I have implemented SIP calls over TCP. Now I intend to extrapolate it to REGISTRATION over TCP.
I have a reference PCAP with the following flow:
Logic for Sequence number and Acknowledgement number for initial registration:
A------------------------------------B Seq - Ack - Size
REGISTER
----------------------------------→ 1 - 1 - 709
100 Giving a Try
<---------------------------------- 1 - 710 - 358
401 Unauthorized
<---------------------------------- 359 - 710 - 459
REGISTER
----------------------------------→ 710 - 818 - 931
100 Giving a Try
<---------------------------------- 818 - 1641 - 358
200OK
<---------------------------------- 1176 - 1641 - 450
sequence number of current leg= (sequence number of previous leg in same direction+window size of previous leg in same direction.)
Ack number of current leg =(Ack number of previous leg) {if current leg is in same direction as previous one}
=(sequence number of previous leg)+(window size of previous leg ) {else}
I am trying to understand the following:
- Should the refresh instance be part of the same TCP stream? Which means should the Src and dest IP addresses and Src and Dest Port addresses of the refresh instance be the same as the initial registration?
- What logic should be applied to the Seq and Ack numbers? Should they be in continuation to the previous messages (initial registration attempt) or should these values be as if a new instance is being generated between the given devices?
PS: I am working on a tool that generates calls among devices, so src and dest message code is within my realm.