The SIP message body and SDP session profiles

The SIP message body and SDP session profiles

The SIP message body describes the session to be initiated. For example, in a SIP phone call the body usually includes audio codec types, sampling rates, server IP addresses and so on. For other types of SIP session the body could contain text or binary data of any type which relates in some way to the session. The message body is included in request and response messages.


Two possible SIP message body types:

  • Session Description Protocol (SDP), most commonly used for SIP VoIP.
  • Multipurpose Internet Mail Extensions (MIME)

SDP is most often used for VoIP and FortiGate units support SDP content in SIP message bodies. SDP is a text- based protocol used by SIP to control media sessions. SDP does not deliver media but provides a session profile that contains media details, transport addresses, parameter negotiation, and other session description metadata for the participants in a media session. The participants use the information in the session profile to negotiate how to communicate and to manage the media session. SDP is described by RFC 4566.

An SDP session profile always contains session information and may contain media information. Session information appears at the start of the session profile and media information (using the m= attribute) follows.

SDP session profiles can include the attributes listed inthe following table.


SDP session profile attributes

Attribute                  Description

a=                              Attributes to extend SDP in the form a=<attribute> or a=<a- ttribute>:<value>.

b=                              Contains information about the bandwidth required for the session or media in the form b=<bandwidth_type>:<bandwidth>.

c=                              Connection data about the session including the network type (usually IN for Internet), address type (IPv4 or IPv6), the connection source address, and other optional inform- ation. For example:

c=IN IPv4

A text string that contains information about the session. For example:


i=A audio presentation about SIP

k=                              Can be used to convey encryption keys over a secure and trusted channel. For example:



Media information, consisting of one or more lines all starting with m= and containing details about the media including the media type, the destination port or ports used by the media, the protocol used by the media, and a media format description.

m=audio 49170 RTP 0 3 m-video 3345/2 udp 34

m-video 2910/2 RTP/AVP 3 56


Multiple media lines are needed if SIP is managing multiple types of media in one ses-

m=                             sion (for example, separate audio and video streams).

Multiple ports for a media stream are indicated using a slash. 3345/2 udp means UDP ports 3345 and 3346. Usually RTP uses even-numbered ports for data with the corresponding one-higher odd ports used for the RTCP session belonging to the RTP session. So 2910/2 RTP/AVP means ports 2910 and 2912 are used for RTP and 2911 and 2913 are used for RTCP.


Media types include udp for an unspecified protocol that uses UDP, RTP or RTP/AVP for standard RTP and RTP/SAVP for secure RTP.


Attribute                  Description

o=                              The sender’s username, a session identifier, a session version number, the network type (usually IN for Internet), the address type (for example, IPv4 or IPv6), and the sending device’s IP address. The o= field becomes a universal identifier for this ver- sion of this session description. For example:

o=PhoneA 5462346 332134 IN IP4


Repeat times for a session. Used if a session will be repeated at one or more timed intervals. Not normally used for VoIP calls. The times can be in different formats. For

r=                               example:

r=7d 1h 0 25h r=604800 3600 0 90000


s=                              Any text that describes the session or s= followed by a space. For example:

s=Call from inviter


The start and stop time of the session. Sessions with no time restrictions (most VoIP

t=                               calls) have a start and stop time of 0.

t=0 0


v=                              SDP protocol version. The current SDP version is 0 so the v= field is always:



Time zone adjustments. Used for scheduling repeated sessions that span the time

z=                               between changing from standard to daylight savings time.

z=2882844526 -1h 2898848070 0

This entry was posted in FortiGate, FortiOS, FortiOS 5.4 Handbook and tagged , on by .

About Mike

Michael Pruett, CISSP has a wide range of cyber-security and network engineering expertise. The plethora of vendors that resell hardware but have zero engineering knowledge resulting in the wrong hardware or configuration being deployed is a major pet peeve of Michael's. This site was started in an effort to spread information while providing the option of quality consulting services at a much lower price than Fortinet Professional Services. Owns PacketLlama.Com (Fortinet Hardware Sales) and Office Of The CISO, LLC (Cybersecurity consulting firm).

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.