Re: What is the packet format of ip-sla udp-jitter voip command

eitanz · ‎02-12-2023

Hello,

I need to develop a router that will be the responder side of Cisco's IP-SLA UDP-JITTER VOIP command, can someone tell or point me to where I can find the details of the network send and reply packets format of that protocol?

Some specific questions:

What can be the length of those packets? is it always 32 bytes or can be different?

I know that one of the packet's fields is a timestamp, how does this timestamp is calculated?

Is there a difference in packet structure and values between using the control packet first to not using it?

thanks,

Eitan.

Joseph W. Doherty · ‎02-12-2023

Develop a router?

Ah, reason why you cannot just use a Cisco router?

Unsure whether what you want to know is not proprietary.

eitanz · ‎02-13-2023

Joseph,
Thanks for the reply,
I need to implement the Cisco's udp-jitter protocol (only the responder side) on a different brand router so it can work with a Cisco router (again as the responder to Cisco's requests),
I know this protocol was developed by Cisco but I also know there are other brands that implemented it, my question is what is the protocol details (bits and bytes of the request/responder packets)

Joseph W. Doherty · ‎02-13-2023

Understood.

What I don't know is whether Cisco ever publicly opened their SLA format(s) to the public. It's possible (again, I don't know), that other "brands" have licensed Cisco's technology.

Suggest you search RFCs, the Internet, generally, and/or contact Cisco directly. If this information is public, possibly you'll find the info you need or Cisco will point you to it.

If not public, i.e. still proprietary, you can, of course, attempt to reverse engineer the technology, but I'm sure you're aware of the potential penalties for that.

PS:

Unfortunately, you might be in a somewhat similar situation making another brand router work (previously) with EIGRP, which for many years (until relatively recently) was kept proprietary. (I believe, there may have only been one, or very few, other vendors that ever licensed EIGRP.)

MHM Cisco World · ‎02-12-2023

That easy I will share with you Wireshark for both way icmp echo.

MHM Cisco World · ‎02-12-2023

please find the capture of UDP packet between two router.
please notice the UDP port you see is configurable by me.

you can use any UDP port for sender and responder.

eitanz · ‎02-14-2023

Thanks MHM,

I also got such a capture running the protocol between 2 Cisco routers but the problem is to understand the bits and bytes of those packet's payload (see my questions in my first post)

MHM Cisco World · ‎02-14-2023

are you meaning the data bytes ?

eitanz · ‎02-16-2023

Yes, the ip-sla protocol can include 2 phases: control (one packet send and reply to determine the measurement parameters) and measurement packets (see some reverse-engineered of the protocol here: https://wiki.wireshark.org/Cisco-IPSLA.md), Now I need to implement the responder side to work with a Cisco sender and for that, I must know ALL the details of the format of the packets (a program that knows how to read and how to build such packets)

MHM Cisco World · ‎02-16-2023

what you want is not easy
you want other vendor not support UDP-jitter to compatible with Cisco.
I dont think this work
instead why you not use the IP icmp ?? icmp not need responder config

ICMP Jitter
The ICMP jitter operation is very similar to ICMP echo but also provides latency, jitter, and packet
loss beside the round-trip measurement. Jitter, also known as IP Packet Delay Variation (IPDV), is
a measurement of delay variation. For example, if five packets are sent with an interval of 5 ms
each, they should be received 5 ms apart at the destination. If a certain packet arrives after 7 ms,
the jitter value is a positive number 2 (7 – 5); if it is received in 3 ms, the value is a negative jitter of
–2 (3 – 5). For applications like VoIP and video, a jitter value of 0 is the most ideal.
ICMP Path Jitter
The path discovered ICMP jitter operation is very similar to ICMP path echo but also provides jitter
operation statistics like latency, jitter, and packet loss on a per hop basis. The operation first
discovers the path using traceroute, then it sends an ICMP echo message to determine the
response time, jitter, and packet loss for each of the hops.

eitanz · ‎02-16-2023

I know it is not easy (otherwise I wouldn’t need to ask you guys.. ), but I do know for sure other vendors have implemented it (I know of Aethra)
The icmp-echo is another protocol I need to implement and indeed no problem with this one (but unfortunately it is not come as a replacement for the udp-echo).

MHM Cisco World · ‎02-16-2023

you are looking for jitter
the UDP-jitter is same as icmp-jitter
except in one point UDP-jitter is the prefect for test QoS in path.

eitanz · ‎02-16-2023

udp-jitter may be similar to icmp-jitter but still, I need the exact packet format for implementation (something like in the Wireshark wiki, but with full info).

MHM Cisco World · ‎02-16-2023

friend the wiresharke by default convert the bytes tom readable data as you can see in my above capture
but still the data bytes
the data bytes as I know is randomly data.
you see same in icmp.

eitanz · ‎02-16-2023

No, the data bytes (32 bytes after the udp header) are not random, the last part of it may be random ("abcdabcd...") but before that there are very meaningful fields, most important is a timestamp used for the measurements (check the Wireshark link I added above)