSAGE :This message Transport instant messages using SIP
REFER :This Message ask Recipient to issue a SIP Request mostly used for call transfer

20
Session initiation protocol Team 18

Figure: SIP REQUESTS available in Wireshark

21
Session initiation protocol Team 18

4.5 SIP RESPONSE MESSAGES:


Provisional (1xx): This responses are when sender stops sending INVITES
● 100 Trying : client has received the INVITE message
● 180 Ringing: Destination user agent has received the INVITE and is alerting the user
● 183 Session in Progress : used to send extra info for a call which is still being set up
Success(2xx):This message indicates that the session is being received understood and accepted
● 200 OK: Indicates the request was successful
● 202 Accepted: Indicates that request is accepted for processing
Redirection (3xx): This message redirects further action needed
● 301 Moved permanently: Original requested URI is no longer valid
● 302 Moved temporarily: requested URI may expires

Client Error (4xx): This message indicates that there is an error in client and was not able to
fulfil the request
● 401 Unauthorized: Requested URI requires user authentication

● 403 Forbidden: This type of response is given when the server has understood the
requested service but refused to fulfil the request.

22
Session initiation protocol Team 18

● 404 Not Found : The response indicates that the user Requested URI is not exist in the
domain.

● 408 request timeout: This response indicated that caller couldn’t find the user with in
specified time.

● 480 Temporarily Unavailable: This response is used to indicate that server is not able
to reach the called party either is not available due to not logging in or has enabled the
do not disturb feature.

● 481 Transaction does not exist: This response indicates that sent request does not match
with any of the existing transaction.

● 484 Address Incomplete: This response indicate that server has received the request
with in complete URI

23
Session initiation protocol Team 18

● 486 Busy Here: This response indicates that called party is busy.

● 487 request terminated :This response indicated that request has been terminated.

Server Error (5xx): This message indicates that the server is failed to fulfil an apparent request
● Service Unavailable (503): This response indicates that server is under maintenance or
overloaded by requests.

● 504 Server Timeout: This response indicates , while processing request external server
does not receive response on time.

● 505 Version not supported: This response indicates that SIP version is not supported by
server.

Global Failure (6xx): This message indicates that the request cannot be fulfilled at any server
● 603 Decline : User does not want to participate in the session.

24
Session initiation protocol Team 18

Figure: SIP RESPONSES available in Wireshark

25
Session initiation protocol Team 18

5. SIP IMPLEMENTATION

5.1 SIP Wireshark analysis on Ekiga.net

Basic Sip Call Flow:

Call Initiation: A simple scenario is used to demonstrate the exchange of sip messages to
establish a session. A simple call is carried out using two ekiga open source soft phones as
endpoints. A call was placed using the SIP URI called Uniform Resource Identifier. Below is
the captured Wireshark of the call.

The timeline capture is depicted below :

10.250.223.35 86.64.162.35

26
Session initiation protocol Team 18

The SIP URI is just like an email address consisting of username and host name.

Called party SIP URI: kodati1995@ekiga.net

Calling party SIP URI: maheshsaripalli@ekiga.net

27
Session initiation protocol Team 18

5.2 SIP scenario:

Case 1 : When both the users answer the call

In this case one user sends an invite message to the other person. The user should know the sip
id of the user he is trying to connect to. Once a successful connection is established the two
users can communicate with each other.

Case 2 : When the user doesn’t answer the call

In this case when the user requests to connect to the other user the status changes to ringing and
stays in the same state as there is no answer from the other end.

28
Session initiation protocol Team 18

Case 3 : When the user is offline

In this case when one user tries to connect with the other user he gets a request timeout error as
the other person is offline.

29
Session initiation protocol Team 18

5.3 SIP Invite message header format

INVITE MESSAGE: A session is initiated using an INVITE message, which contains the no
of header fields.

Via: This field in the header consists of sip version, branch parameter that identifies transaction
and the Ip address at which it wants to receive the responses.

Contact: This field in the header indicates the address at which the calling party can be
contacted. This is the address used by the other ends to send future requests.

From: This field in the header indicates the calling party’s username and SIP URI
(maheshsaripalli@ekiga.net) along with the tag value, which is randomly generated.

To: This field in the header indicates the called party’s username and SIP
URI(kodati1995@ekiga.net).

Call-ID: It’s a Unique ID generated by the calling party, which is used by both the parties to
identify a particular session.

30
Session initiation protocol Team 18

Cseq: This field indicates the method being used along with the unique number. This number is
incremented whenever a new request is sent.

Content Type: This field in the header indicates the body type in SIP which is mostly
SDP(session description protocol).

Content length: This field in the header indicates the length of the message body in octets.

31
Session initiation protocol Team 18

6.SECURITY ISSUES :
SIP still uses User datagram protocol (UDP ) which is a connectionless service . UDP does not
allow retransmissions. so it is easy for the attacker to spoof the registrar.

Following are some of the security issues regarding SIP:

Registration Hijacking:
Registration hijacking happens when an attacker replaces the original registration with his own
address. This attack causes all incoming calls to be sent to the user agent registered by the
attacker. The following figure illustrates registration hijacking.

Figure : Registration Hijacking


Proxy impersonation:
Proxy impersonation happens when an attacker modify the proxy with a fake proxy or modify
the SIP user agent. If the attack was successful, then the attacker has the full control on SIP
messages.

32
Session initiation protocol Team 18

The following figure illustrates proxy impersonation:

Figure: Proxy impersonation

Message Tampering:
Message tampering is one of the special cases of where the attackers tries to modify the SIP
messages. It can occur through Proxy impersonation or registration hijacking.
The following figure illustrates message tampering:

33
Session initiation protocol Team 18

Figure: Message Tampering

SIP messages have no built-in means to insure integrity. By manipulating SIP messages, an
attacker can execute the same types of attacks described for registration hijacking and proxy
impersonation.

34
Session initiation protocol Team 18

7. Difficulties encountered:
We have faced issue in using application Ekiga in MAC where we try to give sip address the
application was unable to register the sip address unlike in case of Windows PC .
So we used another application called Xlite to demonstrate SIP in MAC .

The following figure shows the interface of the Application XLite that we have used on a Mac
System

Figure: Interface of the application X-Lite

35
Session initiation protocol Team 18

8. STANDARDS USED:

RFC 3261 - SIP(Session Initiation protocol)


RFC 2327 - SDP(Session Description Protocol)
RFC 3550 - RTP(Transport Protocol for real time applications)
RFC 4566 - SDP(Session Description Protocol)

36
Session initiation protocol Team 18

9. CONCLUSION

The project extensively taught the team about the Session Initiation Protocol. A number of
protocols were analysed with which a VoIP can be established, and a motivation to use SIP to
do so was presented. That is why SIP stands out.
The team used SIP to establish a VoIP on a Windows based machine. To further analyse the
protocol, the team learnt about the different SIP REQUEST and RESPONSE Messages. This
provided a further understanding of the functionality of each message.
We also observed that since SIP uses name mapping and redirection services , it is possible for
the users to initiate and receive communication and services from any location.
The team also learnt about how SIP provides a seamless transmission of voice and data across
IP and also analysed the flow of SIP over the Wireshark capture
We look forward to more study of this organization where the course was ensconced to provide
a thorough learning of Protocols in a profound and an efficient manner.

37
Session initiation protocol Team 18

10. REFERENCES
● http://www.nexogy.com/blog/7-advantages-of-using-a-voip-phone-system
● https://www.youtube.com/watch?v=m09TZZw0edg&t=182s
● https://www.youtube.com/watch?v=Skn7kwLIxB0&t=239s
● https://www.youtube.com/watch?v=BNESo_SwtNA&t=269s
● https://www.lifewire.com/reasons-for-choosing-voice-over-3426719
● https://ekiga.im/?page=register
● https://www.wireshark.org/download.html
● http://www.counterpath.com/x-lite/
● https://en.wikipedia.org/wiki/Voice_over_IP
● https://www.slideshare.net/santhoshsomu/session-initiationprotocol
● https://www.slideshare.net/habib_786/voice-over-ip-voip-26670219
● http://www.tns.com/voip.asp

38