Great comments on ‘Sniffin’ the VOIP Traffic’

Posted on by

My last post has generated some great comments (as I hoped it would) from those who have a lot more experience using Wireshark to view the network traffic from a SIP call. We’re going over these in more detail on the * forums, but one smart commenter brought a paper to my attention that will be great research material.
Using Ethereal to Debug SIP and RTP on Voice over IP (VoIP) Products from Intel:

http://www.intel.com/network/csp/applnots/9008an.htm

Another commenter (Sean) noted that we can get Wireshark iteself to understand the SIP packet and can provide more advanced diagnosis than I thought possible.

If Wireshark catches the SIP transaction, it will identify the stream as RTP and can dig into the details. You can also force Wireshark to crack into the udp packets to see if they’re RTP from the protocol options.

Once the packet is identified as RTP, you can run analysis on it to find out of order packets, jitter, and latency. You can also display the SIP call setup in graph form.

Sean

Thanks! We’ll be looking this in our next installment.

One thought on “Great comments on ‘Sniffin’ the VOIP Traffic’

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>