One of the effective methods for troubleshooting network is to capture packets flowing through a network and to analyze them.
Wireshark (previously called Ethereal) is widely used as a packet capturing tool.
Here we will introduce an application example of Unified Communication (UC) related troubleshooting of Wireshark. (We omit the description of basic operation of Wireshark as many websites out there explain it)
A Voice Playback Method from RTP Packets
A problem related to the voice quality may occur in the UC network.Various cases of voice quality problem include dead air, one-way audio, sound interruption, large (small) volume, noise occurrence, and distortion of sound. The forensics method and the troubleshooting differ depending on the case.
When an inquiry regarding the voice quality is received, first of all, conduct a detailed interview with the users to grasp what kind of problem is occurring. But the information collected from the interview can be ambiguous as it relies on user's subjective viewpoint and memory. There is a method to analyze RTP packets that is more accurate and objective forensics method.
Now an analysis method of RTP packets using Wireshark will be explained. Note that we assume that the packet capture, which monitored a switch port connected to IP Phone and Voice GW as object of forensics, is already obtained.
1. Open the collected packet capture data in Wireshark.
2. Apply a filter with the terminal information (such as IP Address) of the forensics object to narrow the data to be analyzed.
If a signaling packet (for example, H.323 or SIP) is included in the captured data, Wireshark automatically recognizes and handles UDP packets as RTP packets. In the above example, UDP is not decoded as RTP since the signaling packet is not included.
3. Decode UDP packets as RTP packets
Select a UDP packet of the stream to analyze, and select "Decode As..." by right click.
Select RTP from the "Decode As" window.
This operation changes the display of Protocol from UDP to RTP.
Select "RTP > Show All Streams" from the Telephony menu.
Select the RTP stream of forensics object. Pressing the "Find Reverse" button selects the RTP stream of reverse direction that corresponds.
Press the Analyze button to investigate the statistical information (such as Max delta, Max jitter and Lost RTP Packets) of the RTP packets of the Forward and Reverse direction.
Press the "Save payload..." button to save the voice (payload) of each of the Forward Direction and Reverse Direction individually.
In the above example, the payload is saved in the .au format.
Open the saved voice file in the WAV file editor (such as Audacity) to analyze the voice data.
The WAV file editor function enables the analysis of volume and frequency characteristics.
Hi all. I'm trying to implement a network topology based on the next schema: INTERNET ----> NAT DOMESTICAL Broadband router ---> LAN1 ---> NAT Cisco SA520W ---> LAN2 Problems become when I try to reach LAN2 from LAN1. LAN2 have ...
Hi,We currently have a mix of Cisco switches from 2960s, 2960X and now the 9200L. However we are having issues with our Paxton POE door controllers. The 2960s work with all of our Paxton ControllersThe 2960X up to hardware version 4 work with t...
What command can I run to identify what the error message I was receiving when plugging in my stack cable that does not work? This happened last Friday, so it might not be fresh in the system still. Thanks
Hi Everyone, We have just purchased 4 Devices with DNA Advantage 3 yr License and I have been told to activate its license to each device. But upon looking with instructions on the internet I always end up wondering how it is really setup. Could you ...
Hello everyone, I have a very strange behavior on a router with NAT from a VRF process in the global process. I have the structure and configuration of the router which is in the appendix. Part:There is a network A with the subnet 192.168.1...