SIP Call Flow Examples

If you ever experience issues with your VoIP service, it can be difficult to troubleshoot. However, if you can capture SIP call flow diagrams, it can become a relatively straightforward debug task since the call flows show all of the control messages being passed between the PBX and the phone.

In this guide we will introduce some tools that can be used to capture and analyze SIP packets and highlight SIP call flow examples for inbound calls, outbound calls and registration requests.

SIP Call Flow Examples

Tools Needed

In order to capture the SIP messages you will require some specific tools. You can put your hammer away, no phones were harmed in the making of this guide.

The tools you will need are software applications for capturing the SIP message flow during calls. Specifically, the following tools will help:

  1. Packet CAPture (PCAP) - There are many ways to capture the SIP signaling information and ultimately it depends on the type of system you have. For example, if you have a hosted VoIP provider, such as Vonage, you will not have access to their server so will need to login to the IP phone to record a PCAP file. Most phones have this feature built into them, since bug reporting relies on the ability to send the phone manufacturer such a file. If you have your own IP PBX you can install a tool such as SNGREP to capture the raw SIP packets.
  2. Wireshark - This is a network protocol analyzer which essentially analyzes SIP packets from a PCAP file and enables you to view the data in the form of SIP call flow diagrams. For more information and to download this analyzer, visit the Wireshark website.

For the purpose of this guide, we installed and used SNGREP for SIP packet capture since we already have IP PBXs running on a Linux distribution in-house, as part of the deep dive guides we produce on those PBXs.

Packet Capture using SNGREP

Installing SNGREP on a Linux platform is very straightforward and there are plenty of examples on the SNGREP website showing you how to do this. To run the packet capture utility, simply enter sngrep -r at the command line. The -r parameter instructs SNGREP to also capture the RTP packets, in other words, the raw audio packets. This is useful if the issue you are debugging is on the media side rather than the SIP protocol flow.

In Figure 1 below, you can see SNGREP in action, capturing a notify packet as part of a keep-alive strategy.

SNGREP Notify capture

Figure 1: SNGREP in Action (Notify)

You can filter (F7) to reduce the scope of your captures and when you have captured the SIP packets of interest, simply save the PCAP file (F2).

Now that you have your PCAP file, you will need Wireshark to view the SIP call flows. You may find it easier to copy this file to a PC and use the Windows version of Wireshark.

Call Flow Examples (using Wireshark)

In the call flow examples that follow, Wireshark was used to analyze the PCAP data. To do this in Wireshark simply open the PCAP file and navigate to Telephony > VoIP Calls. Select the call that is of interest and press the Flow sequence button. This will then display the SIP call flow diagram for that call.

SIP Call Flow for Outbound Call

In Figure 2 below you will find the SIP message flow for an outbound call from a phone through the PBX and out to the PSTN (Public Switch Telephone Network). The SIP messages used in the outbound call flow are as follows:

SIP Call Flow for Outbound Call

Figure 2: SIP Call Flow for Outbound Call

  • SIP Invite - This represents the request for an outbound call from the phone to the PBX. It is of the format INVITE sip:4251234567@examplepbx.com:5060. This represents the phone number we are trying to call through the PBX domain on port 5060.
  • Status 100 Trying - Message from the PBX letting the phone know it received the message and will process it.
  • 407 Proxy Authentication Required - PBX is telling the phone that authentication credentials are required before a call can be made. This is for fraud prevention to ensure only authenticated devices can make outbound calls.
  • ACK - Acknowledgement from the phone that it received the authentication message.
  • SIP Invite (and status 100) - Invite was re-sent from the phone to the PBX with the authentication credentials for the extension in question. The PBX responds with status 100.
  • 183 Session in Progress - PBX sends SIP message 183 which also contains information about the call such as Codec and other connection information.
  • SIP 200 OK - SIP message from the PBX to the phone indicating the call request was successful.
  • ACK - Acknowledgement from the phone that it received the 200 OK message.
  • RTP Media - At the bottom of the outbound call flow example you can see RTP messages, which is the actual audio media for the call, using the G711U (PCMU) Codec. Also note that the port is different for RTP media. Although this is shown at the bottom of the call flow and after BYE, if you look at the time stamp on the left you will see that it occurs during the call.
  • BYE - The IP phone sends the BYE message indicating it ended the call.
  • SIP 200 OK - The PBX acknowledges that the call has ended and tears it down.

 

SIP Call Flow for Inbound Call

The SIP call flow diagram for inbound calls is shown in Figure 3. The call from the PSTN has been routed to the PBX and then to the phone in question. The SIP messages for inbound calls are as follows:

SIP Call Flow for Inbound Call

Figure 3: SIP Call Flow for Inbound Call

  • SIP Invite - The INVITE message from the PBX is routed to the IP address and port for the phone user/extension.
  • Status 100 Trying - Message from the phone letting the PBX know it received the message and will process it.
  • 180 Ringing - The phone received the INVITE and is letting the user know of the call by ringing the phone. The phone sends the ringing message to the PBX so it knows of the event.
  • SIP 200 OK - SIP message from the phone to the PBX indicating the user has answered the call and the request was successful.
  • ACK - Acknowledgement from the PBX that it received the 200 OK message from the phone.
  • Update SDP (and 200 OK) - The PBX sends an update message to the phone indicating any updates to the call, such as the Codec to be used. The phone responds with a 200 OK message.
  • RTP Media - At the bottom of the outbound call flow example you can see RTP messages, which is the actual audio media for the call, using the G711U (PCMU) Codec. Also note that the port is different for RTP media.
  • BYE - The IP phone sends the BYE message to the PBX indicating it ended the call.
  • SIP 200 OK - The PBX acknowledges that the call has ended and tears it down.

 

SIP Call Flow for Device Registration

A very important part of SIP authentication is the registration process between the phone and the PBX. In most PBX environments, the IP phones are configured with a registration expiry time. If the phone does not send a new registration request before the expiry period it will lose registration and be unable to make or receive calls. This is required for security reasons and also so the PBX can easily determine that a phone has gone off-line and this send calls to voicemail directly, for example.

In the SIP call flow example in Figure 4 you can see a basic registration request from the phone to the PBX and its corresponding acknowledgement (i.e. the Status 200 OK message) back to the phone indicating that the credentials for the registration request were correct. If the authentication credentials do not match the PBX then the registration request will be denied.

SIP Call Flow for Device Registration

Figure 4: SIP Call Flow for Device Registration

SIP Call Flow for Keep Alive Notify

In Figure 5 you will see a basic SIP Notify message flow. A Notify can be used for many things but in this case the notify is used for keep-alive and it is sent every 30 seconds. The keep-alive is a very useful mechanism in NAT (Network Address Translation) environments, for example, where your phone is behind a router and this is served a private IP address. The keep-alive passes information about the phone environment to the PBX, such as the private IP address and port, along with the public IP address and port. By passing this frequently through the router it keeps a pin-hole open through your firewall, ensuring communication is always open between the phone and the PBX.

SIP Call Flow for Keep Alive Notify

Figure 5: SIP Call Flow for Keep Alive Notify

Conclusions

In this guide we highlighted some of the tools available to you in order to assist with SIP troubleshooting efforts. By analyzing the SIP message flow for communications between your PBX and your phones, it can help you get to the bottom of any issues you may experience. Compare your SIP communications with the relevant call flow diagram above to help pin-point any issues.

Published: by WhichVoIP


Related Articles for Further Reading:


left arrow PREV
Elastix versus FreePBX
 

GO TO BUSINESS ARTICLE INDEX


Ask us your question or add a comment:

Use the form below to add your comments/thoughts and to interact with us. All comments will be moderated by WhichVoIP.com before going live. We try to answer all questions within 24 hours.

Name:
Email: (ONLY used for responding)
Comment:
Enter code below:

By submitting you agree to our site Terms of Use

 

Business VoIP Quotes

2017 Top Providers*
  • SHARE: