How does SIP Registration work and why is it needed?
Registration – what it is and why it is necessary
IP Phones (and SIP clients in general) need to register with a central server mainly because this allows the phone’s location to be known when it is required to receive an incoming call. The “location” is identified by an IP address and port number. In some cases the IP address might be permanent and fixed, in which case registration would not be essential, but for most IP phones the address can change from day to day. This might be because the device is on a LAN and receives it’s IP address from a local DHCP server; it might be because the device is installed at the user’s home connecting to the Internet through a broadband ADSL or cable connection which uses dynamic IP addresses; it could also be because the device is mobile and sometimes it connects through the home Internet connection, other times through the office LAN or a wireless connection, maybe even using a public Wi-Fi hot spot or Internet service provided in a hotel.
No matter where your IP phone is physically located, you want it to be able to receive calls. The registration process, which is normally initiated as soon as the phone is switched on, allows the phone to register its location in a central database called a Location Server. The server it uses for the registration process is called a Registrar Server (see description below) and the exchange of messages that enables registration to happen is defined as part of the SIP protocol. To summarise, the IP phone will send a REGISTER request to the Registrar Server. The Registrar Server will ensure that the user credentials sent are correct, then update the Location Server database and send a “200 Ok” response back to the phone. Most IP phones will automatically repeat the registration process every 30 minutes for reasons explained in the next paragraph.
If you are looking for a more detailed description of the registration process (including a visualisation of the sequence of SIP messages), you will find one about half way through this article.
Registration expiry
Ideally, when you disconnect or switch off an IP phone (or other SIP client) you would want it to unregister itself. However, in practice for many devices this is difficult to achieve because the device stops functioning as soon as power is removed. One exception would be if you are using a softphone – most softphones are able to unregister as part of the shutdown sequence of the softphone application. For the benefit of those devices that do not unregister, Location Servers set an expiry time against every record. This is usually set at about 1 hour. If the Client device does not re-register within the expiry time, then the record is automatically deleted. This allows the location server to maintain a reasonably accurate picture of all the Client registrations by ensuring stale data is not left in the database for too long.
SIP Servers may want to register too
It is not uncommon for SIP servers to use registration as a way of confirming their location thereby allowing them to receive incoming calls from other servers. This is an option within Asterisk – it can be configured to register itself as if it were a SIP Client, by adding a line to the SIP.CONF file.
How do SIP calls reach a registered device?
Information is stored in the Location Server
No matter where your IP phone is physically located, you will want it to be able to receive calls. The registration process allows the phone to register its location in a central database called a Location Server.
The data recorded in the Location Server’s database is essentially a mapping between the public address of the user and the current IP address of their SIP phone. The public address, technically referred to as the AOR (Address-of-Record), might be something like sip:robfowler@sip.supermegacorp.com or sip:576048@callmeonsip.com.
SIP Proxy Servers are integrated with the Location Server
Once a remote or mobile SIP device has registered, its location is stored in the Location Server as explained above. Now, a mechanism is required whereby other SIP users wishing to call the registered device can lookup the details stored in the location server. However, those details cannot be made available to the entire VoIP user community (both because of the practical difficulties and the potential security risks inherent in the public sharing of such data). Instead, an inbound SIP Proxy Server provides the link between third party callers and the private data stored in the location server. This means that the SIP Proxy Server and the Location Server must be closely integrated – normally they are part of the same application package. Furthermore, the Registrar Server is also likely to be an integral part of the same package. SIP devices wishing to call a particular user, send their INVITE request to the relevant Proxy Server. That Proxy Server has access to the data stored in the Location Server and so is able to forward (or relay) the INVITE to the correct destination.
…and How is the correct Proxy Server located?
This is, essentially, a very simple mechanism based on DNS.
A Proxy Server is responsible for one or more SIP domains. It could be said that a Proxy Server “hosts” a SIP domain, although some might argue with that statement on various technical grounds. (By the way, for reasons of reliability and resilience, service providers may actually use more than one Proxy Server in some kind of load sharing or failover configuration).
With the help of DNS, the SIP domain name is used to find the correct SIP Proxy Server. That server is then responsible for locating users in that SIP domain. Two methods are possible in DNS for locating the SIP Proxy Server – one is through conventional name resolution for the SIP domain or host; the second method is through the use of SRV records.
SIP Server Components used in Registration
Registrar Server (and Location Server)
A Registrar Server is a server that accepts and handles SIP REGISTER requests. It is normally combined with the function of Location Server – a Location Server simply being a database which stores information about the current location of a SIP User Agent. It is normal for a SIP phone – or other SIP User Agent – to register itself with one or more Registrar Servers as soon as it is is switched on. The registration will almost always involve authentication with a User ID and password. The User ID for many SIP devices is the same as its phone number. Once registered, it is easy for calls to be routed to the device provided the call passes through a Proxy Server that has access to the Location Server. Without this registration process, your IP phone would have to always be located in the same place using the same IP address and that IP address would have to be hard coded into the dial plan of the device calling it (or in the dial plan of a Proxy Server used by the calling device).
Hope I’m not too late with a question.
I’m stuck between the SIP provider and my internet provider. They both blame each other.
This is my problem:
I can call anyone with my SIP-phone, but not call to it. Well, that is except for the first 2 minutes after rebooting the phone. If I reboot, I can call it within 2 minutes. After that it can’t be reached, just reach others (calling from, not to).
What have I done wrong? I use a Mitel 6863i.
This sounds very typical of the problems that happen when a VoIP phone is behind a NAT router.
The phone registers with your service provider and for the first 2 minutes the connection is held open on your NAT firewall. Then, in effect, the connection times out and is closed.
This problem should be extremely familiar to your SIP provider – it happens all the time. If they don’t have the ability to help, then find a different provider. That said, the NAT router/firewall is usually provided by your internet provider and sometimes the device has a stupid setting that has to be disabled. In particular, there is a setting called SIP ALG that you really do not want to be switched on because it invariably causes problems. This is ironic because SIP ALG is supposed to fix this type of problem!
Please take a look at my other articles on this topic:
https://kb.smartvox.co.uk/voip-sip/sip-devices-nat/
Here’s another article you should read:
https://kb.smartvox.co.uk/voip-sip/sip-nat-problem/
The simplest solution would be to enable “NAT Pings”. This is a feature available on most SIP phones that makes them send a “keep-alive” packet or request to the SIP provider every minute or so. Sending these packets is usually enough to keep the NAT firewall from closing the established connection. It is mentioned in my article on SIP devices behind NAT.
how to stop fraud registration?
To protect against fraudulent call activity there are many things – each helps a little.
Strong passwords
Named SIP domains (as opposed to allowing IP address as the SIP domain)
Detecting and dropping friendly-scanner probes (and similar)
Network activity monitoring and dynamic blocking (e.g. fail2ban)
Rate limiting of calls and registration attempts
Capping maximum simultaneous calls. Enforcing maximum spend per hour/day
Dial plans that restrict access to expensive destinations
Firewalls, SIP firewalls and SBC’s