Create Initial Protocol with airSlate SignNow

Add initial protocol

hi my name is John Muir's mom and I'm a collaborations instructor for sunset learning in this video I want to talk about sip I'm going to give a brief overview of what sip is how sip functions and then I'm going to use call traces to demonstrate what's it looks like sip is a text based signaling protocol its purpose is to set up modify and teardown sessions it uses a request and response transaction model and what this means is somebody has to ask and somebody has to respond the entities that send these messages are called user agents the user agent client sends the sip requests the user agent server receives the request and sends the sip response here's a list of common sip requests an invite is used when you place a call your phone will send a sip invite request when you're done and you hang up your phone will send a sip by request other requests can be used to subscribe to an event for instance if you want your phone may ask unity connection hey notify me if there is a voicemail so that I can turn my red message waiting indicator light on other requests can be used for instant messaging or call hold or call transfer they're all in capital letters - that's that's a one-way it's nice that the responses are encountered the requests are in capital letters because the responses are numerical the 100-level responses are not acknowledged these are provisional and they simply mean your request was received it's being processed don't send anymore 200 level responses our final the 200 message the 200 okay would mean success we've answered the calls ready to take place it's in process it's in profits the call is is rolling on the 300 level response is sent out my proxy servers and that can mean more action is needed or here's the IP address of where you should go to make your call a 400 level response we've seen 404 errors browsing the web and it's the same thing with sip if you got on wrong number you're going to get a 404 response a 500 level response means the server is not able to fulfill your request it's a valid request but it can't be fulfilled a 600 level response means global failure none of the servers can fulfill the request here's a list of common responses you can go to the internet and do a quick search and you'll see all of the responses and you can save that information for your own personal use when you are troubleshooting it's nice to be able to have an all-inclusive list so whatever response you get you can reference your list and see exactly what that means there are many but to having having the list having the answer sheet it's extremely useful here's an example of a sip call one of the things I like about sip is not only is it simple because it has requests and responses but it's going to be the same on any vendor not not every single deep as I'll demonstrate but in general it's exactly the same regardless of vendor this is a sip call all sip calls look like this so 2002 places a call server one sends an invite server two responds with a 100 provisional trying message when a thousand and one is notified it starts to ring server two sends a 180 response server one can use that to notify 2002 to place ring back tone finally when the user answers server two sends a 200 final response to the request success all responses besides 100 level have to be acknowledged and so we see an acknowledgment request in regards to the final response request response as long as it's not a 100 it has to be acknowledged and that's true with all suit requests and then the call takes place now is one thing I left out and that is exactly what type of call that's determined with the SDP the session description protocol the SDP defines the media the parameters of the call it can be sent by source or destination in fact if it is sent out by source it would be put in the initial invite and I'll demonstrate this soon if the SDP is put in the invite that is called sip early offer and what would happen is the other side would then choose which parameters - that the call should place or should the call the call should use the initiator from one server would put a list of codecs here are the parameters for the call choose one and then server to would choose which codec which parameters to use in an early offer in a delayed offer the invite does not contain the SDP just as a point value and again I will demonstrate this year very soon well somebody's got to define the media and we're leaving it up to the destination in this example the destination would put the SDP in the 200 response and the reason is is because it has to be answered so that is delayed offer the SDP contains descriptions and they're describing and in this example the SDP is being sent out by 250 which is server 1 the media stream should go to dot 130 which is the phone the port to choose the M line there's the media attributes or media description it's going to be audio port real-time protocol audio/video profile payload type 18 that's the codec this being offered and if you don't know what payload type 18 means then you're going to go check your documentation you can go to the web do a search RTP audio video profile here's a Wikipedia page that came up a low type of 0 is g.711 you law which is the United States g7 or payload type of 18 is g.711 a law which is Europe our payload type in this example of 18 is g7 29 so what's being offered in this call is g7 29 until effing event 101 this is simply used as a way to send DTMF digits during the call now demonstrate that here soon so the attributes are used to describe the media 18 G 729 packetization rate or 20 which means 20 milliseconds per packet there's a thousand milliseconds in a second a thousand divided by 20 is 50 so it means 50 packets a second we're going to send and receive and we'll use telephony event 101 when we're going to send any digits and these digits will be any key from 0 to 9 star pound and if your phone has ABCD buttons any of those that are pressed during the call will be sent in a 101 message and will tell the other side hey we're sending you a digit I'll demonstrate that here soon the other side receives that and has to agree to the codecs we're not giving them an option we're listing one codec in this example oftentimes you'll see a list of codec payload types the other side chooses which one it supports and answers here the other side says yep I can speak payload type 18 I accept your terms and so the call proceeds but what I want to do now is demonstrate I want to show you what the sip requests look like what the responses look like what the SDP looks like and then show you a few different ways that I like to get that information what I'm going to be doing our pulling is pulling debugs from a unified border element a cube so in my lab environment I have internal IP phones that are registered to a unified communication server I have a cube configured with dial peers a sip trunk from the server to the cube and then sip dial peers point the queue to the provider in this example the provider is represented with the Cisco IP communicator phone this this is the PSTN so I'll use internal phones to dial out and there will be a sip call and then another sip call and what will happen is the IP communicator will ran these phones you can't see them because they're sitting on my desk however they are registered but there is a third phone there is this a sip x-lite softphone that i've registered and this phone we can see and so again these phones here that we're looking at our these right here and I'm going to use them to call the PSTN so I'm on my queue and I'm going to enter a debug CC sip messages it's my favorite debug sip command shows me everything I want to see I clear my log okay since I'm console din that's all that I have that's all that I need to do if I were talented in I would also have to type terminal monitor if I wanted to see the debug in real time I'm going to go a long distance number I see the debugs coming up in real time okay okay I'm hung up and so the D bugs are still coming there's a lot of messages or come across when it's finished I like to highlight scroll all the way up go to the beginning of the debug open a text file and paste it in it's much easier for me to read the information in a text file so what exactly are we reading well remember we're looking at it from the cubes perspective so we would expect him to receive a sip invite from the Unified Communications Manager and that's our forward that we would expect to see a response from the PSTN and we would forward that we are the middlemen in this example well that's exactly what we see starting off we have received an invite this is the invite that's the number that I dialed and it was sent to the cubes IP address using port 5060 sip version 2 via now via is where the response goes all requests have to be responded to and the via header says hey respond to this IP address and that's the Unified Communications Manager or the UCL server now the branch ID is a number used it's a globally unique number that's used by this user agent to keep track of this the first seven digits mean that this is a globally unique number and these seven digits are on all via headers the first seven digits and they mean that it's the via is using RFC 3261 the from header is from Jane white and notice Jane white and quotes there whatever you type I used phone to whatever you put in the number caller ID and this line right here the caller ID whatever you put there that's what's going to show up in the from header and so that's one place that you can modify there's many places where you can modify this information and then but this is used for caller ID it would be forwarded the end following that it's going to eventually would get it and that would show up on their caller ID if you wanted to mark this call as anonymous then you would take that out put an anonymous and this is what the end phone would see the tag is used this value along with the call ID these values together are a way to globally uniquely identify this dialog notice the tag is in the from header but not on the to header because the two hasn't answered this invite has not been answered yet this is where it's going the phone number that I dialed is being sent to the cube the cube of course then takes over and passes it on but this message shows the invite being sent to the cube the date the call ID value that's used to identify the dialogue now many of these headers each of these are called headers and many of these are optional in different vendors have different to our ways or different methods of putting these headers in part of what a cube can do is normalize it can take headers from one message change them fix them so the third the same as what the other side is expecting we don't have to do that in this example but that certainly is something that cubes can do a lot of so we can read each one of these lines is what I want you to see I want you to see the call ID value what features are supported by the user the user agent the minimum session for this invite is going to be 30 minutes the user agent that sent it out is it UCM server version 10.5 one of the downsides of pulling debugs off of the console is the user name is constantly put into the middle of the debugs okay so we see the minimum session of 30 minutes who sent it what other requests are supported by the user agent this is a sequencing number control sequence 101 subsequent requests this number would be incremented by one some devices start with one and some devices start with 101 the next request that would be sent out would have a different value and it would be implemented it expires in this invite this request expires in three minutes here are other features that are other events that are allowed presence and KP LM which can be used to signal digits in the middle of a call which I'll demonstrate Cisco features supported call info global unique identifier these are information is put into the Cisco invites session expires 30 minutes Pia started identity and remote party identity these have the same function cisco came out with remote party ID first and then the RFC for sip updated it and put in the p asserted identity to fulfill the function and that function is as i mentioned earlier if i wanted to set the caller ID anonymous well this is what shows up on the end but the provider they they need to know that you're a customer they need to know who you are and so the remote party and the pique asserted identity our own way identifying you to the provider when the provider is done with this and it routes it off of its network to the end phone it will remove those so they're not seen by the destination contact looks very similar to the via header the via header is where the response goes here's my request go ahead and send your response here the contact header is where should future requests go so future requests from the other side if you want something if you want to modify this call send your request to this guy 2002 and the IP address of call manager but but answer answer this request here the via I think I deleted it no the via contact and then the next four words how many routers how many devices proxies can this go through it's gone through one hop so far 70 is the default and so there's 69 left now content of 0 that means there is no SDP in this invite which is delayed offer if you're not sending if you're not defining the session description protocol in the invite that means the destination has to define it and that's delayed offer so here is what happens the cube receives the invite and it sends a 100 trying message it sends this this is a response and it sends it to the via IP address so what's happened is the cube received the invite and it sends a 100 trying back one thing I want you to see is that and I'll show you one thing I want you to see is that the information in the vo the from the two all of this information is copied it's it's just copied and put right into the response okay it's put right into the response so if you were to just look at the response on its own and you said oh it's going to wait a minute why would the cube send something to itself and what do you mean it's from Jane white this is we just sent this this is what the cubed is sending well that's because this is not literal it's copied from the invite it's a response to that invite so keep that in mind this information is just copied from the initial invite and put in all of these headers it doesn't change okay so the cube sends an answer sends a response times a 100 response then the cube forwards your invites sends the invite to the PSTN so the cube sends a 100 trying and then it forwards the invite to the PSTN and then notice in this example the cube is not configured to pass along the P asserted identity it does pass along the remote party but it did not pass on the P asserted identity because the Q doesn't trust the PSTN so P asourian's are not forwarded if we don't trust we haven't established a trusting relationship these we're not using authentication okay so it sends it out and then what happens is since he sends the invite out and then it receives a 100 trying message from the PSTN it receives a 100 trying message from the PSTN and again the to the from the via that is copied from the original invite so the cube received it and then it receives a 180 ringing from the PSTN it sends the 180 ringing to the unified UCM server and then it receives a response it receives a 200 response to the invite from the PSTN and notice the 200 response has a Content link the response has a content length of 300 also notice the 2 now has a tag in the initial invite the tag was not there because it hadn't been responded to in the response the tag is present in the to field because it's the remote destination is identifying this now so that's one way that I can I like to use to see if this response has been answered is there a tag there any invites that modify this call will have a tag in the 2 header as well ok so let's look at the content length of the 200 response this is the SDP and what I like to think some of the most important information the version who is sending the response where the media should go to which is the PSTN the time allotted for this there's no time limit so zero zero means no time limit and here is the M attribute 18 payload type we know that to be G 729 till F any event of 101 to send digits during the call and nineteen is Comfort noise the PSTN wants comfort noise so that if their silence it doesn't sound them like a black hole and sold 50 packets a second and that's what the PSTN is offering so the cube then forwards it sends the response it sends it to call manager along with the SDP information call manager will receive this and then it has to answer and what happens is is the UCM server gives an acknowledgement it acknowledges the response and since the response contained the SDP the acknowledgement lists its answer it says the IP address of UCL is responding it's accepting here's where the media stream should go that is the IP address of this phone who place the call so the media stream should go to that IP address the bandwidth settings the time limit that we're putting on this call we're not the port used and we're going to use codec 18 there it is so that is and then what will happen is the cube will pass on that acknowledgment it will pass it on to the PSTN along with your information that you've agreed to these SDP terms and there you go that's your call you have an RTP stream now eventually somebody hangs up and they will send a by request and the request needs to be answered and so the other side sends a response a 200 response also in the goodbye or the by request it contains the RTP status packets sent octet sent packets received octet two packets lost jitter latency delay all of that information is put here is what happened what transpired and here's the cost code of 16 you can research cost codes and you see the 16 means normal call clearing and then that's acknowledged and then then the cube of course receives and passes those on and that is a sip call now what I'd like to illustrate is a another way of gathering this information besides pulling it from the real-time console I can do show log and see that information in the log so instead of viewing it live on the console I like to turn that off and I like to send it all to the log and then just pull that information there so I'm gonna give you a few examples of different ways to do this so I'm going to pull this right from the log and I'm going to make sure I grab the date where that invite was sent now this information came right from the log and it's clean there the username of the router the hostname of the router is not interjected because this is coming from a log file I'm going to save this as a sip call and then I'll use a tool-free from Cisco called translator X so translator X lets you do exactly what it says drag-and-drop drag the text file and there's the sip call that we just looked at and I can click on any of these headers and it shows me the information you can choose generate diagram and you'll see a diagram of the call and you can click on any of these and they'll show you that particular message here's the 100 trying response here's the 200 with SDP we can see right here there's no SDP there so it's delayed offer because it's there click it and you see right down here the content length and then what the SDP contains there are many very valuable features with this translator X tool I'm simply just showing you one way of examining SIP calls if you have many calls you can click on call lists and see each individual call you can search calls in the call list if you have many you can search calls based on call clearing why the call made have failed extremely valuable again translator X free download let me demonstrate what if you say well I don't want to sit here and debug each call what if I actually you know go do stuff and come back and I want to see the calls gotcha well here's a way to do that so you can stop the video at any time and take a take a look at these commands what I'm going to do is I'm going to turn off log into the console I'm gonna create a send them to the log and what I'm going to do is send the entire log to this file so I'm going to send the log to the file but I'm actually not going to do that yet because I want to place some calls there's not a lot there's not enough in the log yet so I want to place some calls generate some calls to simulate some activity that happened one as many activities as you'd like you can make your log quite large and okay so you generated some traffic generate some traffic and then what I'm going to do now is copy the log to this file stick it in flash okay so now the log is in flash and then what I can do is I could go to the compute or configure the the router the cube to support a protocol called SCP and SCP is going to allow me you have to turn on Triple A and then SCP is going to allow me to take that to copy from my computer I can copy what's in flash I can copy that file directly from flash into my computer and I'll show you why that's useful and again feel free to stop and grab these commands so the router is configured there's the file that's in flash and now I want to extract that to my computer so this is the IP address of the cube I defined a user name on the cube and a password I defined a username and a password on the cube and that information is going to be required so I'm going to paste this right into the run prompt or the command prompt and I'm going to tell the computer to go to the IP address it's going to ask me to I want to cache credentials and it'll ask you for the password did I put in type in the password and it copies that file directly to my hard drive into the C logs location and there's there's the file now I click on it I'm not able to open it the computer doesn't recognize it however I can use translator X and I can click file open and then from there I can go right to the logs and then there's my calls in translator X and so I can use call lists and see the various calls that were placed click on any of these search one way to identify a good way to identify an entire call is to find the call ID just to find the caller ID and then you can create a filter that searches for the caller ID and it will show you only that particular call that calls there this is showing me a history of prior but you can use the call ID pull that out and then in a filter or search for it put that information in it will show you just that specific call so this is a way that you could turn on debugs not have it go to the console or telnet lines let it work for days weeks however long hours come back push the contents of the log to flash send them to your computer and then use translator X to view all of the calls that were placed and you can then search calls the failed due to certain reasons and so and then you can click on it and get more detailed information about that call so this is something in the SIP courses that we spend a lot of time going through now I'm walking through some of this quickly and giving you a high-level overview but in the course we spend a lot we spend quite a bit of time going over each each detail each detail in the five-day class we actually start out with having a cube empty just a router that's empty and we build redundant cubes we use voice class pattern maps server groups translation rules H SRP we have multiple cubes that behave as one and and we use just to dial peers so we build all of this from scratch so that each student gets an opportunity to cannot only set up sip from the call manager but build the cube step by step and then spend time modifying sip headers reading sip headers just really drilling in the different sip details and then how to trace them how to pull them off so I've shown you one way how to pull it from the router what if you don't have a cube and instead you have a router show you one more method let's say you just have a router and calls go through it but it's not stopping at the cube so you can't debug at the specific cube but you still want to see the sip calls no problem I'll show you a way to handle that so what I'm going to do is I'm going to use a tool called traffic export I'm going to create an access list that matches all packets everything this really doesn't have anything to do with voice it's simply going to match all packets that cross the router and I'm going to tell it to do I'm going to create a traffic export profile and I'm going to place it on this interface so any packet any source any destination going through that interface is going to be captured and let me show you what that means fact I'll clear the law because it doesn't have anything to do with the log it's simply going to capture all traffic that crosses through the net interface so let's start it okay and so let's generate some traffic through the interface I'll make some calls let me show you what happens if I try to call from this I've already shown you that we're using G 729 let me show you what happens if I try off of this it ranks but then when you want to answer it fails why does it fail it fails because this phone does not support G 729 it does not support G 729 so what's happening is that's what's being applied that's what's being used as we've demonstrated the phone can't support it so you get the situation where it rings but then the audio fails how do you fix that I'm getting off topic here but you fix it by adding a transcoder well you can change the codec on the cube or you can add a transcoder add it to your call manager configure one of your routers to be a transcoder and to do that you go to one of your routers and configure them to be a transcoder that's the IP address of call manager this is the name of your transcoder and you're configuring your device to transcode once you do that you take the name go to unified communications manager media resources transcoder add new put the name in choose an enhanced media termination point put in the device name put it in the device pool save I've already done that so then what you do is you take that transcoder once it's saved you put it in a media resource group you put the media resource group in a list so that the list contains a group inside of the group contains the transcoder so the transcoder is put in a group the group is put into a list and then the list is associated to the phone so the phone will be able to use that transcoder because of the list group membership say then apply and then I like to reset the phone both in call manager and physically and when the phone comes back should be able to make that call see if it's back in call manager Unified Communications Manager see if it's back and registered it is it has the media resource group attached to it make a call success so the transcoder is used in that example I wanted to point that out how would I know which codec was being used because we would debug and read the SDP now back to what I was illustrating here before I got sidetracked what I've done is I've created this access list all traffic is being captured and then what I want when I'm ready to look at it can be a day an hour a week later I'm going to go stop I'm going to go stop it turn it off and then what I'm going to do is I'm going to export the contents I'm going to take that I put it in a log and I'm going to export that to my FTP ste FTP server so my computer I have a TFTP you can use FTP as well T FTP is a quick free download I've had a TFTP server available so I just open it up delete that open up the TFTP server this is my computer's IP address and what I need to do is make sure that matches and I'm going to tell the cube to send the contents of this trace to the TFTP server and it will then send that to the TFTP server and then in order to look at that you would have Wireshark installed and Wireshark is a free tool that's extremely handy and I'll show you a different way to look at these sip messages without debugging the router okay looks like it's done and what happens is it was sent we sent that to a folder or a file called sip pcap and you can open that and it will then use Wireshark just click it and this will show you all traffic it will show you everything that's crossed the router in that time all data so we can see the RTP from the actual call G 729 you see everything now to see just sip in your filter just type lowercase sip and now we only see the sip calls so we can filter out any protocol that crosses that routers interface regardless if the router is configured for voice or it's a cube or not it's a router traffic's going to pass it and we've captured it and now we're examining any packet we want we're going to look at just sip telephony VoIP calls will show you all of the voice calls that it seen you can click on any of them and choose flow and Wireshark will show you a diagram from the cubes gigabit zero one perspective remember that it's only traffic crossing gigabit zero one it doesn't see the full big picture that our earlier debug did this is just showing IP traffic crossing an interface but it can be extremely useful and so we can use that and drill into those and look at any of these particular you can use filters to drill in even closer I mean there are many many filters that are available thousands it seems hundreds of VoIP filters where you could specific very specific and what you wanted to see and again that's a topic that we do cover in the course in the in the sip course so I hope this video was useful my intention was to give you some exposure to sip and to see what it's comprised of and to give you a few handy tips for reading sip messages thanks for watching