SIP is a peer-to-peer protocol where the roles client – server and exchangeable depending on who starts a session. In reality most deployments foresee a process called registration (method: REGISTER) which allows a central server (registrar) to store the location of a SIP User-Agent.
A SIP Phone is a client to the central Unified Communication Platform (registrar) – and the UC platform is a client to the SIP Server of the operator (registrar).
Once the SIP Server gets to know the location of an SIP Client, it can deliver calls and other messages to it from other Clients connected to the same Server.
The SIP Server usually requires Authentication and the Client provides it in a following REGISTER message, followed by a confirmation OK that the registration has been saved successfully.
Example of REGISTER message:
REGISTER sip:10.10.1.99 SIP/2.0 CSeq: 1 REGISTER Via: SIP/2.0/UDP 10.10.1.13:5060; branch=z9hG4bK78946131-99e1-de11-8845-080027608325;rport User-Agent: MySipClient/4.0.0 From: <sip:firstname.lastname@example.org> ;tag=d60e6131-99e1-de11-8845-080027608325 Call-ID: e4ec6031-99e1 To: <sip:email@example.com> Contact: <sip:firstname.lastname@example.org>;q=1 Allow: INVITE,ACK,OPTIONS,BYE,CANCEL,SUBSCRIBE,NOTIFY,REFER,MESSAGE, INFO,PING Expires: 3600 Content-Length: 0 Max-Forwards: 70
The message above is a typical REGISTER message. Let’s get familiar with the most important Headers:
- REGISTER – the method being used
- CSeq: incremental counter of the session
- Via: indicates the route taken by a request and the rport indcates the SIP server to use the received port to reply, while the port indicated in the message as NAT / PAT might be working in the middle
- User-Agent: indicates the SIP Client connecting; most devices will indicate here the manufacturer – product name – software version and other information, such as the MAC address
- From: the identity of the caller, it is followed by a tag which must match between all messages of a session
- To: similar to From, in the case of the registration this field is usually the same as From. The tag is missing here but will be filled up by the SIP Server during the reply to the REGISTER
- Call-Id: a unique identifier of this session
- Contact: usually indicates where the reply should go to, if rport was not set
- Allow: indicates the methods supported by SIP Client
- Expires: the desired registration duration in seconds
Rport usage is document in RFC6314. The SIP Proxy honors the ‘rport‘ parameter in the SIP ‘Via’ header and routes the response to the port from which it was sent.
At this point the SIP Server will reply with an authentication request:
SIP/2.0 401 Unauthorized Via: SIP/2.0/UDP 10.10.1.13:5060; branch=z9hG4bK78946131-99e1; received=10.10.1.13;rport=5060 From: <sip:email@example.com>; tag=d60e6131-99e1-de11-8845-080027608325 To: <sip:firstname.lastname@example.org>;tag=as5489aead Call-ID: e4ec6031-99e1 CSeq: 1 REGISTER User-Agent: My PBX Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY Supported: replaces WWW-Authenticate: Digest algorithm=MD5, realm="mypbx", nonce="343eb793" Content-Length: 0
Most headers are repeated here, let’s see how some of them are different in the reply or are new:
- 404 Unauthorized
- To: now includes a tag generated by the remote user-agent
- Via: includes further information such as “received”: the IP address from which the message has been received and rtpo: the port from which the message has been received
- WWW-Authenticate: includes information which must be used by the sender of the REGISTER to authenticate itself in a following REGISTER message. To authenticate, the client will combine the nonce with user and password information and create an MD5 hash out of them.
- Allow: includes the list of methods supported by the server
REGISTER sip:10.10.1.99 SIP/2.0 CSeq: 2 REGISTER Via: SIP/2.0/UDP 10.10.1.13:5060; branch=z9hG4bK32366531-99e1-de11-8845-080027608325;rport User-Agent: MySipClient/4.0.0 Authorization: Digest username="test13", realm="mypbx", nonce="343eb793", uri="sip:10.10.1.99", algorithm=MD5, response="6c13de87f9cde9c44e95edbb68cbdea9" From: <sip:email@example.com>; tag=d60e6131-99e1-de11-8845-080027608325 Call-ID: e4ec6031-99e1 To: <sip:firstname.lastname@example.org> Contact: <sip:email@example.com>;q=1 Allow: INVITE,ACK,OPTIONS,BYE,CANCEL,SUBSCRIBE,NOTIFY,REFER, MESSAGE,INFO,PING Expires: 3600 Content-Length: 0 Max-Forwards: 70 Expires: 3600
The new REGISTER includes a new header Authorization which contains the username, nonce and the response which is the overmentioned hash created from nonce – user and password in order to prevent the password from traveling in plaintext format over the internet.
CSeq has been increased to 2.
After this the server will reply with an OK method or with an error in case the password was not correct.
After a successful registration the Registrar will store the location of the client and use if for further reference. To keep the registration active, the client needs to send a new registration within the expiration timeout.
In the next blog article we will examine INVITE Methods.