|
I am running Wireshark V 1.2.5 on Windows 7 and I
have a question on what is the correct method to find all packets in an RTP
stream from a trace that has multiple H.323 calls in it.
I use "VoIP Calls" and highlight the call I am
interested in and click "Prepare Filter". This will give one or maybe a
few RTP packets.
Originally I thought that the correct method was to
use the RTP setup frame :-
rtp.setup-frame == 4
However, I was advised by someone that I should use
the RTP SSID:-
rtp.ssrc == 0xb1854be7
I have a trace where if I filter on the SSID I get
95% RTP packet loss, but if I filter on it via the RTP setup frame, I get 0% RTP
packet loss.
Which method should I be using?
Keith French
|