Download presentation
Presentation is loading. Please wait.
Published byDeshaun Waddell Modified over 9 years ago
1
SHARKFEST '08 | Foothill College | March 31 - April 2, 2008 Exposing VoIP problems with Wireshark April 2, 2008 Sean Walberg Network Guy | Canwest SHARKFEST '08 Foothill College March 31 - April 2, 2008
2
Voice is just another application
3
SHARKFEST '08 | Foothill College | March 31 - April 2, 2008 Without tools, VoIP is a black box
4
Wireshark has tools to analyze VoIP
5
The Agenda 1. Capturing VoIP traffic 2. Using the basic Wireshark tools 3. Digging into the signaling traffic 4. Analyzing the RTP traffic
6
About you
7
About me
8
1. Capture the VoIP traffic
9
Location, Location, Location
10
Just a simple network
11
The signaling traffic takes a different path from the RTP traffic Voice Signaling
12
Or, it might do this Voice Signaling
13
Same conversation, different perspectives Here you see B – A jitter, but not A - B Here you see A – B jitter, but not B - A
14
NAT changes the address Src=A Dst=B Src=C Dst=D The address changes within the cloud!
15
Set your capture filters
16
By the way… If the signaling or the voice is encrypted, you won’t be able to decode it. Sorry.
17
2. Use the basic tools
18
The Packet List window
19
Summaries are displayed here
20
Quality of Service for VoIP networks
21
Add a column for DSCP Insert -> Preferences User Interface->Columns Signaling Tagged RTP Untagged RTP
22
Use color to show QoS problems View -> Coloring Rules
23
Are you running a proprietary PBX? Edit -> Properties, Protocols -> RTP
24
Use the Packet Details pane to see what’s inside the packet
25
3. Dig into the signaling traffic
26
Signaling protocols SIP (from the IETF) H.323 (from the ITU) MGCP IAX SS7 (Telco) GSM (Telco/Cell) SCCP (Cisco Skinny) Vendor specific
27
The role of signaling Indicate to the remote end that a call is coming Establish the codec to be used for voice Establish the addresses of the endpoints Get out of the way Tear down the connection once it’s done
28
The 10,000 foot view of SIP Statistics -> SIP
29
Demo – VoIP Call Statistics
30
4. Analyze the RTP traffic
31
The properties of RTP RTP simulates the real time voice normally carried over a wire 4KHz voice bandwidth = 8KHz sampling rate (Nyquist) 8 bits/sample * 8KHz = 64,000bps (DS0) A Codec (G.711u/A law, G.729, G.726, etc) Most codecs use 20ms voice samples = 50pps Even with compression, you have a fairly consistent packet rate, only the size changes
32
Three factors that affect voice quality Latency <= 150ms (one way) Jitter <= 20ms Packet loss <= 0.1%
33
Latency <= 150ms (one way) Hi, how are you? Hello? Oops, sorry, go ahead Fine, I oh hello, go ahead Path delay Serialization delay Jitter buffer, Transcoding delay
34
Packet Loss <= 0.1% Hi Bo *POP* How *POP*e you? Hi Bo How you?
35
Jitter <= 20ms Better late than never? No.
36
Demo – RTP Statistics
37
Optional – IO Statistics
38
Optional – Other things you can do to monitor VoIP
39
That’s it! I’m sean@ertw.com Links related to this talk: http://del.icio.us/seanw/sharkfest08 I’m sean@ertw.com Links related to this talk: http://del.icio.us/seanw/sharkfest08
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.