Home > Articles > Session Initiation Protocol

Session Initiation Protocol

  • Sample Chapter is provided courtesy of Cisco Press.
  • Date: Oct 16, 2006.

The Session Initiation Protocol (SIP) is an Internet Engineering Task Force (IETF) standard call control protocol, based on research at Columbia University by Henning Schulzrinne and his team. The first SIP RFC, number 2543, was published in 1999. Since then, much work has been done, and numerous RFCs have been published to solidify and extend SIP capabilities.

SIP is designed to provide signaling and session management for voice and multimedia connections over packet-based networks. It is a peer-to-peer protocol with intelligent endpoints and distributed call control, such as H.323. Gateways that use SIP do not depend on a call agent, although the protocol does define several functional entities that help SIP endpoints locate each other and establish a session.

In this chapter you will learn

  • How SIP works
  • SIP call flow
  • SIP pros and cons
  • Dial plan considerations
  • How to implement SIP gateways
  • Some ways to secure SIP gateways
  • Allowing H.323 to SIP connections
  • Troubleshooting tools

Description of SIP

SIP was designed as one module in an IP communications solution. This modular design allows it to integrate with and use the services of other existing protocols, such as Session Description Protocol (SDP), Real-Time Transport Protocol (RTP), Resource Reservation Protocol (RSVP), RADIUS, and Lightweight Directory Access Protocol (LDAP). SIP usually uses User Datagram Protocol (UDP) as its transport protocol, but it can also use TCP. The default SIP port for either TCP or UDP is 5060. To provide additional security, Transport Layer Security (TLS) support is included beginning with Cisco IOS Software Release 12.3(14)T. SIP specifications do not cover all the possible aspects of a call, as does H.323. Instead, its job is to create, modify, and terminate sessions between applications, regardless of the media type or application function. The session can range from just a two-party phone call to a multiuser, multimedia conference or an interactive gaming session. SIP does not define the type of session, only its management. To do this, SIP performs four basic tasks:

  • Locating users, resolving their SIP address to an IP address
  • Negotiating capabilities and features among all the session participants
  • Changing the session parameters during the call
  • Managing the setup and teardown of calls for all users in the session

SIP is built on a client-server model, using requests and responses that are similar to Internet applications. It uses the same address format as e-mail, with a unique user identifier (such as telephone number) and a domain identifier. A typical SIP address looks like one of the following:

  • sip:1112223344@mycompany.com
  • sip:1112223344@

This allows Domain Name System (DNS) to be used to locate users, and it also allows SIP to integrate easily with e-mail. SIP uses Multipurpose Internet Mail Extension (MIME) to describe the contents of its messages. Thus, SIP messages can contain information other than audio, such as graphics, billing data, authentication tokens, or video. Session Description Protocol (SDP) is used to exchange session capabilities and features.

One of the most unique parts of SIP is the concept of presence. The public switched telephone network (PSTN) can provide basic presence information—whether a phone is on- or off- hook—when a call is initiated. However, SIP takes that further. It can provide information on the willingness of the other party to receive calls, not just the ability, before the call is attempted. This is similar in concept to instant messaging applications—you can choose which users appear on your list, and they can choose to display different status types, such as offline, busy, and so on. Users who subscribe to that instant messaging service know the availability of those on their list before they try to contact them. With SIP, you can gather presence information from many devices, such as cell phones, SIP phones, personal digital assistants (PDA), and applications. A SIP Watcher subscribes to receive presence information about a SIP Presentity. SIP presence information is available only to subscribers.

SIP is already influencing the marketplace. A growing number of IP Telephony Service Providers (ITSP), such as Vonage, are already using it. Traditional telephony providers, such as AT&T, have created SIP-aware networks for both internal and customer use. Cellular phone providers use SIP to offer additional services in their 3G networks. The Microsoft real-time communications platform—including instant messaging, voice, video, and application-sharing—is based on SIP. Cisco applications such as MeetingPlace, CallManager, and CallManager Express (CME) support SIP. Some hospitals are implementing SIP to allow heart monitors and other devices to send an instant message to nurses. You can expect to see its use increase as more applications and extensions are created for SIP.

SIP Functional Components

SIP endpoints are called user agents (UA) and can be various devices, including IP phones, cell phones, PDAs, Cisco routers, or computers running a SIP-based application. UAs can act as either clients or servers. The user agent client (UAC) is the device that is initiating a call, and the user agent server (UAS) is the device that is receiving the call. The SIP protocol defines several other functional components. These functional entities can be implemented as separate devices, or the same device can perform multiple functions.

  • Proxy server—This server can perform call routing, authentication, authorization, address resolution, and loop detection. A UA sends its call setup messages through a proxy server. The proxy server can forward the messages if it knows where the called party is located, or it can query other servers to find that information. It then forwards the request to the next hop. When it receives a response to the request, it forwards that to the client UA. After the call is set up, the proxy server can elect to stay in the signaling path so that it also sees call change or termination messages, or it can withdraw from the path and let the UAs communicate directly. Cisco has a SIP proxy server product.
  • Redirect server—UAs and proxy servers can contact a redirect server to find the location of an endpoint. This is particularly useful in a network that has mobile users whose location changes. The redirect server can let its clients know that a user has moved either temporarily or permanently. It can also return multiple possible addresses for the user, if necessary. When a UA has multiple addresses, the proxy server can fork the call, sending it to each address either simultaneously or sequentially. This allows "Find Me/Follow Me" type services. Cisco routers can act as SIP redirect servers.
  • Registrar server—UAs register their location with a registrar server, which places that information into a location database. A registrar server responds to location requests from other servers. The server can maintain the location database locally, or it can employ a separate location server. Cisco routers and CallManager 5.x can act as SIP registrar servers.
  • Location server—This server maintains the location database for registered UAs.
  • Back-to-back user agent (B2BUA)—This server acts as a UA server and client at the same time. It terminates the signaling from the calling UA and then initiates signaling to the called UA. B2BUAs are allowed to change the content of requests, giving them more control over the call parameters. Cisco CallManager 5.x can function as a SIP B2BUA.
  • Presence server—This server gathers presence information from Presentities and subscription information from Watchers, and sends status notifications.

All these functions work together to accomplish the goal of establishing and managing a session between two UAs. SIP servers can also interact with other application servers to provide services, such as authentication or billing.

You can configure Cisco routers as SIP gateways. As such, they can act as a SIP UAC or UAS, they can register E.164 numbers with a SIP registrar, and they can act as SIP registrar and redirect servers. In addition, they can set up SIP trunks to another SIP gateway or to CallManager.

A Cisco SIP gateway that is using Survivable Remote Site Telephony (SRST) can provide registration and redirection services to SIP phones when CallManager and proxy servers are unavailable. SRST is not on by default; you must configure it. Both SIP and SCCP phones can fail over to a router that is running SIP SRST. Cisco CME and SRST also support B2BUA functionality beginning in Cisco IOS 12.(4)T. SIP SRST is described in Chapter 13, "SRST and MGCP Gateway Fallback."

SIP Messages

SIP uses plain-text messages, following the format of standard Internet text messages. This helps in troubleshooting, because it is easy to read SIP messages. However, you must understand the types of messages and their formats to successfully troubleshoot them. This section helps you with that understanding.

SIP messages are either requests or responses to a request; the function that the request invokes on a server is called a method. Several types of SIP methods exist. The original SIP specification included the following six methods. Cisco gateways can both send and receive these methods, except where noted.

  • REGISTER—A UA client sends this message to inform a SIP server of its location.
  • INVITE—A caller sends this message to request that another endpoint join a SIP session, such as a conference or a call. This message can also be sent during a call to change session parameters.
  • ACK—A SIP UA can receive several responses to an INVITE. This method acknowledges the final response to the INVITE.
  • CANCEL—This message ends a call that has not yet been fully established.
  • OPTIONS—This message queries the capabilities of a server. Cisco gateways receive these methods only.
  • BYE—This message ends a session or declines to take a call.

Cisco gateways also support the following additional methods, but they only respond to them. They do not generate them.

  • INFO—This message is used when data is carried within the message body.
  • PRACK—This message acknowledges receipt of a provisional, or informational, response to a request.
  • REFER—This message points to another address to initiate a transfer.
  • SUBSCRIBE—This message lets the server know that you want to be notified if a specific event happens.
  • NOTIFY—This message lets the subscriber know that a specified event has occurred. It can also transmit dual tone multifrequency (DTMF) tones.
  • UPDATE—A UAC uses this to change the session parameters, such as codec used or quality of service (QoS) settings, before answering the initial INVITE.

SIP entities can send additional messages in response to a method; these responses are listed in Table 4-1. Responses to SIP methods fall into six categories. The 100 Series designates informational or provisional responses, such as 100 for Trying, and 180 for Alerting. A 200 Series response means that the request was successful; it includes 200 for OK, and 202 for Accepted. The 300 Series redirects the user to a different location for the called endpoint. Examples include 301 for Moved Permanently and 302 for Moved Temporarily. The 400 Series of responses indicate a request failure, such as 404 User Not Found and 480 Temporarily Unavailable. A 500 Series response is received due to a server failure, such as 500 for Server Internal Error or 503 for Service Unavailable. The 600 Series is used for a global failure, including 603 when the call is declined.

Table 4-1. SIP Response Table

Class of Response

Status Code








Call Is Being Forwarded




Session Progress






Multiple Choices


Moved Permanently


Moved Temporarily


Use Proxy


Alternative Service



Bad Request




Payment Required




Not Found


Method Not Allowed


Not Acceptable


Proxy Authentication Required


Request Timeout




Request Entity Too Large


Requested URL Too Large


Unsupported Media Type


Unsupported URI1 Scheme


Bad Extension


Extension Required


Interval Too Brief


Temporarily Not Available


Call Leg or Transaction Does Not Exist


Loop Detected


Too Many Hops


Address Incomplete




Busy Here


Request Terminated


Not Acceptable Here


Request Pending





Internal Server Error


Not Implemented


Bad Gateway


Service Unavailable


Server Timeout


SIP Version Not Supported


Message Too Large

Global failure


Busy Everywhere




Does Not Exist Anywhere


Not Acceptable

Example 4-1 shows a SIP INVITE message and explains the different fields. This call is from an IP phone in a CME network to an IP phone in a CallManager network. Neither phone is a SIP endpoint—the IP addresses listed are for the gateway and CallManager. A SIP trunk exists between CallManager and the gateway/CME.

Example 4-1. SIP INVITE Message

SIP-GW#debug ccsip messages
Sent:!Request-URI (Uniform Resource Identifier) field

!This is the SIP address, or SIP URL, that the INVITE is sent to

INVITE sip:3401@ SIP/2.0!Each device that handles the packet adds its IP address to the VIA 
Via: SIP/2.0/UDP;branch=z9hG4bKA1798!The calling party. A tag identifies this series of messages

From: <sip:4105553501@>;tag=105741C-1D5E!The called party

To: <sip:3401@>
Date: Fri, 06 Jan 2006 05:35:01 GMT!Unique identifier for this call

Call-ID: E937365B-2C0C11D6-802FA93D-4772A3BB@!Extensions supported include reliable provisional responses and timer
Supported: 100rel, timer!Minimum value for session interval

Min-SE:  1800
Cisco-Guid: 3892269682-738988502-2150410557-1198695355!Identifies the device that originated the INVITE

User-Agent: Cisco-SIPGateway/IOS-12.x!List of methods that are supported

INFO, UPDATE, REGISTER!Identifies call sequence number and method for this call

CSeq: 101 INVITE!Max number of proxies or gateways that can forward this message

Max-Forwards: 70
Remote-Party-ID: <sip:4105553501@>;party=calling;screen=no;privacy=off
Timestamp: 1014960901!Identifies the user agent client, for return messages

Contact: <sip:4105553501@>
Expires: 180
Allow-Events: telephone-event!This INVITE carries an SDP message

Content-Type: application/sdp
Content-Length: 202

SIP uses SDP to exchange information about endpoint capabilities and negotiate call features. This sample INVITE contains SDP information. The SDP part of a SIP message has standard fields, as shown in Example 4-2. This is the continuation of the INVITE message in Example 4-1. The SDP fields have the following meanings:

  • v—Tells the SDP version
  • o—Lists the organization of the calling party
  • s—Describes the SDP message
  • c—Lists the IP address of the originator
  • t—Tells the timer value
  • m—Describes the media that the originator expects
  • a—Gives the media attributes

Example 4-2. SIP SDP Message Contents

o=CiscoSystemsSIP-GW-UserAgent 7181 811 IN IP4
s=SIP Call
c=IN IP4
t=0 0
m=audio 18990 RT
c=IN IP4
a=rtpmap:0 PCMU/8000
a=rtpmap:19 CN/8000

Continuing the call, the called side (the UAS) returns a provisional response 100 Trying, shown in Example 4-3. Note that the call sequence number, 101, and the method type it is responding to, INVITE, are sent in each message.

Example 4-3. SIP "Trying" Response

!"Trying" indicates that the gateway has received the INVITE
SIP/2.0 100 Trying
Via: SIP/2.0/UDP;branch=z9hG4bKA1798
From: <sip:4105553501@>;tag=105741C-1D5E
!A tag is added by the UAS to identify this series of messages
To: <sip:3401@>;tag=16777231
Date: Fri, 06 Jan 2006 5:35:10 GMT
Call-ID: E937365B-2C0C11D6-802FA93D-4772A3BB@
Timestamp: 1014960901
CSeq: 101 INVITE
Allow-Events: telephone-event
Content-Length: 0

In Example 4-4, the UAS sends a 180 Ringing response to indicate that the remote phone is ringing.

Example 4-4. SIP Ringing Response

! Ringing indicates that the called phone is being alerted
SIP/2.0 180 Ringing
Via: SIP/2.0/UDP;branch=z9hG4bKA1798
From: <sip:4105553501@>;tag=105741C-1D5E
To: <sip:3401@>;tag=16777231
Date: Fri, 06 Jan 2006 5:35:10 GMT
Call-ID: E937365B-2C0C11D6-802FA93D-4772A3BB@
Timestamp: 1014960901
CSeq: 101 INVITE
Allow-Events: telephone-event
Remote-Party-ID: <sip:3401@>;party=called;screen=no;privacy=off
Contact: <sip:3401@>
Content-Length: 0

The remote phone has picked up the call, so a 200 OK response is sent, as shown in Example 4-5.

Example 4-5. SIP OK Response

! OK indicates that the called phone has answered
SIP/2.0 200 OK
Via: SIP/2.0/UDP;branch=z9hG4bKA1798
From: <sip:4105553501@>;tag=105741C-1D5E
To: <sip:3401@>;tag=16777231
Date: Fri, 06 Jan 2006 5:35:12 GMT
Call-ID: E937365B-2C0C11D6-802FA93D-4772A3BB@
0Timestamp: 1014960901
CSeq: 101 INVITE
Allow-Events: telephone-event
Remote-Party-ID: <sip:3401@>;party=called;screen=yes;privacy=off
Contact: <sip:3401@>
Content-Type: application/sdp
Content-Length: 221

o=CiscoSystemsCCM-SIP 2000 1000 IN IP4
s=SIP Call
c=IN IP4
t=0 0
m=audio 24580 RTP/AVP 0 101
a=rtpmap:0 PCMU/8000
a=rtpmap:101 telephone-event/8000
a=fmtp:101 0-15

The UAC responds to the OK message with an ACK method, shown in Example 4-6. Now the call is established.

Example 4-6. SIP ACK Message

ACK sip:3401@ SIP/2.0
Via: SIP/2.0/UDP;branch=z9hG4bKB1C57
From: <sip:4105553501@>;tag=105741C-1D5E
T0o: <sip:3401@>;tag=16777231
Date: Fri, 06 Jan 2006 5:35:13 GMT
Call-ID: E937365B-2C0C11D6-802FA93D-4772A3BB@
Max-Forwards: 70
CSeq: 101 ACK
Content-Length: 0
2. SIP Call Flow | Next Section

Cisco Press Promotional Mailings & Special Offers

I would like to receive exclusive offers and hear about products from Cisco Press and its family of brands. I can unsubscribe at any time.


Pearson Education, Inc., 221 River Street, Hoboken, New Jersey 07030, (Pearson) presents this site to provide information about Cisco Press products and services that can be purchased through this site.

This privacy notice provides an overview of our commitment to privacy and describes how we collect, protect, use and share personal information collected through this site. Please note that other Pearson websites and online products and services have their own separate privacy policies.

Collection and Use of Information

To conduct business and deliver products and services, Pearson collects and uses personal information in several ways in connection with this site, including:

Questions and Inquiries

For inquiries and questions, we collect the inquiry or question, together with name, contact details (email address, phone number and mailing address) and any other additional information voluntarily submitted to us through a Contact Us form or an email. We use this information to address the inquiry and respond to the question.

Online Store

For orders and purchases placed through our online store on this site, we collect order details, name, institution name and address (if applicable), email address, phone number, shipping and billing addresses, credit/debit card information, shipping options and any instructions. We use this information to complete transactions, fulfill orders, communicate with individuals placing orders or visiting the online store, and for related purposes.


Pearson may offer opportunities to provide feedback or participate in surveys, including surveys evaluating Pearson products, services or sites. Participation is voluntary. Pearson collects information requested in the survey questions and uses the information to evaluate, support, maintain and improve products, services or sites; develop new products and services; conduct educational research; and for other purposes specified in the survey.

Contests and Drawings

Occasionally, we may sponsor a contest or drawing. Participation is optional. Pearson collects name, contact information and other information specified on the entry form for the contest or drawing to conduct the contest or drawing. Pearson may collect additional personal information from the winners of a contest or drawing in order to award the prize and for tax reporting purposes, as required by law.


If you have elected to receive email newsletters or promotional mailings and special offers but want to unsubscribe, simply email information@ciscopress.com.

Service Announcements

On rare occasions it is necessary to send out a strictly service related announcement. For instance, if our service is temporarily suspended for maintenance we might send users an email. Generally, users may not opt-out of these communications, though they can deactivate their account information. However, these communications are not promotional in nature.

Customer Service

We communicate with users on a regular basis to provide requested services and in regard to issues relating to their account we reply via email or phone in accordance with the users' wishes when a user submits their information through our Contact Us form.

Other Collection and Use of Information

Application and System Logs

Pearson automatically collects log data to help ensure the delivery, availability and security of this site. Log data may include technical information about how a user or visitor connected to this site, such as browser type, type of computer/device, operating system, internet service provider and IP address. We use this information for support purposes and to monitor the health of the site, identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents and appropriately scale computing resources.

Web Analytics

Pearson may use third party web trend analytical services, including Google Analytics, to collect visitor information, such as IP addresses, browser types, referring pages, pages visited and time spent on a particular site. While these analytical services collect and report information on an anonymous basis, they may use cookies to gather web trend information. The information gathered may enable Pearson (but not the third party web trend services) to link information with application and system log data. Pearson uses this information for system administration and to identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents, appropriately scale computing resources and otherwise support and deliver this site and its services.

Cookies and Related Technologies

This site uses cookies and similar technologies to personalize content, measure traffic patterns, control security, track use and access of information on this site, and provide interest-based messages and advertising. Users can manage and block the use of cookies through their browser. Disabling or blocking certain cookies may limit the functionality of this site.

Do Not Track

This site currently does not respond to Do Not Track signals.


Pearson uses appropriate physical, administrative and technical security measures to protect personal information from unauthorized access, use and disclosure.


This site is not directed to children under the age of 13.


Pearson may send or direct marketing communications to users, provided that

  • Pearson will not use personal information collected or processed as a K-12 school service provider for the purpose of directed or targeted advertising.
  • Such marketing is consistent with applicable law and Pearson's legal obligations.
  • Pearson will not knowingly direct or send marketing communications to an individual who has expressed a preference not to receive marketing.
  • Where required by applicable law, express or implied consent to marketing exists and has not been withdrawn.

Pearson may provide personal information to a third party service provider on a restricted basis to provide marketing solely on behalf of Pearson or an affiliate or customer for whom Pearson is a service provider. Marketing preferences may be changed at any time.

Correcting/Updating Personal Information

If a user's personally identifiable information changes (such as your postal address or email address), we provide a way to correct or update that user's personal data provided to us. This can be done on the Account page. If a user no longer desires our service and desires to delete his or her account, please contact us at customer-service@informit.com and we will process the deletion of a user's account.


Users can always make an informed choice as to whether they should proceed with certain services offered by Cisco Press. If you choose to remove yourself from our mailing list(s) simply visit the following page and uncheck any communication you no longer want to receive: www.ciscopress.com/u.aspx.

Sale of Personal Information

Pearson does not rent or sell personal information in exchange for any payment of money.

While Pearson does not sell personal information, as defined in Nevada law, Nevada residents may email a request for no sale of their personal information to NevadaDesignatedRequest@pearson.com.

Supplemental Privacy Statement for California Residents

California residents should read our Supplemental privacy statement for California residents in conjunction with this Privacy Notice. The Supplemental privacy statement for California residents explains Pearson's commitment to comply with California law and applies to personal information of California residents collected in connection with this site and the Services.

Sharing and Disclosure

Pearson may disclose personal information, as follows:

  • As required by law.
  • With the consent of the individual (or their parent, if the individual is a minor)
  • In response to a subpoena, court order or legal process, to the extent permitted or required by law
  • To protect the security and safety of individuals, data, assets and systems, consistent with applicable law
  • In connection the sale, joint venture or other transfer of some or all of its company or assets, subject to the provisions of this Privacy Notice
  • To investigate or address actual or suspected fraud or other illegal activities
  • To exercise its legal rights, including enforcement of the Terms of Use for this site or another contract
  • To affiliated Pearson companies and other companies and organizations who perform work for Pearson and are obligated to protect the privacy of personal information consistent with this Privacy Notice
  • To a school, organization, company or government agency, where Pearson collects or processes the personal information in a school setting or on behalf of such organization, company or government agency.


This web site contains links to other sites. Please be aware that we are not responsible for the privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of each and every web site that collects Personal Information. This privacy statement applies solely to information collected by this web site.

Requests and Contact

Please contact us about this Privacy Notice or if you have any requests or questions relating to the privacy of your personal information.

Changes to this Privacy Notice

We may revise this Privacy Notice through an updated posting. We will identify the effective date of the revision in the posting. Often, updates are made to provide greater clarity or to comply with changes in regulatory requirements. If the updates involve material changes to the collection, protection, use or disclosure of Personal Information, Pearson will provide notice of the change through a conspicuous notice on this site or other appropriate way. Continued use of the site after the effective date of a posted revision evidences acceptance. Please contact us if you have questions or concerns about the Privacy Notice or any objection to any revisions.

Last Update: November 17, 2020