Posted on 13 September 2010.
In the following series of documents I am planning to provide you with a high level of understanding as to what it takes to run SIP in your New or Existing Cisco Unified Communications Manager Cluster, some of the topics in this series of documents will be sip as a protocol, security of SIP, Cisco SIP IP phones (Basic/Enhanced), 3rd Party SIP IP Phones (Simple/Advanced), SIP endpoint features, DTMF, KPML, SIP Trunks, SIP SRST and interoperability with other voip systems.
Call manager was initially designed to inter-operate with Cisco IP phones using its proprietary signaling protocol Skinny or SCCP, most of the features that were created or made it available to the Cisco IP Phones were designed to inter-operate using the Skinny (SCCP) protocol and not SIP, meaning that when Cisco decided to have their IP phones to support the ability to also run SIP, initially many common features that were available to Cisco IP Phones that were running the Skinny (SCCP) protocol were not available to Cisco IP Phones that will run SIP, with this being said if you have an older and or existing Call Manager cluster and you are wishing to make the move to SIP, you must have a complete understanding of what features are going to work, what type of phones will have the capability to run certain or all features that your current user is accustomed to and nonetheless what changes you may need to make to your current IPT infrastructure and also let?s don?t forget that if you currently have an older Cisco IP Phone such as the 7940, you may also need to make some changes to your dial plan, such as creating new SIP Dial Rules and applying these rules to every type A phone or Basic Cisco SIP Phone, furthermore if you have remote locations you may need to upgrade to SIP SRST, etc, of course many of this changes will depend upon you deciding to have a SIP trunk for PSTN access only or having SIP all the way from your demarcation to your endpoints, now when it comes to a totally new deployment of Cisco Unified Communications Manager things can be much easier, as long as you have the right Cisco SIP IP phone models, voice gateways, IOS, etc
What is SIP?
Session Initiation Protocol or SIP is a signaling protocol used mainly to establish sessions or multimedia calls over an IP Network. SIP can be utilized to set up and to tear down multimedia sessions over an IP Network, such as conferencing, telephony, presence, event notifications and instant messaging, SIP in fact is very similar to HTTP in the way that it works.
Who and what plays a role during a SIP session?
To make a SIP session possible between 2 or more endpoints, several logical entities and components must play a single or dual role when a SIP session needs to be set up, routed or when the SIP session needs to be tear down. Those several logical entities and components can be,
-Back to Back User Agent
Because I am not trying to make this series of documents to complex and hard to understand I will be only going over the definition of the 2 components that I think will be playing an important role when it comes to the interaction of a Cisco SIP IP phone and Cisco Unified Communications Manager.
UA or User Agent .- The User Agent has the capabilities to initiate, receive and terminate a transaction is a SIP session, since the User Agent is a logical application, the User Agent can play either the role of a User Agent Client (UAC) or the role of a User Agent Server (UAS) during a sip session, by having a SIP endpoint acting as the role of either a User Agent Client (UAC) or a User Agent Server (UAS) during a SIP session 2 SIP Endpoints can have the ability to set up and tear down a sip session between both. An Example of a User Agent will be a Cisco SIP IP Phone.
Phone A is initiating the Call
Phone A (UAC) (UAS) Phone B
B2BUA or Back to Back User Agent .- A Back to Back User Agent is a logical entity in which it is able to receive requests and processes them as User Agent Server (UAS), when it comes to determine how the request should be processed then it will act as a User agent Client (UAC). Some people will say that a Back to Back User Agent (B2BUA) is nothing but a Proxy Server but unlike a proxy server that routes a request and sits on the middle of the session, a Back to Back User Agent (B2BUA) will maintain an independent session or a dialogue state with each endpoint, hence the Back to Back User Agent (B2BUA) will participate or it will be involved in all requests sent over each independent sessions or dialogues that the Back to Back User Agent (B2BUA) has established. Furthermore in the event that a request for a feature is received from a User Agent, a Back to Back User Agent (B2BUA) will be able to properly provision and or manipulate the call as requested. An Example of B2BUA will be Cisco Unified Communications Manager.
——————– > | | —————- >
Phone A | B2BUA | Phone B
< ——————— | (UCM) | < —————
What does a SIMPLE SIP connection look like?
A SIP connection involves a call signaling process and a RTP stream.
Sound IN < ————————–> RTP Stream Dynamically assigned UDP Ports
Sound OUT —————————-> RTP Stream Dynamically assigned UDP Ports
Call Control < —————————> TCP Port 5060
Is it easy to troubleshoot SIP?
Troubleshooting SIP can involve many components and protocols, such as NAT, DNS, Firewalls, Routing, etc, although by knowing some of the Basic messages and Response Codes troubleshooting SIP will be much easier, although later on I will try to post a document that will show you how to troubleshoot typical SIP issues such as DTMF and NAT especially when you are integrating 2 different voip pbx?s.
How secure is SIP?
As any other protocol, SIP has some security flaws, mainly because SIP was created with the simplicity and trust words in mind. Securing a SIP connection is not an easy task, but when using certain security methods, components, and endpoints, a SIP transmission can be protected with a certain level of security. Let?s face it no protocol is 100 percent secure, securing a way of communications involves more than just what the level of security that the protocol used can offer you.
As any other signaling protocols, a SIP transmission can be secured if certain methods and components are used in conjunction with a SIP connection, an example of methods and components can be,
TLS or Transport Layer Security. ? TLS relies on the exchange of valid security certificates, although not all SIP endpoint support TLS.
Digest Authentication.- This is a challenge and response method, in a few words let?s say a Cisco IP Phone sends an INVITE to the UCM, then the UCM gets the INVITE, but because the UCM doesn?t get the proper Digest Auth header in the initial INVITE, it proceeds to send a message back to the Cisco IP Phone with the proper Digest Auth header, basically saying hey I don?t know who you are? Identifiy yourself by giving me your credential values, then the Cisco IP Phone sends a message back to the UCM but this time with the proper credentials, basically with the Digest Auth values, saying hey! I do have the proper credentials can we talk?
SRTP or Secure Real-Time Transport Protocol.- What SRTP does is, it encrypts the RTP payload meaning that it encrypts your media stream, in fact SRTP was developed by experts from Cisco and Ericsson.
For example, using SIP in conjunction with TLS will make sure that your call signaling is secure, although your audio or media will not be secure.
SIP in IP Phones
Based on the capabilities of certain Cisco SIP phones, Cisco classifies some of its models as either Basic (type A) or Enhanced IP Phones (Type B), almost the same thing applies for 3rd Party SIP IP phones, in fact when configuring 3rd Party SIP IP Phones in Cisco Unified Communications Manager you may need to select between a 3rd party SIP Device (Simple) or a 3rd Party SIP Device (Advanced) this will depend on the features or capabilities that the 3rd Party SIP IP Phone has.
Let?s take a look for example some of the differences between Cisco SIP Phones Type A (Basic) and Cisco SIP Phones Type B (Advanced)
Basic Cisco SIP Phones (Type A phones)
Cisco 7905, Cisco 7912, Cisco 7940, Cisco 7960
Basic and or limited xml capabilities
Support Digest Auth
No RFC2833 DTMF Relay Support
Ideal SIP endpoints if you are going to use a 3rd Party Call control Box
No PRACK support
Enhanced Cisco SIP Phones (Type B Phones)
Cisco 7906, Cisco 7911, Cisco 7931 (only compatible with UCM 7.x and up), Cisco 7941, Cisco 7942, Cisco 7945, Cisco 7961, Cisco 7962, Cisco 7965, Cisco 7970, Cisco 7971, Cisco 7975
Supports Digest Auth
Support RFC2833 DTMF Relay when registered with UCM
No PRACK support
3rd Party SIP IP Phones
When deciding what type of 3rd Party SIP IP phones to use for your new Cisco SIP deployment or current environment, keep in mind the following when referring to 3rd Party SIP Phones.
-You will be using a Cisco Platform, meaning that depending on the type of Cisco SIP IP Phone that you are using, that is Type A or B phone, your Cisco SIP IP phone will have access to either some or most of the features that Cisco Unified Communications Manager normally provides to the SCCP phones, in the other hand the 3rd Party SIP IP Phones will either have a limited access or no access to the these features.
-You will have to use Auth Digest to register 3rd Party SIP Phones with Cisco Unified Communications Manager
-You must use SIP Dial Rules for your 3rd Party SIP Phones and some 3rd Party SIP Phone don?t even support the SIP Dial Rules, hence you may have to configure the dial patterns manually to 3rd Party SIP IP phone via web, etc.
-A 3rd Party Simple SIP IP Phone will consume 3 DLU?s
-A 3rd Party Advance SIP IP Phone will consume 6 DLU?s
How to categorize 3rd Party SiP Phones (Simple/Advanced)
The way Cisco classifies 3rd Party SIP IP phones, is based on the capabilities of the 3rd Party SIP IP phone.
SIP IP phone Capabilities Simple Advanced
Authentication Digest Authorization Only Digest Authorization Only & TLS
Number of Lines 1 Single Line Can have up to 8 Lines
Amount of calls per line 2 Calls 2 Calls
Wifi or Dual Mode No Yes
Video No Yes
So before you go out and purchase a bulk of 3rd Party SIP IP phones to be used in your Cisco Unified Communications Manager cluster think about dial plans, bulk inserts, feature parity and others.
In the next document (PART 2) we will be adding a Cisco SIP IP phone and a 3rd Party SIP IP phone (aastra 9133i/Linksys SPA 941) to Cisco Unified Communications Manager, KPML, SIP DIAL Rules, we will be migrating SCCP phones to SIP, migrating Cisco SIP IP phones back to SCCP, creating a SIP trunk to another voip system, configuring SIP SRST and others.