Thomas Lee Chief Architect Global Knowledge EMEA UNC404.
-
Upload
jacob-miles -
Category
Documents
-
view
221 -
download
0
Transcript of Thomas Lee Chief Architect Global Knowledge EMEA UNC404.
SIP: Naked in All Its GloryThomas LeeChief ArchitectGlobal Knowledge EMEAUNC404
Agenda
IntroductionSIP OverviewTCP/IP StackSDPRTPSIP – RegisterSIP – InviteSIP – MessageTroubleshooting
Introduction
Why this talk?Why does SIP matter?Expectations
Who Am I?
Chief Architect at Global KnowledgeAuthor/Writer
Who Am I?
Chief Architect at Global KnowledgeAuthor/WriterBlogs:
http://cacorner.blogspot.comhttp://tfl09.blogspot.comhttp://pshscripts.blogspot.com
My email: [email protected]
Tools We’ll Use
WireSharkSnooperOCS 2007 and OCS 2007 R2Pre-canned Traces
Sample Traces uploaded to: http://www.reskit.net/ocs/ocs.zip
Agenda
IntroductionSIP OverviewTCP/IP StackSDPRTPSIP – RegisterSIP – InviteSIP – MessageTroubleshooting
SIP Overview
What is SIP?A signalling protocol for IM, presence, conferencing and voice
Carried over TCP and TLS in OCS 2007Usually carried in TLS/TCP, can be carried in TCPIPv4 only - at present
Text basedSimilar to SMTP, HTTPText headers plus bodyBody type described in header
SIP and RFCs
Lots, lots, lotsStarting point: RFC 5411 - “A Hitchhiker's Guide to the Session Initiation Protocol (SIP)”
SIP RFCs (some)
RFC 3261 – The Session Initiation ProtocolRFC 3262 – Reliability of Provisional ResponsesRFC 3263 – Locating SIP ServersRFC 3264 – Offer/Answer Model with SDPRFC 3265 – SIP Event NotificationRFC 2976 – The SIP INFO Method
SIP RFCs (some)
RFC 3261 – The Session Initiation ProtocolRFC 3262 – Reliability of Provisional ResponsesRFC 3263 – Locating SIP ServersRFC 3264 – Offer/Answer Model with SDPRFC 3265 – SIP Event NotificationRFC 2976 – The SIP INFO Method[SIMPLE] - SIP Instant Message and Presence Leveraging Extensions (SIMPLE) made Simple
http://www.ietf.org/internet-drafts/draft-ietf-simple-simple-05.txt
Microsoft and SIP
Microsoft has extended SIP and related protocolsThese extensions are well documented!Microsoft Office Protocol Documentshttp://msdn.microsoft.com/en-us/library/cc307432.aspxOr http://tinyurl.com/c3wuae
For OCS, start at:[MS-OCSPROT]: Office Communications Server Protocols Overview
SIP Entities
Entities send request messages and/or receive response message(s) Entities include:
User Agent – aka EndpointProxy ServerRedirect ServerRegistrar ServerPresence Server
SIP Messages
Header Structure similar to HTTPBody can be anything (SDP, Presence XML)Body type indicated by the headerRequest messages start with a Start Line requesting somethingResponse messages return a response code (plus an optional body)
SIP Message Parts
Start LineMETHOD (i.e. The request)URI
Message Headers<headername> : <header value>
Blank LineBody
SDPMIMEXML
SIP Request Messages
REGISTER - LogonSUBSCRIBE – requests for presence, etcNOTIFY – notifies change in presence, etcINVITE – request for a conversation ACK – affirmation a previous msg receivedBYE – Ends a conversation gracefullyCANCEL – cancels less gracefullyOPTIONS – stuff a User Agent can offerMESSAGE – IM Message
SIP Messages - Response
Provisional1xx – ringing, searching, queuing
Final2xx – success 3xx – redirection or forwarding4xx – request failure5xx – server failure6xx – global failure
Example SIP Message
Start-Line: REGISTER sip:gktrain.net SIP/2.0From: <sip:[email protected]>;tag=6b2c500b2d;epid=24eae58f68To: <sip:[email protected]>CSeq: 2 REGISTERCall-ID: 068878a83a6e4da0b35bfb8b5b7cfc5eVia: SIP/2.0/TLS 10.100.100.100:24195Max-Forwards: 70Contact: <sip:10.100.100.100:24195;transport=tls;ms-opaque=8d8d3eab21>;methods="INVITE, MESSAGE, INFO, OPTIONS, BYE, CANCEL, NOTIFY, ACK, REFER, BENOTIFY";proxy=replace;+sip.instance="<urn:uuid:791FC487-A7AC-5A07-BA5C-0AAD4F06C921>"User-Agent: UCCAPI/3.5.6907.0 OC/3.5.6907.0 (Microsoft Office Communicator 2007 R2)Supported: gruu-10, adhoclist, msrtc-event-categoriesSupported: ms-forkingms-keep-alive: UAC;hop-hop=yesEvent: registrationProxy-Authorization: Kerberos qop="auth", realm="SIP Communications Service", targetname="sip/OCSEE.gktrain.net", version=4, gssapi-data=“ Deleted!"Content-Length: 0Message-Body: –$$end_record
Agenda
IntroductionSIP OverviewTCP/IP StackSDPRTPSIP – RegisterSIP – InviteSIP – MessageTroubleshooting
SIP And The TCP/IP Stack
SIP is an APPLICATION PROTOCOLSIP is carried by a transport protocol
TLS/TCP or TCPTransport Protocol carried in datagram protocol
IPv4IPv6 not supported
IP is carried in a physical layer protocolEthernetOr...
Why Use TCP?
UDP part of SIP RFCs, but...UDP “unreliable”TCP includes retry mechanismUDP has limited size packets
OCS Sends large XML presence documentsTCP can be secured
Using TLS
Why TLS?
SIP originally UDP basedCan’t be secured
SIP can be carried in TCPInsecure, Insecure, Insecure
TLS encrypts Requires a PKI!
Why?Security, security, security
Examining SIP using WireSharkdemo 1
Agenda
IntroductionSIP OverviewTCP/IP StackSDPRTPSIP – RegisterSIP – InviteSIP – MessageTroubleshooting
SDP – Session Description Protocol
Text based Originally used on MBoneUsed to specify RTP SessionsCan negotiateCarried in body of SIP messageUsually seen in Invite and 200 OK messages
SDP RFCs
RFC 2327 - SDP: Session Description ProtocolRFC 3264 - An Offer/Answer Model with SDPRFC 3311 - SIP UPDATE MethodLook at MS Protocol documents too
Sample SDP – in IM Invite
v=0o=- 0 0 IN IP4 10.100.100.100s=sessionc=IN IP4 10.100.100.100t=0 0m=message 5060 sip nulla=accept-types:text/plain multipart/alternative image/gif text/rtf text/html application/x-ms-ink application/ms-imdn+xml text/x-msmsgsinvite
SDP Sample – Invite for Phone Callv=0o=- 0 0 IN IP4 16.0.0.100s=sessionc=IN IP4 16.0.0.100b=CT:99980t=0 0m=audio 63488 RTP/AVP 114 111 112 115 116 4 8 0 97 101k=base64:SUi3f4QkyWbNmf7KBimV2MQMnMJncGc5Pj+3G8iTCQVOJn+7MM/0mRdsYLDra=candidate:917TIvZhmZbBU4T//p3jlck05H0S2pUd7Muzz4GDkZE 1 To4CceJ4l+1/tAiH3hQw6g UDP 0.900 16.0.0.100 63488 a=candidate:917TIvZhmZbBU4T//p3jlck05H0S2pUd7Muzz4GDkZE 2 To4CceJ4l+1/tAiH3hQw6g UDP 0.900 16.0.0.100 28416 a=cryptoscale:1 client AES_CM_128_HMAC_SHA1_80 inline:0obtBkF7k+iljDXOL+8sJBUZ/OmNclZhxjFBCyqw|2^31|1:1a=crypto:2 AES_CM_128_HMAC_SHA1_80 inline:ixW+BiAyYe12QLbPjoH91gy7xmcSu6vGeYdhit3Z|2^31|1:1a=maxptime:200a=rtcp:28416a=rtpmap:114 x-msrta/16000a=fmtp:114 bitrate=29000a=rtpmap:111 SIREN/16000a=fmtp:111 bitrate=16000a=rtpmap:112 G7221/16000a=fmtp:112 bitrate=24000a=rtpmap:115 x-msrta/8000a=fmtp:115 bitrate=11800a=rtpmap:116 AAL2-G726-32/8000a=rtpmap:4 G723/8000a=rtpmap:8 PCMA/8000a=rtpmap:0 PCMU/8000a=rtpmap:97 RED/8000a=rtpmap:101 telephone-event/8000a=fmtp:101 0-16a=encryption:optional
Examining SIP/SDP Traffic Using Snooperdemo 2
Agenda
IntroductionSIP OverviewTCP/IP StackSDPRTPSIP – RegisterSIP – InviteSIP – MessageTroubleshooting
RTP: Real-Time Transport Protocol
Not Real-Time Protocol!Carries A/V samplesThin headerRuns over UDPSecured using SRTP
MS Extension: SSRTP
RTP RFCsRFC 3550 - RTP: A Transport Protocol for Real-Time ApplicationsRFC 3551 - RTP Profile for Audio and Video ConferencesRFC 3711 – Secure Real-time Transport ProtocolRFC 2198 - RTP Profile for Audio and Video ConferencesRFC 4733 - RTP Payload for DTMF, etcRFC 2190 - RTP Payload Format for H.263 Video Streams
RTP Packet Structure
Agenda
IntroductionSIP OverviewTCP/IP StackSDPRTPSIP – RegisterSIP – InviteSIP – MessageTroubleshooting
SIP – Register
Register – what a client does to “logon”Initial register always fails (unauthenticated)SSO attempted (if appropriate)Third time lucky
Look at post sign-on activity
Examining REGISTERdemo 3
Agenda
IntroductionSIP OverviewTCP/IP StackSDPRTPSIP – RegisterSIP – InviteSIP – MessageTroubleshooting
Sip – Invite
Invite – invites an endpoint into a conversation
Invite can invite intoIM SessionA/V CallConference
ResponsesProvisional ResponsesFinal 200 OK responseFinal non-OK responses
Examining INVITEdemo 4
Agenda
IntroductionSIP OverviewTCP/IP StackSDPRTPSIP – RegisterSIP – InviteSIP – MessageTroubleshooting
SIP – Message
Message is an IM Message – part of an IM ConversationMessage contents are sent in rich text (HTML)Snooper removes PII (i.e. the message itself)File transfer is interesting!
Examining MESSAGE, etcdemo 5
Agenda
IntroductionSIP OverviewTCP/IP StackSDPRTPSIP – RegisterSIP – InviteSIP – MessageTroubleshooting
SIP Troubleshooting
For the most part, not much you can really do to troubleshoot SIP
If it works – well it worksIf it doesn’t – call MS – it’s a bug
Knowing what to look for can help in OCS troubleshooting
Determine what is normalLook for the differences
SIP TroubleshootingPotential
Check correct version of the clientEnsure client can connect to server(s)Confirm ports and IP addressesCheck ICE candidatesCODEC selectionUnknown contactsCertificate errorsetc
An Interesting Problem
On DC – replication was turned offOCS relies on GC
New user createdNo GC replication
User did not get proper Location ProfileNo obvious errors in event log
Snooper trace helped to point to AD
Summary
IntroductionSIP OverviewTCP/IP StackSDPRTPSIP – RegisterSIP – InviteSIP – MessageTroubleshooting
questions & answers
www.microsoft.com/teched
Sessions On-Demand & Community
http://microsoft.com/technet
Resources for IT Professionals
http://microsoft.com/msdn
Resources for Developers
www.microsoft.com/learningMicrosoft Certification and Training Resources
www.microsoft.com/learning
Microsoft Certification & Training Resources
Resources
More Resources
OCS Learning Plan - http://tinyurl.com/cwp27h and http://tinyurl.com/23w3l6 OCS R2 Resource Kit - http://tinyurl.com/cxv6gw R2 Learning Portal - http://tinyurl.com/cmo54sOCS R2 Ignite - http://www.globalknowledge.be/pdf/GKOCS.pdf
Related Content
UNC201 – Lap around Release 2 of the Microsoft Unified Communications PlatformUNC303 Deep Dive into the Edge Server in Microsoft Office Communications Server 2007 R2UNC304 Deploying Administering, and Managing Microsoft OCS 2007 R2UNC232 – Troubleshooting Microsoft Communications Server 2007
Call to ActionLearn More!
Related Content at TechEd on “Related Content” SlideAttend in-person or consume post-event at TechEd Online
Check out online learning/training resourceshttp://technet.microsoft.com/exchange/2010 http://technet.microsoft.com/office/ocs
Try It Out!Download the Exchange Server 2010 Beta Evaluation
http://www.microsoft.com/exchange/2010/try-it
Get a 5-Day Trial of Office Communications Server 2007 R2https://r2.uctrial.com/
Complete an evaluation on CommNet and enter to win!
© 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS,
IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.