Difference between revisions of "FaceTime"

From The iPhone Wiki
Jump to: navigation, search
(New page: FaceTime is iChat AV for iPhone. Jobs presented an "alphabet soup" of technologies that were involved in making FaceTime work, many of which are shared with iChat AV, including: * H.2...)
 
m
 
(62 intermediate revisions by 13 users not shown)
Line 1: Line 1:
  +
== General ==
FaceTime is iChat AV for iPhone. Jobs presented an "alphabet soup" of technologies that were involved in making FaceTime work, many of which are shared with iChat AV, including:
 
   
  +
FaceTime is iChat AV for [[iPad 2]] and newer, [[iPad mini]] and newer, [[N81AP|iPod touch (4th generation)]] and newer, [[iPhone 4]] and newer. Jobs presented an "alphabet soup" of technologies that were involved in making FaceTime work, many of which are shared with iChat AV, including:
* H.264 and AAC, its ISO/MPEG video and audio codecs (just like iChat).
 
  +
* SIP (Session Initiation Protocol), the open IETF signaling protocol for VoIP used by iChat AV.
 
  +
* H.264 and AAC, its ISO/MPEG video and audio codecs (just like iChat).
* STUN (Session Traversal Utilities for NAT), an IETF standard for dealing with lots of different kinds of NAT.
 
  +
* [https://wiki.tools.ietf.org/html/rfc3261 SIP (Session Initiation Protocol)], the open IETF signaling protocol for VoIP used by iChat AV.
* TURN (Traversal Using Relay NAT), an IETF standard for allowing a client behind NAT to receive incoming requests like a server.
 
* ICE (Interactive Connectivity Establishment) an IETF standard which helps set up connections through NAT firewalls.
+
* STUN (Session Traversal Utilities for NAT), an IETF standard for dealing with lots of different kinds of NAT.
* RTP (Real-time Transport Protocol), an iETF standard for delivering media streams in VoIP.
+
* TURN (Traversal Using Relay NAT), an IETF standard for allowing a client behind NAT to receive incoming requests like a server.
  +
* ICE (Interactive Connectivity Establishment) an IETF standard which helps set up connections through NAT firewalls.
* SRTP (Secure RTP) an IETF standard designed to provide encryption, message authentication and integrity for the data streams.
 
  +
* RTP (Real-time Transport Protocol), an iETF standard for delivering media streams in VoIP.
  +
* SRTP (Secure RTP) an IETF standard designed to provide encryption, message authentication and integrity for the data streams.
  +
  +
FaceTime uses ports 53, 80, 443, 4080, 5223, and 16393-16472 (UDP).
  +
  +
A Mac Client for FaceTime is available on The Mac app store. More info can be found at http://www.apple.com/mac/facetime/
  +
  +
== FaceTime Activation / Registration ==
  +
  +
FaceTime is activated by sending a couple of SMS text messages in the background between the iPhone and an Apple server. If your carrier does not officially support the [[iPhone 4]], you may be charged for sending the activation SMS to an international (UK) number. Your carrier might also have issues delivering the SMS correctly which will prevent FaceTime from activating.
  +
  +
After enabling FaceTime in iPhone settings, your iPhone will attempt to send a "silent text message" (i. e. a text you don't know about) to Apple, that registers your telephone number on Apple's servers used for FaceTime. Apple then returns a "silent coded text message" to your iPhone, that activates the FaceTime within iOS4.
  +
  +
After being activated, FaceTime will happily operate solely over WiFi. However, FaceTime activation currently requires the iPhone to be activated, have an active SIM card with the ability to send and receive SMSes. If there's an issue sending or receiving SMS messages, FaceTime can't be enabled or activated.
  +
  +
FaceTime will work successfully in Airplane Mode over WiFi, however it requires FaceTime to be activated, and a SIM card inserted in your device.
  +
  +
=== FaceTime Registration Request ===
  +
  +
The iPhone sends a Registration Request SMS silently to this UK number (as identified by the [http://en.wikipedia.org/wiki/%2B44_%28country_code%29 +44 country code]): +44 7786 205094. AT&T customers have their own local number for FaceTime activations: 28818773. In Bell and Telus carrier bundles, version 7.2 the number is: 49988.
  +
  +
The Activation Servers number (PhoneNumberRegistrationGatewayAddress) is set in carrier.plist in System/Library/Carrier Bundles/<Your carrier>.bundle (or Unknown.bundle):
  +
  +
<key>PhoneNumberRegistrationGatewayAddress</key>
  +
<string>+447786205094</string>
  +
  +
You can change this to i. e. your own number and FaceTime will send the FaceTime Registration Request SMS to your own number.
  +
  +
Some carrier bundles (i.e. T-Mobile Germany Carrier Update 7.1) also contain the following key, which displays a warning that SMS charges might be applied when trying to activate FaceTime.
  +
<key>RegistrationOptInRequired</key>
  +
<true/>
  +
  +
Registration Request:
  +
REG-REQ?v=2;t=char[64];i=char[40];r=char[8]
  +
  +
Registration Request Example:
  +
REG-REQ?v=2;t=0C11F1ACF776391387797F5EEC1B87E9FC33DAD9 B86583270B8E8DDE78A7A23C;i=2CFA805D9A0D1D43CE57429 B4DA8E454B9AADB5D;r=5917c44d
  +
It was noticed the last portion i= has different character for every FaceTime request.
  +
  +
The Request is saved on:
  +
  +
* /var/wireless/spool/MobileOriginated/s.sms.1073741825 (or another identifier)
  +
  +
FaceTime will continue to retry sending the activation SMS multiple times before failing. [http://discussions.apple.com/thread.jspa?threadID=2483442&start=15&tstart=150][http://modmyi.com/forums/t-mobile/722445-iphone-4-t-mobile-users-beware-international-text-charges-facetime.html#post5380385]
  +
  +
=== FaceTime Registration Response ===
  +
  +
If your carrier doesn't officially support silent SMS messages, you may see the FaceTime Registration Response messages displayed.
  +
  +
Registration Response:
  +
<pre>
  +
¿¿¿¿y¿¿REG-RESP?v=2;r=XXXXXXX;n=+XXXXXXXXX;s=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
  +
</pre>
  +
  +
(X are numbers and codes received, it looks like a password and a hash code).
  +
  +
== Packet Capture - original from [http://fryguypa.wordpress.com/2010/06/25/iphone-4-and-facetime/ FryGuy's Blog] ==
  +
  +
* 1st iPhone IP Private – 192.168.0.128
  +
* 1st iPhone IP NAT – 216.164.100.100
  +
* 2nd iPhone IP Private 192.168.2.106
  +
* 2nd iPhone IP NAT – 72.81.200.200
  +
  +
Note: NATs changed to protect the guilty
  +
  +
=== Packets ===
  +
<pre>
  +
No. Time Source Destination Protocol Info
  +
1 0.000000 192.168.0.128 17.155.5.251 UDP Source port: 16402 Destination port: connected
  +
2 0.431054 17.155.5.251 192.168.0.128 UDP Source port: connected Destination port: 16402
  +
3 0.715713 192.168.0.128 17.155.5.251 UDP Source port: 51136 Destination port: connected
  +
4 0.716064 192.168.0.128 17.155.5.251 UDP Source port: 51136 Destination port: 16385
  +
5 0.717147 192.168.0.128 17.155.5.252 UDP Source port: 51136 Destination port: 16386
  +
6 0.958285 17.155.5.252 192.168.0.128 UDP Source port: 16386 Destination port: 51136
  +
7 0.960329 17.155.5.251 192.168.0.128 UDP Source port: 16385 Destination port: 51136
  +
8 0.960588 17.155.5.251 192.168.0.128 UDP Source port: connected Destination port: 51136
  +
9 1.016402 192.168.0.128 216.164.100.100 UDP Source port: 51136 Destination port: 52585
  +
10 1.018172 192.168.0.128 216.164.100.100 UDP Source port: 51136 Destination port: 52585
  +
11 1.019912 192.168.0.128 17.155.4.14 TCP 50697 > https [SYN] Seq=0 Win=65535 Len=0 MSS=1460 WS=2 TSV=469580285 TSER=0
  +
12 1.020140 192.168.0.128 216.164.100.100 UDP Source port: 51136 Destination port: 52585
  +
13 1.298294 17.155.4.14 192.168.0.128 TCP https > 50697 [SYN, ACK] Seq=0 Ack=1 Win=8190 Len=0 MSS=1360 WS=4
  +
14 1.318312 192.168.0.128 17.155.4.14 TCP 50697 > https [ACK] Seq=1 Ack=1 Win=131920 Len=0
  +
15 1.321211 192.168.0.128 17.155.4.14 TLSv1 Client Hello
  +
16 1.645657 192.168.0.128 17.155.5.251 UDP Source port: 51136 Destination port: connected
  +
17 1.645978 192.168.0.128 17.155.5.251 UDP Source port: 51136 Destination port: 16385
  +
18 1.646130 192.168.0.128 17.155.5.252 UDP Source port: 51136 Destination port: 16386
  +
19 1.662234 192.168.0.128 208.59.216.10 TCP 50698 > http [SYN] Seq=0 Win=65535 Len=0 MSS=1460 WS=2 TSV=469580291 TSER=0
  +
20 1.730834 17.155.4.14 192.168.0.128 TCP [TCP segment of a reassembled PDU]
  +
21 1.731963 17.155.4.14 192.168.0.128 TLSv1 Server Hello, Certificate, Server Hello Done
  +
22 1.808298 208.59.216.10 192.168.0.128 TCP http > 50698 [SYN, ACK] Seq=0 Ack=1 Win=5792 Len=0 MSS=1380 TSV=941715237 TSER=469580291 WS=1
  +
23 1.832208 192.168.0.128 17.155.4.14 TCP 50697 > https [ACK] Seq=160 Ack=1361 Win=130560 Len=0
  +
24 1.834588 192.168.0.128 17.155.4.14 TCP 50697 > https [ACK] Seq=160 Ack=2490 Win=130788 Len=0
  +
25 1.834954 192.168.0.128 208.59.216.10 TCP 50698 > http [ACK] Seq=1 Ack=1 Win=131328 Len=0 TSV=469580293 TSER=941715237
  +
26 1.836526 192.168.0.128 208.59.216.10 HTTP GET /WebObjects/VCInit.woa/wa/getBag?ix=1 HTTP/1.1
  +
27 1.881018 17.155.5.252 192.168.0.128 UDP Source port: 16386 Destination port: 51136
  +
28 1.882147 17.155.5.251 192.168.0.128 UDP Source port: connected Destination port: 51136
  +
29 1.883124 17.155.5.251 192.168.0.128 UDP Source port: 16385 Destination port: 51136
  +
30 1.884207 192.168.0.128 216.164.100.100 UDP Source port: 51136 Destination port: 52585
  +
31 1.886053 192.168.0.128 216.164.100.100 UDP Source port: 51136 Destination port: 52585
  +
32 1.886343 192.168.0.128 216.164.100.100 UDP Source port: 51136 Destination port: 52585
  +
33 1.930729 192.168.0.128 17.155.4.14 TLSv1 Client Key Exchange
  +
34 1.930835 192.168.0.128 17.155.4.14 TLSv1 Change Cipher Spec
  +
35 1.931583 192.168.0.128 17.155.4.14 TLSv1 Encrypted Handshake Message
  +
36 2.190008 208.59.216.10 192.168.0.128 TCP http > 50698 [ACK] Seq=1 Ack=229 Win=6432 Len=0 TSV=941715619 TSER=469580293
  +
37 2.190313 208.59.216.10 192.168.0.128 TCP [TCP segment of a reassembled PDU]
  +
38 2.191366 208.59.216.10 192.168.0.128 TCP [TCP segment of a reassembled PDU]
  +
39 2.192312 208.59.216.10 192.168.0.128 HTTP/XML HTTP/1.1 200 OK
  +
40 2.242678 192.168.0.128 208.59.216.10 TCP 50698 > http [ACK] Seq=229 Ack=2737 Win=128592 Len=0 TSV=469580297 TSER=941715619
  +
41 2.243014 192.168.0.128 208.59.216.10 TCP 50698 > http [ACK] Seq=229 Ack=3506 Win=127820 Len=0 TSV=469580297 TSER=941715619
  +
42 2.393275 17.155.4.14 192.168.0.128 TCP https > 50697 [ACK] Seq=2490 Ack=299 Win=35216 Len=0
  +
43 2.393305 17.155.4.14 192.168.0.128 TCP https > 50697 [ACK] Seq=2490 Ack=305 Win=35216 Len=0
  +
44 2.393351 17.155.4.14 192.168.0.128 TCP https > 50697 [ACK] Seq=2490 Ack=342 Win=35184 Len=0
  +
45 2.394633 17.155.4.14 192.168.0.128 TLSv1 Change Cipher Spec, Encrypted Handshake Message
  +
46 2.448112 192.168.0.128 17.155.4.14 TCP 50697 > https [ACK] Seq=342 Ack=2533 Win=131876 Len=0
  +
47 2.449760 192.168.0.128 17.155.4.14 TLSv1 Application Data
  +
48 2.450325 192.168.0.128 17.155.4.14 TLSv1 Application Data
  +
49 2.511448 192.168.0.128 17.155.5.251 UDP Source port: 51136 Destination port: connected
  +
50 2.512608 192.168.0.128 17.155.5.251 UDP Source port: 51136 Destination port: 16385
  +
51 2.512776 192.168.0.128 17.155.5.252 UDP Source port: 51136 Destination port: 16386
  +
52 2.905644 17.155.5.252 192.168.0.128 UDP Source port: 16386 Destination port: 51136
  +
53 2.905690 17.155.4.14 192.168.0.128 TCP https > 50697 [ACK] Seq=2533 Ack=966 Win=34560 Len=0
  +
54 2.905782 17.155.4.14 192.168.0.128 TCP https > 50697 [ACK] Seq=2533 Ack=1453 Win=34064 Len=0
  +
55 2.906896 17.155.5.251 192.168.0.128 UDP Source port: 16385 Destination port: 51136
  +
56 2.907536 17.155.5.251 192.168.0.128 UDP Source port: connected Destination port: 51136
  +
57 2.923466 17.155.4.14 192.168.0.128 TLSv1 Application Data
  +
58 2.923924 17.155.4.14 192.168.0.128 TLSv1 Application Data
  +
59 3.060254 192.168.0.128 216.164.100.100 UDP Source port: 51136 Destination port: 52585
  +
60 3.060422 192.168.0.128 216.164.100.100 UDP Source port: 51136 Destination port: 52585
  +
61 3.062146 192.168.0.128 17.155.4.14 TCP 50697 > https [ACK] Seq=1453 Ack=2894 Win=131556 Len=0
  +
62 3.062451 192.168.0.128 17.155.4.14 TCP 50697 > https [ACK] Seq=1453 Ack=3240 Win=131212 Len=0
  +
63 3.062741 192.168.0.128 199.7.52.190 TCP 50699 > http [SYN] Seq=0 Win=65535 Len=0 MSS=1460 WS=2 TSV=469580305 TSER=0
  +
64 3.063122 192.168.0.128 216.164.100.100 UDP Source port: 51136 Destination port: 52585
  +
65 3.532458 199.7.52.190 192.168.0.128 TCP http > 50699 [SYN, ACK] Seq=0 Ack=1 Win=8190 Len=0 MSS=1380
  +
66 3.571122 192.168.0.128 199.7.52.190 TCP 50699 > http [ACK] Seq=1 Ack=1 Win=65535 Len=0
  +
67 3.579117 192.168.0.128 199.7.52.190 HTTP GET /EVIntl2006.cer HTTP/1.1
  +
68 3.690690 192.168.0.128 17.155.4.14 TLSv1 Encrypted Alert
  +
69 3.692505 192.168.0.128 17.155.5.251 UDP Source port: 51136 Destination port: connected
  +
70 3.696701 192.168.0.128 17.155.4.14 TCP 50697 > https [FIN, ACK] Seq=1476 Ack=3240 Win=131920 Len=0
  +
71 3.697007 192.168.0.128 208.59.216.10 TCP 50698 > http [FIN, ACK] Seq=229 Ack=3506 Win=131328 Len=0 TSV=469580312 TSER=941715619
  +
72 3.697388 192.168.0.128 17.155.5.251 UDP Source port: 51136 Destination port: 16385
  +
73 3.697617 192.168.0.128 17.155.5.252 UDP Source port: 51136 Destination port: 16386
  +
74 3.809626 199.7.52.190 192.168.0.128 TCP [TCP segment of a reassembled PDU]
  +
75 3.810572 199.7.52.190 192.168.0.128 HTTP HTTP/1.0 200 OK (text/plain)
  +
76 3.881720 192.168.0.128 199.7.52.190 TCP 50699 > http [ACK] Seq=154 Ack=1865 Win=65535 Len=0
  +
77 3.890585 192.168.0.128 199.7.52.190 TCP 50699 > http [FIN, ACK] Seq=154 Ack=1865 Win=65535 Len=0
  +
78 3.952258 208.59.216.10 192.168.0.128 TCP http > 50698 [FIN, ACK] Seq=3506 Ack=230 Win=6432 Len=0 TSV=941717381 TSER=469580312
  +
79 3.954256 192.168.0.128 208.59.216.10 TCP 50698 > http [ACK] Seq=230 Ack=3507 Win=131328 Len=0 TSV=469580314 TSER=941717381
  +
80 4.007781 17.155.4.14 192.168.0.128 TCP https > 50697 [ACK] Seq=3240 Ack=1476 Win=40928 Len=0
  +
81 4.007965 17.155.4.14 192.168.0.128 TCP https > 50697 [FIN, ACK] Seq=3240 Ack=1477 Win=40928 Len=0
  +
82 4.009155 17.155.5.251 192.168.0.128 UDP Source port: 16385 Destination port: 51136
  +
83 4.009170 17.155.5.251 192.168.0.128 UDP Source port: connected Destination port: 51136
  +
84 4.009948 192.168.0.128 17.155.4.14 TCP 50697 > https [FIN, ACK] Seq=1476 Ack=3240 Win=131920 Len=0
  +
85 4.014495 192.168.0.128 17.155.4.14 TCP 50697 > https [ACK] Seq=1477 Ack=3241 Win=131920 Len=0
  +
86 4.019866 192.168.0.128 216.164.100.100 UDP Source port: 51136 Destination port: 52585
  +
87 4.023955 17.155.5.252 192.168.0.128 UDP Source port: 16386 Destination port: 51136
  +
88 4.025984 192.168.0.128 216.164.100.100 UDP Source port: 51136 Destination port: 52585
  +
89 4.034971 192.168.0.128 216.164.100.100 UDP Source port: 51136 Destination port: 52585
  +
90 4.504292 199.7.52.190 192.168.0.128 TCP http > 50699 [ACK] Seq=1865 Ack=155 Win=8190 Len=0
  +
91 4.671800 192.168.0.128 17.155.5.251 UDP Source port: 51136 Destination port: connected
  +
92 4.672167 192.168.0.128 17.155.5.251 UDP Source port: 51136 Destination port: 16385
  +
93 4.672411 192.168.0.128 17.155.5.252 UDP Source port: 51136 Destination port: 16386
  +
94 5.139092 17.155.5.252 192.168.0.128 UDP Source port: 16386 Destination port: 51136
  +
95 5.140068 17.155.5.251 192.168.0.128 UDP Source port: 16385 Destination port: 51136
  +
96 5.140129 17.155.5.251 192.168.0.128 UDP Source port: connected Destination port: 51136
  +
97 5.210011 192.168.0.128 216.164.100.100 UDP Source port: 51136 Destination port: 52585
  +
98 5.215809 192.168.0.128 216.164.100.100 UDP Source port: 51136 Destination port: 52585
  +
99 5.216068 192.168.0.128 216.164.100.100 UDP Source port: 51136 Destination port: 52585
  +
100 5.715774 192.168.0.128 17.155.5.251 UDP Source port: 51136 Destination port: 16385
  +
101 6.054578 17.155.5.251 192.168.0.128 UDP Source port: 16385 Destination port: 51136
  +
102 8.258196 192.168.0.128 192.168.2.106 STUN2 Binding Request
  +
103 8.286606 192.168.0.128 192.168.2.106 STUN2 Binding Request
  +
104 8.303893 192.168.0.128 72.81.200.200 STUN2 Binding Request
  +
105 8.313353 192.168.0.128 192.168.2.106 STUN2 Binding Request
  +
106 8.313582 72.81.200.200 192.168.0.128 STUN2 Binding Request
  +
107 8.316909 192.168.0.128 72.81.200.200 STUN2 Binding Success Response
  +
108 8.333677 192.168.0.128 72.81.200.200 STUN2 Binding Request
  +
109 8.344419 72.81.200.200 192.168.0.128 STUN2 Binding Request
  +
110 8.350980 192.168.0.128 72.81.200.200 STUN2 Binding Success Response
  +
111 8.360852 192.168.0.128 72.81.200.200 STUN2 Binding Request
  +
112 8.374294 72.81.200.200 192.168.0.128 STUN2 Binding Request
  +
113 8.376750 192.168.0.128 72.81.200.200 STUN2 Binding Success Response
  +
114 8.467002 192.168.0.128 192.168.2.106 STUN2 Binding Request
  +
115 8.496083 192.168.0.128 192.168.2.106 STUN2 Binding Request
  +
116 8.528156 72.81.200.200 192.168.0.128 STUN2 Binding Request
  +
117 8.530139 192.168.0.128 72.81.200.200 STUN2 Binding Request
  +
118 8.530765 192.168.0.128 72.81.200.200 STUN2 Binding Success Response
  +
119 8.553316 72.81.200.200 192.168.0.128 STUN2 Binding Request
  +
120 8.555467 192.168.0.128 72.81.200.200 STUN2 Binding Request
  +
121 8.556032 192.168.0.128 72.81.200.200 STUN2 Binding Success Response
  +
122 8.626234 72.81.200.200 192.168.0.128 STUN2 Binding Success Response
  +
123 8.629896 72.81.200.200 192.168.0.128 STUN2 Binding Success Response123
  +
124 8.730361 192.168.0.128 72.81.200.200 SIP/SDP Request: INVITE sip:user@72.81.200.200:50925, with session description
  +
125 8.748746 72.81.200.200 192.168.0.128 STUN2 Binding Success Response
  +
126 8.771618 192.168.0.128 192.168.2.106 STUN2 Binding Request
  +
127 8.797557 192.168.0.128 192.168.2.106 STUN2 Binding Request
  +
128 8.925571 72.81.200.200 192.168.0.128 STUN2 Binding Success Response
  +
129 8.927723 72.81.200.200 192.168.0.128 STUN2 Binding Success Response
  +
130 9.232700 192.168.0.128 72.81.200.200 SIP/SDP Request: INVITE sip:user@72.81.200.200:50925, with session description
  +
131 9.258562 192.168.0.128 192.168.2.106 STUN2 Binding Request
  +
132 9.262926 72.81.200.200 192.168.0.128 SIP Status: 100 Trying
  +
133 9.268831 72.81.200.200 192.168.0.128 SIP Status: 180 Ringing
  +
134 9.296692 192.168.0.128 192.168.2.106 STUN2 Binding Request
  +
135 9.320586 72.81.200.200 192.168.0.128 SIP/SDP Status: 200 OK, with session description
  +
136 9.326857 192.168.0.128 72.81.200.200 SIP Request: ACK sip:user@72.81.200.200:50925
  +
137 9.334699 192.168.0.128 72.81.200.200 SIP Request: MESSAGE sip:user@72.81.200.200:50925
  +
138 9.688477 72.81.200.200 192.168.0.128 SIP/SDP Status: 200 OK, with session description
  +
139 9.716567 192.168.0.128 72.81.200.200 SIP Request: ACK sip:user@72.81.200.200:50925
  +
140 9.834542 192.168.0.128 72.81.200.200 SIP Request: MESSAGE sip:user@72.81.200.200:50925
  +
141 10.216053 72.81.200.200 192.168.0.128 SIP Status: 200 OK
  +
142 10.230152 192.168.0.128 72.81.200.200 SIP Request: MESSAGE sip:user@72.81.200.200:50925
  +
143 10.442848 72.81.200.200 192.168.0.128 SIP Status: 200 OK
  +
144 10.491689 72.81.200.200 192.168.0.128 SIP Status: 200 OK
  +
145 10.727812 192.168.0.128 72.81.200.200 SIP Request: MESSAGE sip:user@72.81.200.200:50925
  +
146 11.229984 192.168.0.128 72.81.200.200 SIP Request: MESSAGE sip:user@72.81.200.200:50925
  +
147 11.318007 72.81.200.200 192.168.0.128 SIP Status: 200 OK
  +
148 11.367565 192.168.0.128 72.81.200.200 SIP Request: MESSAGE sip:user@72.81.200.200:50925
  +
149 11.618986 72.81.200.200 192.168.0.128 SIP Status: 200 OK
  +
150 11.866691 192.168.0.128 72.81.200.200 SIP Request: MESSAGE sip:user@72.81.200.200:50925
  +
151 11.998932 192.168.0.128 72.81.200.200 UDP Source port: 16402 Destination port: 50925
  +
152 12.035444 72.81.200.200 192.168.0.128 SIP Status: 200 OK
  +
153 12.063916 192.168.0.128 72.81.200.200 UDP Source port: 16402 Destination port: 50925
  +
154 12.129174 192.168.0.128 72.81.200.200 UDP Source port: 16402 Destination port: 50925
  +
155 12.180258 192.168.0.128 72.81.200.200 UDP Source port: 16402 Destination port: 50925
  +
156 12.183416 192.168.0.128 72.81.200.200 UDP Source port: 16402 Destination port: 50925
  +
157 12.187093 72.81.200.200 192.168.0.128 SIP Status: 200 OK
  +
158 12.195043 192.168.0.128 72.81.200.200 UDP Source port: 16402 Destination port: 50925
  +
159 12.200932 72.81.200.200 192.168.0.128 SIP Request: BYE sip:user@192.168.0.128:16402
  +
160 12.206181 192.168.0.128 72.81.200.200 SIP Status: 200 OK
  +
</pre>
  +
  +
=== Comments (by FryGuy) ===
  +
  +
==== Packets 1 – 10 ====
  +
* The phones communicates to a server at Apple (17.155.5.251 is what I saw). Communication is sourced from port 16402 via UDP initially and then looks to dynamically allocate ports for communication (16385 and 16386 are what appeared on my end).
  +
  +
==== Packets 11 – 101 ====
  +
  +
* The phone then negotiates an HTTPS connection to the servers at Apple for the setup and communication. There also seems to be some communication to other servers (in this case i see RCN 208.59.216.10) – and they are my cable provider.
  +
  +
==== Packets 102 – 123 ====
  +
  +
* After Client (iPhone) and server negotiation you start to see Stun requests via the private IPs, after they fail you see them from the Public IP NAT ranges. They success via the Public peering at that point.
  +
  +
==== Packets 124 – 160 ====
  +
  +
* A SIP call is then initiated between the phones for the video portion of the call
  +
  +
== How does Apples (FaceTime) Server know the IP Address of the 2nd (to be called) iPhone ? ==
  +
  +
Easy, every iPhone registers itself at Apple's push notification server whenever WiFi is available ("calls" Home).
  +
  +
Basic Process:
  +
  +
* iPhone detects Wi-Fi Connection
  +
* iPhone gets IP address via DHCP (if not set to static in Settings)
  +
* iPhone sends a HTTP request to www.apple.com/library/test/success.html
  +
* Apple's servers send back a HTML page containing only the word "Success" in the title and body
  +
* iPhone knows it is connected to the Internet
  +
* iPhone gets iphone-wu.apple.com/7day/v2/latest/lto2.dat to enable a quick GPS fix for Location Services; LTO stands for long-term orbit. This is unrelated to FaceTime.
  +
* iPhone contacts the FaceTime server, init.ess.apple.com
  +
* iPhone downloads EVIntl-aia.verisign.com/EVIntl2006.cer
  +
* iPhone joins Apple's Jabber server at 17.149.36.99
  +
* Apple knows the iPhone's IP, which is then used for FaceTime and other push notifications.
  +
  +
== Additional Information ==
  +
  +
* Interesting Packet Trace & Discussion: http://blog.roychowdhury.org/2010/06/25/facetime-on-iphone-4-vanilla-unencrypted-stun-and-sip/
  +
* Excellent Analysis: http://www.packetstan.com/
  +
* Highly Rumorous: http://www.addictivetips.com/mobile/apple-gathering-facetime-information-ability-to-see-video-calls/
  +
  +
[[Category:Software]]

Latest revision as of 10:12, 26 March 2017

General

FaceTime is iChat AV for iPad 2 and newer, iPad mini and newer, iPod touch (4th generation) and newer, iPhone 4 and newer. Jobs presented an "alphabet soup" of technologies that were involved in making FaceTime work, many of which are shared with iChat AV, including:

  • H.264 and AAC, its ISO/MPEG video and audio codecs (just like iChat).
  • SIP (Session Initiation Protocol), the open IETF signaling protocol for VoIP used by iChat AV.
  • STUN (Session Traversal Utilities for NAT), an IETF standard for dealing with lots of different kinds of NAT.
  • TURN (Traversal Using Relay NAT), an IETF standard for allowing a client behind NAT to receive incoming requests like a server.
  • ICE (Interactive Connectivity Establishment) an IETF standard which helps set up connections through NAT firewalls.
  • RTP (Real-time Transport Protocol), an iETF standard for delivering media streams in VoIP.
  • SRTP (Secure RTP) an IETF standard designed to provide encryption, message authentication and integrity for the data streams.

FaceTime uses ports 53, 80, 443, 4080, 5223, and 16393-16472 (UDP).

A Mac Client for FaceTime is available on The Mac app store. More info can be found at http://www.apple.com/mac/facetime/

FaceTime Activation / Registration

FaceTime is activated by sending a couple of SMS text messages in the background between the iPhone and an Apple server. If your carrier does not officially support the iPhone 4, you may be charged for sending the activation SMS to an international (UK) number. Your carrier might also have issues delivering the SMS correctly which will prevent FaceTime from activating.

After enabling FaceTime in iPhone settings, your iPhone will attempt to send a "silent text message" (i. e. a text you don't know about) to Apple, that registers your telephone number on Apple's servers used for FaceTime. Apple then returns a "silent coded text message" to your iPhone, that activates the FaceTime within iOS4.

After being activated, FaceTime will happily operate solely over WiFi. However, FaceTime activation currently requires the iPhone to be activated, have an active SIM card with the ability to send and receive SMSes. If there's an issue sending or receiving SMS messages, FaceTime can't be enabled or activated.

FaceTime will work successfully in Airplane Mode over WiFi, however it requires FaceTime to be activated, and a SIM card inserted in your device.

FaceTime Registration Request

The iPhone sends a Registration Request SMS silently to this UK number (as identified by the +44 country code): +44 7786 205094. AT&T customers have their own local number for FaceTime activations: 28818773. In Bell and Telus carrier bundles, version 7.2 the number is: 49988.

The Activation Servers number (PhoneNumberRegistrationGatewayAddress) is set in carrier.plist in System/Library/Carrier Bundles/<Your carrier>.bundle (or Unknown.bundle):

<key>PhoneNumberRegistrationGatewayAddress</key>
<string>+447786205094</string>

You can change this to i. e. your own number and FaceTime will send the FaceTime Registration Request SMS to your own number.

Some carrier bundles (i.e. T-Mobile Germany Carrier Update 7.1) also contain the following key, which displays a warning that SMS charges might be applied when trying to activate FaceTime.

<key>RegistrationOptInRequired</key>
<true/>

Registration Request:

REG-REQ?v=2;t=char[64];i=char[40];r=char[8]

Registration Request Example:

REG-REQ?v=2;t=0C11F1ACF776391387797F5EEC1B87E9FC33DAD9 B86583270B8E8DDE78A7A23C;i=2CFA805D9A0D1D43CE57429 B4DA8E454B9AADB5D;r=5917c44d

It was noticed the last portion i= has different character for every FaceTime request.

The Request is saved on:

  • /var/wireless/spool/MobileOriginated/s.sms.1073741825 (or another identifier)

FaceTime will continue to retry sending the activation SMS multiple times before failing. [1][2]

FaceTime Registration Response

If your carrier doesn't officially support silent SMS messages, you may see the FaceTime Registration Response messages displayed.

Registration Response:

¿¿¿¿y¿¿REG-RESP?v=2;r=XXXXXXX;n=+XXXXXXXXX;s=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

(X are numbers and codes received, it looks like a password and a hash code).

Packet Capture - original from FryGuy's Blog

  • 1st iPhone IP Private – 192.168.0.128
  • 1st iPhone IP NAT – 216.164.100.100
  • 2nd iPhone IP Private 192.168.2.106
  • 2nd iPhone IP NAT – 72.81.200.200

Note: NATs changed to protect the guilty

Packets

No.     Time        Source                Destination           Protocol Info
      1 0.000000    192.168.0.128         17.155.5.251          UDP      Source port: 16402  Destination port: connected
      2 0.431054    17.155.5.251          192.168.0.128         UDP      Source port: connected  Destination port: 16402
      3 0.715713    192.168.0.128         17.155.5.251          UDP      Source port: 51136  Destination port: connected
      4 0.716064    192.168.0.128         17.155.5.251          UDP      Source port: 51136  Destination port: 16385
      5 0.717147    192.168.0.128         17.155.5.252          UDP      Source port: 51136  Destination port: 16386
      6 0.958285    17.155.5.252          192.168.0.128         UDP      Source port: 16386  Destination port: 51136
      7 0.960329    17.155.5.251          192.168.0.128         UDP      Source port: 16385  Destination port: 51136
      8 0.960588    17.155.5.251          192.168.0.128         UDP      Source port: connected  Destination port: 51136
      9 1.016402    192.168.0.128         216.164.100.100       UDP      Source port: 51136  Destination port: 52585
     10 1.018172    192.168.0.128         216.164.100.100       UDP      Source port: 51136  Destination port: 52585
     11 1.019912    192.168.0.128         17.155.4.14           TCP      50697 > https [SYN] Seq=0 Win=65535 Len=0 MSS=1460 WS=2 TSV=469580285 TSER=0
     12 1.020140    192.168.0.128         216.164.100.100       UDP      Source port: 51136  Destination port: 52585
     13 1.298294    17.155.4.14           192.168.0.128         TCP      https > 50697 [SYN, ACK] Seq=0 Ack=1 Win=8190 Len=0 MSS=1360 WS=4
     14 1.318312    192.168.0.128         17.155.4.14           TCP      50697 > https [ACK] Seq=1 Ack=1 Win=131920 Len=0
     15 1.321211    192.168.0.128         17.155.4.14           TLSv1    Client Hello
     16 1.645657    192.168.0.128         17.155.5.251          UDP      Source port: 51136  Destination port: connected
     17 1.645978    192.168.0.128         17.155.5.251          UDP      Source port: 51136  Destination port: 16385
     18 1.646130    192.168.0.128         17.155.5.252          UDP      Source port: 51136  Destination port: 16386
     19 1.662234    192.168.0.128         208.59.216.10         TCP      50698 > http [SYN] Seq=0 Win=65535 Len=0 MSS=1460 WS=2 TSV=469580291 TSER=0
     20 1.730834    17.155.4.14           192.168.0.128         TCP      [TCP segment of a reassembled PDU]
     21 1.731963    17.155.4.14           192.168.0.128         TLSv1    Server Hello, Certificate, Server Hello Done
     22 1.808298    208.59.216.10         192.168.0.128         TCP      http > 50698 [SYN, ACK] Seq=0 Ack=1 Win=5792 Len=0 MSS=1380 TSV=941715237 TSER=469580291 WS=1
     23 1.832208    192.168.0.128         17.155.4.14           TCP      50697 > https [ACK] Seq=160 Ack=1361 Win=130560 Len=0
     24 1.834588    192.168.0.128         17.155.4.14           TCP      50697 > https [ACK] Seq=160 Ack=2490 Win=130788 Len=0
     25 1.834954    192.168.0.128         208.59.216.10         TCP      50698 > http [ACK] Seq=1 Ack=1 Win=131328 Len=0 TSV=469580293 TSER=941715237
     26 1.836526    192.168.0.128         208.59.216.10         HTTP     GET /WebObjects/VCInit.woa/wa/getBag?ix=1 HTTP/1.1 
     27 1.881018    17.155.5.252          192.168.0.128         UDP      Source port: 16386  Destination port: 51136
     28 1.882147    17.155.5.251          192.168.0.128         UDP      Source port: connected  Destination port: 51136
     29 1.883124    17.155.5.251          192.168.0.128         UDP      Source port: 16385  Destination port: 51136
     30 1.884207    192.168.0.128         216.164.100.100       UDP      Source port: 51136  Destination port: 52585
     31 1.886053    192.168.0.128         216.164.100.100       UDP      Source port: 51136  Destination port: 52585
     32 1.886343    192.168.0.128         216.164.100.100       UDP      Source port: 51136  Destination port: 52585
     33 1.930729    192.168.0.128         17.155.4.14           TLSv1    Client Key Exchange
     34 1.930835    192.168.0.128         17.155.4.14           TLSv1    Change Cipher Spec
     35 1.931583    192.168.0.128         17.155.4.14           TLSv1    Encrypted Handshake Message
     36 2.190008    208.59.216.10         192.168.0.128         TCP      http > 50698 [ACK] Seq=1 Ack=229 Win=6432 Len=0 TSV=941715619 TSER=469580293
     37 2.190313    208.59.216.10         192.168.0.128         TCP      [TCP segment of a reassembled PDU]
     38 2.191366    208.59.216.10         192.168.0.128         TCP      [TCP segment of a reassembled PDU]
     39 2.192312    208.59.216.10         192.168.0.128         HTTP/XML HTTP/1.1 200 OK 
     40 2.242678    192.168.0.128         208.59.216.10         TCP      50698 > http [ACK] Seq=229 Ack=2737 Win=128592 Len=0 TSV=469580297 TSER=941715619
     41 2.243014    192.168.0.128         208.59.216.10         TCP      50698 > http [ACK] Seq=229 Ack=3506 Win=127820 Len=0 TSV=469580297 TSER=941715619
     42 2.393275    17.155.4.14           192.168.0.128         TCP      https > 50697 [ACK] Seq=2490 Ack=299 Win=35216 Len=0
     43 2.393305    17.155.4.14           192.168.0.128         TCP      https > 50697 [ACK] Seq=2490 Ack=305 Win=35216 Len=0
     44 2.393351    17.155.4.14           192.168.0.128         TCP      https > 50697 [ACK] Seq=2490 Ack=342 Win=35184 Len=0
     45 2.394633    17.155.4.14           192.168.0.128         TLSv1    Change Cipher Spec, Encrypted Handshake Message
     46 2.448112    192.168.0.128         17.155.4.14           TCP      50697 > https [ACK] Seq=342 Ack=2533 Win=131876 Len=0
     47 2.449760    192.168.0.128         17.155.4.14           TLSv1    Application Data
     48 2.450325    192.168.0.128         17.155.4.14           TLSv1    Application Data
     49 2.511448    192.168.0.128         17.155.5.251          UDP      Source port: 51136  Destination port: connected
     50 2.512608    192.168.0.128         17.155.5.251          UDP      Source port: 51136  Destination port: 16385
     51 2.512776    192.168.0.128         17.155.5.252          UDP      Source port: 51136  Destination port: 16386
     52 2.905644    17.155.5.252          192.168.0.128         UDP      Source port: 16386  Destination port: 51136
     53 2.905690    17.155.4.14           192.168.0.128         TCP      https > 50697 [ACK] Seq=2533 Ack=966 Win=34560 Len=0
     54 2.905782    17.155.4.14           192.168.0.128         TCP      https > 50697 [ACK] Seq=2533 Ack=1453 Win=34064 Len=0
     55 2.906896    17.155.5.251          192.168.0.128         UDP      Source port: 16385  Destination port: 51136
     56 2.907536    17.155.5.251          192.168.0.128         UDP      Source port: connected  Destination port: 51136
     57 2.923466    17.155.4.14           192.168.0.128         TLSv1    Application Data
     58 2.923924    17.155.4.14           192.168.0.128         TLSv1    Application Data
     59 3.060254    192.168.0.128         216.164.100.100       UDP      Source port: 51136  Destination port: 52585
     60 3.060422    192.168.0.128         216.164.100.100       UDP      Source port: 51136  Destination port: 52585
     61 3.062146    192.168.0.128         17.155.4.14           TCP      50697 > https [ACK] Seq=1453 Ack=2894 Win=131556 Len=0
     62 3.062451    192.168.0.128         17.155.4.14           TCP      50697 > https [ACK] Seq=1453 Ack=3240 Win=131212 Len=0
     63 3.062741    192.168.0.128         199.7.52.190          TCP      50699 > http [SYN] Seq=0 Win=65535 Len=0 MSS=1460 WS=2 TSV=469580305 TSER=0
     64 3.063122    192.168.0.128         216.164.100.100       UDP      Source port: 51136  Destination port: 52585
     65 3.532458    199.7.52.190          192.168.0.128         TCP      http > 50699 [SYN, ACK] Seq=0 Ack=1 Win=8190 Len=0 MSS=1380
     66 3.571122    192.168.0.128         199.7.52.190          TCP      50699 > http [ACK] Seq=1 Ack=1 Win=65535 Len=0
     67 3.579117    192.168.0.128         199.7.52.190          HTTP     GET /EVIntl2006.cer HTTP/1.1 
     68 3.690690    192.168.0.128         17.155.4.14           TLSv1    Encrypted Alert
     69 3.692505    192.168.0.128         17.155.5.251          UDP      Source port: 51136  Destination port: connected
     70 3.696701    192.168.0.128         17.155.4.14           TCP      50697 > https [FIN, ACK] Seq=1476 Ack=3240 Win=131920 Len=0
     71 3.697007    192.168.0.128         208.59.216.10         TCP      50698 > http [FIN, ACK] Seq=229 Ack=3506 Win=131328 Len=0 TSV=469580312 TSER=941715619
     72 3.697388    192.168.0.128         17.155.5.251          UDP      Source port: 51136  Destination port: 16385
     73 3.697617    192.168.0.128         17.155.5.252          UDP      Source port: 51136  Destination port: 16386
     74 3.809626    199.7.52.190          192.168.0.128         TCP      [TCP segment of a reassembled PDU]
     75 3.810572    199.7.52.190          192.168.0.128         HTTP     HTTP/1.0 200 OK  (text/plain)
     76 3.881720    192.168.0.128         199.7.52.190          TCP      50699 > http [ACK] Seq=154 Ack=1865 Win=65535 Len=0
     77 3.890585    192.168.0.128         199.7.52.190          TCP      50699 > http [FIN, ACK] Seq=154 Ack=1865 Win=65535 Len=0
     78 3.952258    208.59.216.10         192.168.0.128         TCP      http > 50698 [FIN, ACK] Seq=3506 Ack=230 Win=6432 Len=0 TSV=941717381 TSER=469580312
     79 3.954256    192.168.0.128         208.59.216.10         TCP      50698 > http [ACK] Seq=230 Ack=3507 Win=131328 Len=0 TSV=469580314 TSER=941717381
     80 4.007781    17.155.4.14           192.168.0.128         TCP      https > 50697 [ACK] Seq=3240 Ack=1476 Win=40928 Len=0
     81 4.007965    17.155.4.14           192.168.0.128         TCP      https > 50697 [FIN, ACK] Seq=3240 Ack=1477 Win=40928 Len=0
     82 4.009155    17.155.5.251          192.168.0.128         UDP      Source port: 16385  Destination port: 51136
     83 4.009170    17.155.5.251          192.168.0.128         UDP      Source port: connected  Destination port: 51136
     84 4.009948    192.168.0.128         17.155.4.14           TCP      50697 > https [FIN, ACK] Seq=1476 Ack=3240 Win=131920 Len=0
     85 4.014495    192.168.0.128         17.155.4.14           TCP      50697 > https [ACK] Seq=1477 Ack=3241 Win=131920 Len=0
     86 4.019866    192.168.0.128         216.164.100.100       UDP      Source port: 51136  Destination port: 52585
     87 4.023955    17.155.5.252          192.168.0.128         UDP      Source port: 16386  Destination port: 51136
     88 4.025984    192.168.0.128         216.164.100.100       UDP      Source port: 51136  Destination port: 52585
     89 4.034971    192.168.0.128         216.164.100.100       UDP      Source port: 51136  Destination port: 52585
     90 4.504292    199.7.52.190          192.168.0.128         TCP      http > 50699 [ACK] Seq=1865 Ack=155 Win=8190 Len=0
     91 4.671800    192.168.0.128         17.155.5.251          UDP      Source port: 51136  Destination port: connected
     92 4.672167    192.168.0.128         17.155.5.251          UDP      Source port: 51136  Destination port: 16385
     93 4.672411    192.168.0.128         17.155.5.252          UDP      Source port: 51136  Destination port: 16386
     94 5.139092    17.155.5.252          192.168.0.128         UDP      Source port: 16386  Destination port: 51136
     95 5.140068    17.155.5.251          192.168.0.128         UDP      Source port: 16385  Destination port: 51136
     96 5.140129    17.155.5.251          192.168.0.128         UDP      Source port: connected  Destination port: 51136
     97 5.210011    192.168.0.128         216.164.100.100       UDP      Source port: 51136  Destination port: 52585
     98 5.215809    192.168.0.128         216.164.100.100       UDP      Source port: 51136  Destination port: 52585
     99 5.216068    192.168.0.128         216.164.100.100       UDP      Source port: 51136  Destination port: 52585
    100 5.715774    192.168.0.128         17.155.5.251          UDP      Source port: 51136  Destination port: 16385
    101 6.054578    17.155.5.251          192.168.0.128         UDP      Source port: 16385  Destination port: 51136
    102 8.258196    192.168.0.128         192.168.2.106         STUN2    Binding Request
    103 8.286606    192.168.0.128         192.168.2.106         STUN2    Binding Request
    104 8.303893    192.168.0.128         72.81.200.200         STUN2    Binding Request
    105 8.313353    192.168.0.128         192.168.2.106         STUN2    Binding Request
    106 8.313582    72.81.200.200         192.168.0.128         STUN2    Binding Request
    107 8.316909    192.168.0.128         72.81.200.200         STUN2    Binding Success Response
    108 8.333677    192.168.0.128         72.81.200.200         STUN2    Binding Request
    109 8.344419    72.81.200.200         192.168.0.128         STUN2    Binding Request
    110 8.350980    192.168.0.128         72.81.200.200         STUN2    Binding Success Response
    111 8.360852    192.168.0.128         72.81.200.200         STUN2    Binding Request
    112 8.374294    72.81.200.200         192.168.0.128         STUN2    Binding Request
    113 8.376750    192.168.0.128         72.81.200.200         STUN2    Binding Success Response
    114 8.467002    192.168.0.128         192.168.2.106         STUN2    Binding Request
    115 8.496083    192.168.0.128         192.168.2.106         STUN2    Binding Request
    116 8.528156    72.81.200.200         192.168.0.128         STUN2    Binding Request
    117 8.530139    192.168.0.128         72.81.200.200         STUN2    Binding Request
    118 8.530765    192.168.0.128         72.81.200.200         STUN2    Binding Success Response
    119 8.553316    72.81.200.200         192.168.0.128         STUN2    Binding Request
    120 8.555467    192.168.0.128         72.81.200.200         STUN2    Binding Request
    121 8.556032    192.168.0.128         72.81.200.200         STUN2    Binding Success Response
    122 8.626234    72.81.200.200         192.168.0.128         STUN2    Binding Success Response
    123 8.629896    72.81.200.200         192.168.0.128         STUN2    Binding Success Response123
    124 8.730361    192.168.0.128         72.81.200.200         SIP/SDP  Request: INVITE sip:user@72.81.200.200:50925, with session description
    125 8.748746    72.81.200.200         192.168.0.128         STUN2    Binding Success Response
    126 8.771618    192.168.0.128         192.168.2.106         STUN2    Binding Request
    127 8.797557    192.168.0.128         192.168.2.106         STUN2    Binding Request
    128 8.925571    72.81.200.200         192.168.0.128         STUN2    Binding Success Response
    129 8.927723    72.81.200.200         192.168.0.128         STUN2    Binding Success Response
    130 9.232700    192.168.0.128         72.81.200.200         SIP/SDP  Request: INVITE sip:user@72.81.200.200:50925, with session description
    131 9.258562    192.168.0.128         192.168.2.106         STUN2    Binding Request
    132 9.262926    72.81.200.200         192.168.0.128         SIP      Status: 100 Trying
    133 9.268831    72.81.200.200         192.168.0.128         SIP      Status: 180 Ringing
    134 9.296692    192.168.0.128         192.168.2.106         STUN2    Binding Request
    135 9.320586    72.81.200.200         192.168.0.128         SIP/SDP  Status: 200 OK, with session description
    136 9.326857    192.168.0.128         72.81.200.200         SIP      Request: ACK sip:user@72.81.200.200:50925
    137 9.334699    192.168.0.128         72.81.200.200         SIP      Request: MESSAGE sip:user@72.81.200.200:50925
    138 9.688477    72.81.200.200         192.168.0.128         SIP/SDP  Status: 200 OK, with session description
    139 9.716567    192.168.0.128         72.81.200.200         SIP      Request: ACK sip:user@72.81.200.200:50925
    140 9.834542    192.168.0.128         72.81.200.200         SIP      Request: MESSAGE sip:user@72.81.200.200:50925
    141 10.216053   72.81.200.200         192.168.0.128         SIP      Status: 200 OK
    142 10.230152   192.168.0.128         72.81.200.200         SIP      Request: MESSAGE sip:user@72.81.200.200:50925
    143 10.442848   72.81.200.200         192.168.0.128         SIP      Status: 200 OK
    144 10.491689   72.81.200.200         192.168.0.128         SIP      Status: 200 OK
    145 10.727812   192.168.0.128         72.81.200.200         SIP      Request: MESSAGE sip:user@72.81.200.200:50925
    146 11.229984   192.168.0.128         72.81.200.200         SIP      Request: MESSAGE sip:user@72.81.200.200:50925
    147 11.318007   72.81.200.200         192.168.0.128         SIP      Status: 200 OK
    148 11.367565   192.168.0.128         72.81.200.200         SIP      Request: MESSAGE sip:user@72.81.200.200:50925
    149 11.618986   72.81.200.200         192.168.0.128         SIP      Status: 200 OK
    150 11.866691   192.168.0.128         72.81.200.200         SIP      Request: MESSAGE sip:user@72.81.200.200:50925
    151 11.998932   192.168.0.128         72.81.200.200         UDP      Source port: 16402  Destination port: 50925
    152 12.035444   72.81.200.200         192.168.0.128         SIP      Status: 200 OK
    153 12.063916   192.168.0.128         72.81.200.200         UDP      Source port: 16402  Destination port: 50925
    154 12.129174   192.168.0.128         72.81.200.200         UDP      Source port: 16402  Destination port: 50925
    155 12.180258   192.168.0.128         72.81.200.200         UDP      Source port: 16402  Destination port: 50925
    156 12.183416   192.168.0.128         72.81.200.200         UDP      Source port: 16402  Destination port: 50925
    157 12.187093   72.81.200.200         192.168.0.128         SIP      Status: 200 OK
    158 12.195043   192.168.0.128         72.81.200.200         UDP      Source port: 16402  Destination port: 50925
    159 12.200932   72.81.200.200         192.168.0.128         SIP      Request: BYE sip:user@192.168.0.128:16402
    160 12.206181   192.168.0.128         72.81.200.200         SIP      Status: 200 OK

Comments (by FryGuy)

Packets 1 – 10

  • The phones communicates to a server at Apple (17.155.5.251 is what I saw). Communication is sourced from port 16402 via UDP initially and then looks to dynamically allocate ports for communication (16385 and 16386 are what appeared on my end).

Packets 11 – 101

  • The phone then negotiates an HTTPS connection to the servers at Apple for the setup and communication. There also seems to be some communication to other servers (in this case i see RCN 208.59.216.10) – and they are my cable provider.

Packets 102 – 123

  • After Client (iPhone) and server negotiation you start to see Stun requests via the private IPs, after they fail you see them from the Public IP NAT ranges. They success via the Public peering at that point.

Packets 124 – 160

  • A SIP call is then initiated between the phones for the video portion of the call

How does Apples (FaceTime) Server know the IP Address of the 2nd (to be called) iPhone ?

Easy, every iPhone registers itself at Apple's push notification server whenever WiFi is available ("calls" Home).

Basic Process:

  • iPhone detects Wi-Fi Connection
  • iPhone gets IP address via DHCP (if not set to static in Settings)
  • iPhone sends a HTTP request to www.apple.com/library/test/success.html
  • Apple's servers send back a HTML page containing only the word "Success" in the title and body
  • iPhone knows it is connected to the Internet
  • iPhone gets iphone-wu.apple.com/7day/v2/latest/lto2.dat to enable a quick GPS fix for Location Services; LTO stands for long-term orbit. This is unrelated to FaceTime.
  • iPhone contacts the FaceTime server, init.ess.apple.com
  • iPhone downloads EVIntl-aia.verisign.com/EVIntl2006.cer
  • iPhone joins Apple's Jabber server at 17.149.36.99
  • Apple knows the iPhone's IP, which is then used for FaceTime and other push notifications.

Additional Information