This is part 2 of the “SIP Stress Testing” topic. In Part 1, I have talked about the definition of the stress, opensipsctl (command line tool) and OpenSIPS-CP (Web tool) and how they are used in testing. In this part, i will talk about SIPSAK. SIPSAK is a command line tool used by SIP administrators to test the performance and the security of the SIP servers or user agents. SIPSAK is a SIP traffic generator. It generates SIP requests and sends them to the target addressed by SIP-URI . To download SIPSAK on Fedora, simply:
# yum install sipsak
SIPSAK runs in the following modes:
♣ Default mode: Using the OPTIONS SIP method, you can ping a target addressed by SIP-URI.
♣ Traceroute mode (-T): This is useful for learning the request’s path. The number of SIP servers on the way to the destination is counted plus the round trip time of each request is printed out.
♣ Message mode (-M): Send a short message using MESSAGE SIP request. The content of the message will be set using the option (-B).
♣ Usrloc mode (-U): Register the user addressed by SIP-URI (Set by option -s).
♣ Randtrash mode (-R) :keeps sending randomly corrupted messages to torture a SIP server’s parser. OPTIONS requests with increasing numbers of randomly crashed characters are sent to the server.
♣ Flood Mode (-F): keeps sending requests to a SIP server at high pace. OPTIONS requests with increasing CSeq numbers are sent to the server.
Current SIPSAK is missing support for the Record-Route and Route headers and IPv6 is not supported. At the stressed SIP server’s side, you need monitoring and analyzing tool which display the state of the server as numbers and figures.
- Ping the target “test1”: #sipsak -s sip:email@example.com. In this tutorial i will ping the user firstname.lastname@example.org.
Here is the messages sent by SIPSAK and captured by SIPTRACE. See the User-Agent header field in the traced SIP message (User-Agent: sipsak 0.9.6). The message is taken from OpenSIPPS-CP SIPTRACE page.
The User-Agent: Jitsi2.2.4603.9615Linux . The target user (test1) must be registered otherwise you will get an error response message sent from the server (in case the server is programmed to do this in its routing script). The test server in this tutorial sends “404 Not Found” SIP failure:
If you put the option -F , SIPSAK will flood the server with SIP OPTION Requests.
# sipsak -F -s sip:email@example.com
SIPSAK is also used to test the security of the SIP server. In the previous example, flooding the server with OPTIONS SIP Requests (a lot of ping messages) is considered attack because after a short time the SIP service will be not available and the server became unable to handle more SIP requests. The test server in this tutorial sends an error message ” 500 Internal Error” after short time of flooding.
Other SIPSAK examples:
- Trace a call: # sipsak –T –s sip:firstname.lastname@example.org
- Send a message to the user “test1” :# sipsak –M –s sip:email@example.com –c firstname.lastname@example.org –B “Message Text”
- Register the user “test1” # sipsak –U –s sip:email@example.com
Nagios monitoring tool are good complement to SIPSAK traffic generator.
SO to test the server, generate requests and check the system’s response. If you get something you don’t like, change it and do it again (Make changes, Restart the server, Generate traffic , and Check the server’s response).
The Next Part will be about SIPp which is an emulation tool which generates SIP traffic and gives some statistics.