1:最近集团要新建一套全司视频会议系统,目前在搭建和调试测试环境,期间遇到很多问题,最终查出来还是出在网络F5 BIG/IP LC链路负载均衡设备和安全设备IPS入侵检测上,SIP协议没打开,还有把UDP包拦截。测试环境网络环境比较复杂,尤其涉及到跨站点。由于视频会议使用的sip协议,在排查问题的过程中需要对SIP协议理解。
SIP协议多用在多媒体通讯,比如网络电话,语音,视频会议。为了对SIP协议有一个更深的认识,我们在测试环境模拟SIP注册;SIP注销;SIP呼叫发起,建立和释放过程,通过本地终端抓包来分析其通讯过程。测试环境采用的是华为视频会议:SMC(成都)+SC(成都)+MCU(在上海)架构,内网终端(上海),公网手机终端(外网),架构如下,为了保密,此次IP前两位隐藏。
2:SIP协议涉及到的消息类型
请求消息:
对应的网络包消息体格式:
响应消息:
对应的网络包消息体格式:
3:通过上面的内容,对于SIP应该有了一个更深的认识,那么,拿出wireshark开始抓包吧,涉及的相关IP部分隐藏。
视频客户端发起注册请求,也就是register消息:
****************************
REGISTER sip:*.*.24.127 SIP/2.0 //命令名,对端注册服务器URL,SIP协议版本
Via: SIP/2.0/UDP *.*.105.87:5060;branch=z9hG4bK092xw3589ww02w3z092xw358j
//协议类型/版本/传输类型udp,客户端地址,传输标识;传输类型有UDP,TCP,TLS,
Call-ID: Mn8yywwVdu4uaD1BoPuNQox9Q6DGAjUTY5AG0eEKXSAw //呼叫唯一标识
From: <sip:21001@*.*.24.127>;tag=2ucxu2u8 //注册消息的起始和目地地址一样
To: <sip:21001@*.*.24.127> //注册消息的起始和目地地址一样
CSeq: 1 REGISTER
Contact: <sip:21001@*.*.105.87:5060;transport=udp>;expires=600
Expires: 600
Supported: eUA
Max-Forwards: 70
User-Agent: Huawei TE Desktop V3.2.0.152 //视频终端类型及版本
Allow: MESSAGE,REFER,INFO,NOTIFY,SUBSCRIBE,UPDATE,PRACK,PUBLISH,CANCEL,BYE,OPTIONS,ACK,INVITE //可以执行的命令类型,该版本可以执行更多的命令
Content-Length: 0
***************************
视频客户端收到的响应消息,
***************************
SIP/2.0 200 OK //200标识成功
Via: SIP/2.0/UDP *.*.105.87:5060;branch=z9hG4bK092xw3589ww02w3z092xw358j
Call-ID: Mn8yywwVdu4uaD1BoPuNQox9Q6DGAjUTY5AG0eEKXSAw
From: <sip:21001@*.*.24.127>;tag=2ucxu2u8
To: <sip:21001@*.*.24.127>;tag=c4dqqchd
CSeq: 1 REGISTER
Contact: <sip:21001@*.*.105.87:5060>;q=1.0;expires=300
Content-Length: 0
***************************
呼叫。登陆两个视频终端,启动抓包,然后进行拨打测试,接通后挂机,停止抓包。
视频终端发起呼叫,使用INVITE消息
****************************
INVITE sip:21003@*.*.24.127 SIP/2.0
//命令类型:INVITE,目标地址21003,SIP协议,版本2.0
Via: SIP/2.0/UDP *.*.105.87:5060;branch=z9hG4bKhn0d81a80ji8klxijhln0xfig
Call-ID: QDgFXK8RabtWdJS00sPCgDc6ASrg0tfNy551qQSEqTIw
From: <sip:21001@*.*.24.127>;tag=1ix0kn0h //发起方
To: <sip:21003@*.*.24.127> //被叫方
CSeq: 1 INVITE
Contact: <sip:21001@*.*.105.87:5060;transport=udp>
Supported: 100rel,replaces,timer
Session-Expires: 180;refresher=uac
Max-Forwards: 70
User-Agent: Huawei TE Desktop V3.2.0.152
Allow: MESSAGE,REFER,INFO,NOTIFY,SUBSCRIBE,UPDATE,PRACK,PUBLISH,CANCEL,BYE,OPTIONS,ACK,INVITE
Content-Length: 2244
Content-Type: application/sdp
//以下为SDP 消息体信息,主要是一些音频,视频流格式,编码,采样率等*******
v=0
o=huawei 23293 2 IN IP4 *.*.105.87
s=-
c=IN IP4 *.*.105.87
b=CT:2048
t=0 0
m=audio 10002 RTP/AVP 9 8 0 98 18 97 121
a=crypto:1 AES_CM_128_HMAC_SHA1_80 inline:Lz9zQCFId1hBUG4tUEMnekcvc0ltRG1DUUojYy8+|2^31
a=crypto:2 AES_CM_128_HMAC_SHA1_32 inline:RUBxMmtFTXhmXVE9R2JmNDgwNFMwPCdLeWRVITMr|2^31
a=rtpmap:9 G722/16000
a=rtpmap:8 PCMA/8000
a=rtpmap:0 PCMU/8000
a=rtpmap:98 iLBC/8000
a=fmtp:98 mode=30
a=rtpmap:18 G729/8000
a=rtpmap:97 telephone-event/8000
a=fmtp:97 0-15
a=rtpmap:121 red/16000
a=fmtp:121 0
a=sendrecv
a=ptime:20
m=video 10004 RTP/AVP 105 106 107 108
b=AS:2048
a=crypto:1 AES_CM_128_HMAC_SHA1_80 inline:VEtgTDczaHBtL0NaS1pKbDBdRiwsIWtjcihIezlH|2^31
a=crypto:2 AES_CM_128_HMAC_SHA1_32 inline:Sn1SZX1XLTcqNmFOdTQiQS1CMXBfZjRROHwuNmRg|2^31
a=rtpmap:105 H264/90000
a=fmtp:105 profile-level-id=428028;packetization-mode=1;level-asymmetry-allowed=1
a=rtpmap:106 H264/90000
a=fmtp:106 profile-level-id=428028;level-asymmetry-allowed=1
a=rtpmap:107 H264/90000
a=fmtp:107 profile-level-id=640028;packetization-mode=1;level-asymmetry-allowed=1
a=rtpmap:108 H264/90000
a=fmtp:108 profile-level-id=640028;level-asymmetry-allowed=1
a=sendrecv
a=rtcp-fb:* ccm fir
a=rtcp-fb:* ccm tmmbr
a=Huawei-Media-Engine
a=label:11
a=content:main
m=video 10006 RTP/AVP 105 106 107 108
b=AS:512
a=crypto:1 AES_CM_128_HMAC_SHA1_80 inline:VEtgTDczaHBtL0NaS1pKbDBdRiwsIWtjcihIezlH|2^31
a=crypto:2 AES_CM_128_HMAC_SHA1_32 inline:Sn1SZX1XLTcqNmFOdTQiQS1CMXBfZjRROHwuNmRg|2^31
a=rtpmap:105 H264/90000
a=fmtp:105 profile-level-id=42801F;packetization-mode=1;level-asymmetry-allowed=1;max-mbps=90000;max-fs=9000
a=rtpmap:106 H264/90000
a=fmtp:106 profile-level-id=42801F;level-asymmetry-allowed=1;max-mbps=90000;max-fs=9000
a=rtpmap:107 H264/90000
a=fmtp:107 profile-level-id=64001F;packetization-mode=1;level-asymmetry-allowed=1;max-mbps=90000;max-fs=9000
a=rtpmap:108 H264/90000
a=fmtp:108 profile-level-id=64001F;level-asymmetry-allowed=1;max-mbps=90000;max-fs=9000
a=sendrecv
a=content:slides
a=rtcp-fb:* ccm fir
a=rtcp-fb:* ccm tmmbr
a=Huawei-Media-Engine
a=label:12
m=application 5070 UDP/BFCP *
a=floorctrl:c-s
a=confid:2
a=floorid:2 mstrm:12
a=userid:50
a=setup:actpass
a=connection:new
//主叫方21001收到SC服务器发过来的Trying消息
***********************
SIP/2.0 100 Trying
Via: SIP/2.0/UDP *.*.105.87:5060;branch=z9hG4bKhn0d81a80ji8klxijhln0xfig
Call-ID: QDgFXK8RabtWdJS00sPCgDc6ASrg0tfNy551qQSEqTIw
From: <sip:21001@*.*.24.127>;tag=1ix0kn0h
To: <sip:21003@*.*.24.127>
CSeq: 1 INVITE
Content-Length: 0
//主叫方21001收到SC服务器发过来的被叫21003振铃消息,180 Ringing
***********************
SIP/2.0 180 Ringing
Via: SIP/2.0/UDP *.*.105.87:5060;branch=z9hG4bKhn0d81a80ji8klxijhln0xfig
Record-Route: <sip:*.*.24.127;lr;CtxId=0;X-HwB2bUaCookie=3426>
Call-ID: QDgFXK8RabtWdJS00sPCgDc6ASrg0tfNy551qQSEqTIw
From: <sip:21001@*.*.24.127>;tag=1ix0kn0h
To: <sip:21003@*.*.24.127>;tag=uuoo6kok
CSeq: 1 INVITE
User-Agent: Huawei TE Desktop V3.2.0.152
Contact: <sip:21003@*.*.24.127:5060;transport=udp>
Allow: INVITE,ACK,OPTIONS,BYE,CANCEL,REGISTER,INFO,PRACK,SUBSCRIBE,NOTIFY,UPDATE,REFER
Content-Length: 0
//主叫方21001发出对21003的180 Ringing消息进行确认
**********************
SIP/2.0 200 OK
Via: SIP/2.0/UDP *.*.105.87:5060;branch=z9hG4bKhn0d81a80ji8klxijhln0xfig
Record-Route: <sip:*.*.24.127;lr;CtxId=0;X-HwB2bUaCookie=3426>
Call-ID: QDgFXK8RabtWdJS00sPCgDc6ASrg0tfNy551qQSEqTIw
From: <sip:21001@*.*.24.127>;tag=1ix0kn0h
To: <sip:21003@*.*.24.127>;tag=uuoo6kok
CSeq: 1 INVITE
User-Agent: Huawei TE Desktop V3.2.0.152
Contact: <sip:21003@*.*.24.127:5060;transport=udp>
Supported: replaces,timer
Require: timer
Session-Expires: 180;refresher=uac
Allow: INVITE,ACK,OPTIONS,BYE,CANCEL,REGISTER,INFO,PRACK,SUBSCRIBE,NOTIFY,UPDATE,REFER
Content-Length: 1983
Content-Type: application/sdp
//以下为SDP 消息体信息,主要是一些音频,视频流格式,编码,采样率等*******
v=0
o=huawei 23293 3 IN IP4 *.*.45.226
s=-
c=IN IP4 *.*.45.226
b=CT:2048
t=0 0
m=audio 10002 RTP/SAVP 9 8 0 98 18 97 121
a=rtpmap:9 G722/16000
a=rtpmap:8 PCMA/8000
a=rtpmap:0 PCMU/8000
a=rtpmap:98 iLBC/8000
a=fmtp:98 mode=30
a=rtpmap:18 G729/8000
a=rtpmap:97 telephone-event/8000
a=fmtp:97 0-15
a=rtpmap:121 RED/16000
a=fmtp:121 0
a=ptime:20
a=sendrecv
a=crypto:1 AES_CM_128_HMAC_SHA1_80 inline:Qj1kPzpYT0pCJihKQzM5KTU0LFNxXTRnZTxrP09E|2^31
m=video 10004 RTP/SAVP 105 106 107 108
b=AS:2048
a=rtpmap:105 H264/90000
a=fmtp:105 profile-level-id=428028;packetization-mode=1;level-asymmetry-allowed=1
a=rtpmap:106 H264/90000
a=fmtp:106 profile-level-id=428028;level-asymmetry-allowed=1
a=rtpmap:107 H264/90000
a=fmtp:107 profile-level-id=640028;packetization-mode=1;level-asymmetry-allowed=1
a=rtpmap:108 H264/90000
a=fmtp:108 profile-level-id=640028;level-asymmetry-allowed=1
a=content:main
a=rtcp-fb:* ccm fir
a=rtcp-fb:* ccm tmmbr
a=sendrecv
a=Huawei-Media-Engine
a=label:11
a=crypto:1 AES_CM_128_HMAC_SHA1_80 inline:Lm9Lcywtc09Wc0F0QCZ1dGo9MUQiUktSLV1JJ01m|2^31
m=video 10006 RTP/SAVP 105 106 107 108
b=AS:512
a=rtpmap:105 H264/90000
a=fmtp:105 profile-level-id=42801F;packetization-mode=1;level-asymmetry-allowed=1;max-mbps=90000;max-fs=9000
a=rtpmap:106 H264/90000
a=fmtp:106 profile-level-id=42801F;level-asymmetry-allowed=1;max-mbps=90000;max-fs=9000
a=rtpmap:107 H264/90000
a=fmtp:107 profile-level-id=64001F;packetization-mode=1;level-asymmetry-allowed=1;max-mbps=90000;max-fs=9000
a=rtpmap:108 H264/90000
a=fmtp:108 profile-level-id=64001F;level-asymmetry-allowed=1;max-mbps=90000;max-fs=9000
a=content:slides
a=rtcp-fb:* ccm fir
a=rtcp-fb:* ccm tmmbr
a=sendrecv
a=Huawei-Media-Engine
a=label:12
a=crypto:1 AES_CM_128_HMAC_SHA1_80 inline:Y2s5fD9BUj9qbVpdbVZ3ejp6bXpDTzY+YWM5KWpW|2^31
m=application 5070 UDP/BFCP *
a=floorctrl:s-only
a=confid:2
a=floorid:2 mstrm:12
a=userid:50
a=setup:passive
a=connection:new
//SIP通话前最后一步是主叫方确认 200 OK响应。
*********************
ACK sip:21003@*.*.24.127:5060;transport=udp SIP/2.0
Via: SIP/2.0/UDP *.*.105.87:5060;branch=z9hG4bKdxfxiax0fj0d81a8l9gajxhgi
Route: <sip:*.*.24.127;lr;CtxId=0;X-HwB2bUaCookie=3426>
Call-ID: QDgFXK8RabtWdJS00sPCgDc6ASrg0tfNy551qQSEqTIw
From: <sip:21001@*.*.24.127>;tag=1ix0kn0h
To: <sip:21003@*.*.24.127>;tag=uuoo6kok
CSeq: 1 ACK
Max-Forwards: 70
Content-Length: 0
//21001主动结束通话,向21003发出BYE消息。
********************
BYE sip:21003@*.*.24.127:5060;transport=udp SIP/2.0
Via: SIP/2.0/UDP *.*.105.87:5060;branch=z9hG4bK89gajxhgg1a1xkhjjfh0a9d09
Route: <sip:*.*.24.127:5060;lr;CtxId=0;X-HwB2bUaCookie=3426>
Call-ID: QDgFXK8RabtWdJS00sPCgDc6ASrg0tfNy551qQSEqTIw
From: <sip:21001@*.*.24.127>;tag=1ix0kn0h
To: <sip:21003@*.*.24.127>;tag=uuoo6kok
CSeq: 3 BYE
Max-Forwards: 70
Content-Length: 0
//收到SC服务器发过了的挂机确认消息,通话结束
*******************
SIP/2.0 200 OK
Via: SIP/2.0/UDP *.*.105.87:5060;branch=z9hG4bK89gajxhgg1a1xkhjjfh0a9d09
Call-ID: QDgFXK8RabtWdJS00sPCgDc6ASrg0tfNy551qQSEqTIw
From: <sip:21001@*.*.24.127>;tag=1ix0kn0h
To: <sip:21003@*.*.24.127>;tag=uuoo6kok
CSeq: 3 BYE
Content-Length: 0
视频客户端退出,从下述抓的包来看,同样也是一个register消息,这里的expire为0
*********************
REGISTER sip:*.*.24.127 SIP/2.0
Via: SIP/2.0/UDP *.*.105.87:5060;branch=z9hG4bK23a7bvs97s5v7ehg4bb8bdbae
Call-ID: LPaKbaB1fux8GeuVu4gwWkKxZX4BdVHwWqZnZ8FhWMcw
From: <sip:21001@*.*.24.127>;tag=9ghe225d
To: <sip:21001@*.*.24.127>
CSeq: 2 REGISTER
Contact: <sip:21001@*.*.105.87:5060;transport=udp>;expires=0
Expires: 0
Supported: eUA
Max-Forwards: 70
User-Agent: Huawei TE Desktop V3.2.0.152
Allow: MESSAGE,REFER,INFO,NOTIFY,SUBSCRIBE,UPDATE,PRACK,PUBLISH,CANCEL,BYE,OPTIONS,ACK,INVITE
Content-Length: 0
//收到服务器的消息,退出成功
********************
SIP/2.0 200 OK
Via: SIP/2.0/UDP *.*.105.87:5060;branch=z9hG4bK23a7bvs97s5v7ehg4bb8bdbae
Call-ID: LPaKbaB1fux8GeuVu4gwWkKxZX4BdVHwWqZnZ8FhWMcw
From: <sip:21001@*.*.24.127>;tag=9ghe225d
To: <sip:21001@*.*.24.127>;tag=b4qegllf
CSeq: 2 REGISTER
Content-Length: 0