Your SlideShare is downloading. ×
0
leerzame sessie over VoIP
leerzame sessie over VoIP
leerzame sessie over VoIP
leerzame sessie over VoIP
leerzame sessie over VoIP
leerzame sessie over VoIP
leerzame sessie over VoIP
leerzame sessie over VoIP
leerzame sessie over VoIP
leerzame sessie over VoIP
leerzame sessie over VoIP
leerzame sessie over VoIP
leerzame sessie over VoIP
leerzame sessie over VoIP
leerzame sessie over VoIP
leerzame sessie over VoIP
leerzame sessie over VoIP
leerzame sessie over VoIP
leerzame sessie over VoIP
leerzame sessie over VoIP
leerzame sessie over VoIP
leerzame sessie over VoIP
leerzame sessie over VoIP
leerzame sessie over VoIP
leerzame sessie over VoIP
leerzame sessie over VoIP
leerzame sessie over VoIP
leerzame sessie over VoIP
leerzame sessie over VoIP
leerzame sessie over VoIP
leerzame sessie over VoIP
leerzame sessie over VoIP
leerzame sessie over VoIP
leerzame sessie over VoIP
leerzame sessie over VoIP
leerzame sessie over VoIP
leerzame sessie over VoIP
leerzame sessie over VoIP
leerzame sessie over VoIP
leerzame sessie over VoIP
leerzame sessie over VoIP
leerzame sessie over VoIP
leerzame sessie over VoIP
leerzame sessie over VoIP
leerzame sessie over VoIP
leerzame sessie over VoIP
leerzame sessie over VoIP
leerzame sessie over VoIP
leerzame sessie over VoIP
leerzame sessie over VoIP
leerzame sessie over VoIP
leerzame sessie over VoIP
leerzame sessie over VoIP
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

leerzame sessie over VoIP

286

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
286
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
5
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide
  • Tcpdump/tethereal from another host and importing From the different perspective on jitter/latency, a binary search to find the culprit
  • To further complicate the issue, you might have NAT involved. NAT changes the source or the destination address of the packet in order to alter routing, or to hide devices behind a gateway. NAT often causes problems with VoIP network because of this change in address, especially when transiting the Internet. You must understand how the addresses are being changed, and adjust your capture filters accordingly depending on which side of the NAT gateway you’re on.
  • Filters for H.323 Or maybe by host? Sip/mgcp/etc ports?
  • Wireshark gave some information about the RTP traffic in the packet list pane, much like it did for the signaling traffic earlier. However, Wireshark knew the signaling traffic was SIP because it was using UDP port 5060. RTP does not have a defined port, so Wireshark uses the signaling details to figure out which port is being used for RTP, and then decodes the packets accordingly. What if you have a proprietary phone system that uses RTP, but has its own signaling? You can tell Wireshark to look more closely at UDP packets to determine if they are RTP by checking the “Try to decode RTP outside of conversations” box.
  • Fax/modem calls can’t have any loss… consider relaying
  • Transcript

    • 1. <ul><li>Expose VoIP Problems With Wireshark </li></ul><ul><li>June 18, 2009 </li></ul><ul><li>Sean Walberg </li></ul><ul><li>Network Guy | Canwest </li></ul><ul><li>SHARK FEST '09 </li></ul><ul><li>Stanford University </li></ul><ul><li>June 15-18, 2009 </li></ul>
    • 2. Without tools, VoIP is a black box
    • 3. Wireshark lets you peek inside
    • 4. VoIP is just another application
    • 5. (but it has special requirements)
    • 6. About Me
    • 7. About You
    • 8. The Agenda <ul><li>About VoIP </li></ul><ul><li>Capturing VoIP </li></ul><ul><li>Analyzing Signaling </li></ul><ul><li>Analyzing RTP </li></ul>
    • 9. About VoIP Capturing VoIP Signaling RTP
    • 10. The old way Local Loop
    • 11. The old way Off Hook Dialtone
    • 12. The old way Dialing Digits
    • 13. The old way RING – 90v@20Hz
    • 14. The old way
    • 15. The VoIP way I’m calling x1234
    • 16. The VoIP way Hey, 1234, you’re being called
    • 17. The VoIP way Use x.x.x.x:xxxx Use y.y.y.y:yyyy
    • 18. The VoIP way ZZZZZZ
    • 19. So there are two parts to VoIP <ul><li>Signaling </li></ul><ul><ul><li>SIP </li></ul></ul><ul><ul><li>H.323 </li></ul></ul><ul><ul><li>MGCP </li></ul></ul><ul><ul><li>SCCP </li></ul></ul><ul><ul><li>Proprietary </li></ul></ul><ul><li>Voice (Bearer) </li></ul><ul><ul><li>RTP (G.711, G.722, G.729a,…) </li></ul></ul>
    • 20. Jitter, Delay, and Loss, oh my!
    • 21. Loss
    • 22. Delay Never underestimate the bandwidth of a station wagon loaded with backup tapes. (the delay is a different matter)
    • 23. Jitter
    • 24. Jitter != Delay Jitter Delay
    • 25. About VoIP Capturing VoIP Signaling RTP
    • 26. Location, Location, Location
    • 27. Just a simple network
    • 28. The signaling traffic takes a different path from the RTP traffic
    • 29. Or, it might do this
    • 30. Same conversation, different perspectives Here you see inbound latency and jitter, but nothing on the outbound Here you see inbound latency and jitter, but nothing on the outbound
    • 31. NAT changes the address Src=A Dst=B Src=C Dst=D The address changes within the cloud!
    • 32. Set your capture filters
    • 33. The Packet List window
    • 34. Summaries are displayed here
    • 35. By the way… If the signaling or the voice is encrypted, you won’t be able to decode it. Sorry.
    • 36. Quality of Service for VoIP networks
    • 37. Use color to show QoS problems View -> Coloring Rules
    • 38. Add a column for DSCP Edit -> Preferences User Interface->Columns Signaling Tagged RTP Untagged RTP
    • 39. Are you running a proprietary PBX? Edit -> Properties, Protocols -> RTP
    • 40. Use the Packet Details pane to see what’s inside the packet
    • 41. About VoIP Capturing VoIP Signaling RTP
    • 42. The Role of Signaling <ul><li>Indicate to the remote end that a call is coming </li></ul><ul><li>Establish the codec to be used for voice </li></ul><ul><li>Establish the addresses of the endpoints </li></ul><ul><li>Get out of the way </li></ul><ul><li>Tear down the connection once it’s done </li></ul>
    • 43. Back to Loss, Delay, and Jitter <ul><li>Jitter is usually a non-issue </li></ul><ul><li>Delay, within reason, is OK </li></ul><ul><ul><li>Clustering/Specific applications notwithstanding </li></ul></ul><ul><li>Loss isn’t great </li></ul><ul><ul><li>TCP retransmits at layer 4 </li></ul></ul><ul><ul><li>UDP retries at layer 7 </li></ul></ul>
    • 44. Demos
    • 45. About VoIP Capturing VoIP Signaling RTP
    • 46. The properties of RTP <ul><li>RTP simulates the real time voice normally carried over a wire </li></ul><ul><li>4KHz voice bandwidth = 8KHz sampling rate (Nyquist) </li></ul><ul><li>8 bits/sample * 8KHz = 64,000bps (DS0) </li></ul><ul><li>A Codec (G.711u/A law, G.729, G.726, etc) </li></ul><ul><li>Most codecs use 20ms voice samples = 50pps </li></ul><ul><li>Even with compression, you have a fairly consistent packet rate, only the size changes </li></ul>
    • 47. DTMF <ul><li>Compressing DTMF is bad </li></ul><ul><li>So many different ways to carry the digits out of band, look for them in traces </li></ul>
    • 48. Three factors that affect voice quality Latency <= 150ms (one way) Jitter <= 20ms Packet loss <= 0.1%
    • 49. Latency <= 150ms (one way) Hi, how are you? Hello? Oops, sorry, go ahead Fine, I oh hello, go ahead Path delay Serialization delay Jitter buffer, Transcoding delay
    • 50. Packet Loss <= 0.1% Hi Bo *POP* How *POP*e you? Hi Bo How you?
    • 51. Jitter <= 20ms Better late than never? No. May as well be lost.
    • 52. Demos
    • 53. Thanks! <ul><li>[email_address] </li></ul><ul><li>@seanwalberg </li></ul><ul><li>This presentation will be downloadable from </li></ul><ul><li>http://lovemytool.com and http://cacetech.com </li></ul>

    ×