Wireshark-users: Re: [Wireshark-users] voip troubleshooting

From: Jaap Keuter <jaap.keuter@xxxxxxxxx>
Date: Sun, 10 Dec 2006 12:55:52 +0100 (CET)
Hi,

One concept you have to get your head wrapped around is the difference
between signaling and media. Signaling has everything to do with Call
Control etc, while media is about the sound etc. conveyed.
RTP is most used for media transport, while general UDP or TCP is used for
signaling transport. The only relation you can use is the addresses of the
endpoints involved. So if you see an RTP flow from an endpoint, there most
likely are signaling flows as well from the enpoint.

Thanx,
Jaap

On Sun, 10 Dec 2006, William Irving Zumwalt wrote:

> Thank you, this is all helpful.
>
> I just have one question. If I don't know the exact protocol that this
> particular VoIP software is using, is it safe to say it will be riding on
> RTP and is there a specific way I need to setup a filter to figure this out?
> Or how might I go about this?
>
>
> On 12/9/06, Frank Bulk <frnkblk@xxxxxxxxx> wrote:
> >
> >  Will:
> >
> > Here's a great article to get your started:
> > http://www.voip-info.org/wiki/view/How+To+Debug+and+Troubleshoot+VOIP
> > Don't worry if your capture gets your more than just the RTP traffic,
> > unless you're moving Mbps over that wireless link.  Wireshark's RTP stream
> > analysis will automagically select just the RTP streams to analyze.
> >
> > Frank
> >
> >  ------------------------------
> > *From:* William Irving Zumwalt [mailto:wizumwalt@xxxxxxxxx]
> > *Sent:* Saturday, December 09, 2006 2:30 PM
> > *To:* frnkblk@xxxxxxxxx; Community support list for Wireshark
> > *Subject:* Re: [Wireshark-users] voip troubleshooting
> >
> > What is jitter? And, is there anything around that might help me configure
> > for capturing only RTP (if I understand correctly, the VoIP protocols ride
> > on top of RTP which rides on top of IP?) and making sense of what's going
> > on?
> >
> > On 12/9/06, Frank Bulk <frnkblk@xxxxxxxxx> wrote:
> > >
> > >  Yes Wireshark includes RTP stream analysis including latency and
> > > jitter.
> > >
> > > Frank
> > >
> > >  ------------------------------
> > > *From:* wireshark-users-bounces@xxxxxxxxxxxxx [mailto:
> > > wireshark-users-bounces@xxxxxxxxxxxxx] *On Behalf Of *William Irving
> > > Zumwalt
> > > *Sent:* Saturday, December 09, 2006 12:00 AM
> > > *To:* wireshark-users@xxxxxxxxxxxxx
> > > *Subject:* [Wireshark-users] voip troubleshooting
> > >
> > >  Hi all,
> > >
> > > I hope I can use wireshark for this task I have.
> > >
> > > There's two way voice traffic going on and at one point the IP is sent
> > > across radios. The problem is that at some point, the sound comes through
> > > delayed, though it always comes through complete. It sounds as if theres
> > > buffereing taking place and the voice just stops, then continues. I'm
> > > thinking maybe it would be something like one radio is not transmitting
> > > strong enough which means some packet ACKnowledgements might not be making
> > > it back to the voip source on the TCP network, but I need to see what the
> > > packet conversation actually looks like to figure this out.
> > >
> > > I was hoping wireshark might be a good tool here to help me troubleshoot
> > > what's going on.
> > >
> > > Any help, suggestions, comments on what to look for would be greatly
> > > appreciated since I haven't yet done this.
> > >
> > > Will
> > >
> > >
> > > _______________________________________________
> > > Wireshark-users mailing list
> > > Wireshark-users@xxxxxxxxxxxxx
> > > http://www.wireshark.org/mailman/listinfo/wireshark-users
> > >
> > >
> >
>