Frequently Asked Questions | SIP Architecture

Q: I am used to seeing users that follow the scheme SIP: username@domain.com, but I’ve also seen them with the scheme SIPS: username@domain.com. What’s the difference?

A: SIP uses Universal Resource Identifiers (URIs) for identifying users. A URI identifies resources on the Internet, and those used by SIP incorporate phone numbers or names in the username. At the beginning of this is SIP:, which indicates the protocol being used. This is similar to Web site addresses, which begin with HTTP: to indicate the protocol to use when accessing the site. When SIP: is at the beginning of the address, the transmission is not encrypted. Those beginning with SIPS: require encryption for the session.

Q: Why do all responses to a request in SIP begin with the numbers 1 through 6?

A: This indicates the category to which the response belongs. There are six categories of responses that may be returned from a request: Informational, Success, Redirection, Client Error, Server Error, and Global Failure.

Q: I received a response that my request was met with a server error. Does this mean I can’t use this feature of my VoIP program?

A: Not necessarily. When a request receives a Server Error response, it means that the server it was sent to met with the error. The request could still be forwarded to other servers. A Global Error meanns that it wouldn’t be forwarded because every other server would also have the same error.I need to use a different computer for VoIP. The software is the same as the one on my computer, but I’m concerned that others won’t be able to see that I’m online because I’m using a different machine.When you start the program and log onto your VoIP account, SIP makes a REGISTER request that provides your SIP address and IP address to a Registrar server. This allows multiple people to use multiple computers. No matter what your location, SIP allows others to find you with this mapping of your SIP-address to the current IP address.

Q: Should I always use encryption to protect the data that I’m transmitting over the Internet?

A: Unless you expect to be discussing information or transferring files that require privacy, it shouldn’t matter whether your transmission is encrypted or not. After all, if someone did eavesdrop on an average conversation, would you really care that they heard your opinion on the last movie you watched? If, however, you were concerned that the content of your conversation or other data that was transmitted might be viewed by a third party, then encryption would be a viable solution to protecting your interests. As of this writing however, there are no interoperable, nonproprietary implementations of SIP that use encrypted signaling and media, so you will need to refer to the documentation of the application(s) being used to determine if this is available.

Frequently Asked Questions | H.323 Architecture

Q: I’ve never heard of H.323. What applications do I use that rely on this?

A: Microsoft Netmeeting for one. Polycom and Tandberg videoconferencing clients are another.

Q: Do H.323 terminals have to explicitly send the H.225 call setup messages to the IP address of the gateway?

A: Yes, an H.323 endpoint must know the transport address—for example, the IP address and port number—for the Q.931 dialogue. Q.931 then provides the transport address for the H.245 control channel. This is how addresses are bootstrapped in H.323.

Q: In what layer of ISO you can put H.323 standard?

A: H.323 doesn’t map to just one layer, but is primarily implemented at layers 3 and 4.

Q: I’ve heard that H.323 uses more than one TCP/UDP port in order to transmit voice, video, and data. Are these ports fixed, or do they vary for each connection?

A: H.323 uses several ports and both TCP and UDP to signal and transport voice. H.225/Q.931 and H.245 use TCP and H.225/RAS and RTP/RTCP use UDP. Ports 1718–1720 are dedicated to H.323 traffic.

Q: Several dynamic port combinations are used per session as well.What is the best VoIP codec?

A: There are a number of factors to make that kind of determination. Probably most important is the nature of the network between the two ends. If you are connected of a LAN (high bandwidth, minimal delays, etc.), then G.711 generally provides the best voice quality.

Q: What’s an Application Layer Gateway?

A: ALGs peer more deeply into the packet than packet filtering firewalls but normally do not scan the entire payload. Unlike packet filtering or stateful inspection firewalls, ALGs do not route packets; rather the ALG accepts a connection on one network interface and establishes the cognate connection on another network interface. An ALG provides intermediary services for hosts that reside on different networks, while maintaining complete details of the TCP connection state and sequencing.

Q: What’s better, H.323 or SIP?What’s better, an apple or an orange?

A: Seriously, H.323 is based on SS7 and was designed to internetwork efficiently with the PSTN. SIP is based on HTTP and was not designed with interconnecting to the PSTN in mind. So, major carriers tend to use H.323 because it translates ISDN and SS7 signaling to H.323 VoIP signaling easily. SIP does not. On the other hand, SIP supports IM, is text-based, and is implemented more cheaply than H.323.

Frequently Asked Questions | PSTN Architecture

Q: Is the PSTN of today able to handle the demands of the customers and technology of the future?

A: The answer is yes, since telecommunications companies are always enhancing the PSTN by providing more affordable or fully featured services to their customers. These changes often increase reliability while adding the capacity to offer more services. Tomorrow’s PSTN is likely to have much more packet-based technology than ever imaged. Now communications companies are burying fiber-optic cable and installing broadband wireless antennas as additional ways to deliver rich bandwidth, and cable companies often have outside plant capabilities that rival that or the primary LEC.

Q: Why is fiber-optic cable a better delivery medium than coaxial cable or twisted pair mediums?

A: Fiber-optic cable allows carriers to deliver services farther from central offices and is not readily affected by lightning strikes like copper wire, though WDM can offer more capacity through a single fiber than a single CO could sustain in copper 15 years ago. Delivering services further from the central office allows carriers to condense network equipment, reduce service truck roll outs, and provide more service to more people for a cheaper cost. And the extra bandwidth increases the scope and range of network capabilities available to all of us.

Q: Has VoIP been used by carriers prior to end-user deployments?

A: Yes, for some time large carriers have used VoIP to deliver calls within their core networks for long distance and toll calls. Bringing the technology to the rest of us took some considerable planning, significant costs, and a vision that VoIP would be the next huge push in the delivery of voice traffic.

Q: Should I be worried about my carrier’s SS7 network?

A: In general, no. But as more carriers connect and that network moves from its own dedicated, dark fiber and on to shared IP networks, there should be more attention paid to security and associated SS7 standards. It’s not a problem yet, but if the standards and industry best practices aren’t ready to implement in a few years we could see some disastrous consequences.

Q: Can I really trust my caller ID?

A: Sure, about as much as you can trust your e-mail. It won’t lie to you every day but it’s not hard to fool if you’re determined.I’d like to try phone phreaking or blueboxing sometime.

Q: Where can I go to find out more?

A: First of all, just don’t do it. It’s way too easy to get caught, and most of the old techniques won’t work. If you’re determined, you won’t find it hard to get the information you’re looking for if you Google the right names. Personally, I think it’s more fun reading the history anyway.

Q: I heard that Kevin Poulsen still drives the Porsche 944 he nabbed from KIIS. Is that true?

A: According to several reports, he’s been spotted in a red Porsche from time to time.

Q: People that sell me network equipment are always telling me that “circuit” is dead. Is that really true?

A: Let’s put it this way: without a live circuit to run on, the Internet is dead. Any questions? P.S. Anyone who really knows about packet and circuit knows that they both need each other in the end.

Frequently Asked Questions | Hardware Infrastructure

Q: How is a PBX different from a switch in a telephone central office?

A: In many ways, the two switches serve the same basic function, but with differnt target customers. PBX systems are usually smaller-scale systems with more enterprise-specific feature functionality, and tend to interconnect a larger percentage of digital and IP phones than a PSTN switch would.

Q: Do I need an analog PBX to use an analog phone or trunk? Or a digital PBX to use a digital phone or trunk?

A: No, a digital PBX or VoIP gateway can handle analog lines and trunks just fine. These signals are converted to digital signals before bing switched on a digital PBX’s Time Division Multiplexing (TDM) bus or Gateway VoIP media stream. A digital phone does require a digital PBX, but digital trunks can be split out on a channel bank for an analog switch if the signaling also is converted to an analog format.

Q: Where do the names “ring” and “tip” come from? What do they mean?

A: In the old days of telephones, operators connected calls using quarter-inch phone plugs (the same plugs that later were used with stereo headphones before the mini-phone plug became commonplace). The tip of the plug was the positive side of the circuit. The ring (or slip-ring) was a conductive circle around the plug above the tip and was the negative side of the ciruit. Sometimes another conductor was present on the plug after the ring—this was called the sleeve.

Q: What does “codec” mean, and what common codecs should I consider using? Is any kind of codec more secure than another?

A: Codec is short for COder/DECoder (and in more modern usage, COmpressor-DECompressor—though the first PCM codec was not compressed). In audio, a codec like the name implies, compresses audio before transmitting it, and decompresses the received audio. This helps pack more traffic in the same bandwidth. G.711 is standard PCM encoding, G.721 uses Adaptive Differential PCM (ADPCM) to cut the bandwidth required in half, and G.729 can compress a 64 kbps speech channeld down to 8 kbps, but with significant loss of quality (and it won’t work for fax or data connections). In general, your choice of codec will not affect the security of your VoIP system one way or the other.

Q: Why do regular firewalls have so many problems with VoIP traffic?

A: There are several reasons for this. First, VoIP packets have three characteristics that make traversal more difficult: separate signaling streams from media streams, broad ranges of port numbers for media, and embedded IP addresses. Second, VoIP standards are always changing and firewall vendors have a hard time keeping up. Finally, VoIP packets are real-time by nature and firewalls aren’t friendly to real-time packets under load.

Q: What is a WEP initialization vector and how is it used? Why is it not enough to protect me?

A: WEP is a stream cipher, which uses a value known as an initialization vector to ensure every signal is a unique signal, despite being encrypted by the same key.

Q: WEP’s fatal flaw is that its IVs are too short, and duplication occursCan I use WPA2 with any access point?

A: Most access points, but not all, now support WPA2 encryption. To be sure, consult the manual that came with your router (or they can usually be downloaded from the manufacturer’s site) and look up the encryption they support. Some routers can be upgraded by uploading a special firmware to the device. Check the manufacturer’s Web site, just to be sure.

Q: Can I run my own RADIUS server?

A: RADIUS, which stands for Remote Authentication Dial in User Service, has many free implementations for Linux and other operating systems. For a typical list of commercial and open source options, visit the VoIP-Info wiki at www.voip-info.org/wiki-Radius+Servers.

Q: What are some of the security concerns involved with using the popular instant messaging clients?

A: The same vulnerabilities that exist on the desktop are found in IM clients. This includes man-in-the-middle attacks, keylogging, and even audio capture and reconstruction with freely available tools on the Internet. And just as we’ve seen in the operating system world, the more widespread an IM client becomes, the more attractive a target it is to the hacking community.