Hey Guys,

So, I have been trying to track down an intermittent jitter problem for a month, and finaly got it pinned down today. I learned a lot about tcpdump and wireshark, and wanted to share so that others might benefit.

We have used this method on a production TrixBox Pro, and I assume it will work on any other Asterisk based solution, include CE.

1) If trying to do this on a PBXtra, of TrixBox Pro then first set a root password on the box so that you can login over ssh and scp. (Search for Cent OS 4.4 Single User Mode for instructions on how to do this, WARNING, Fonality doesn't like it when you do this, they will say things like “Not Supported” etc… Proceed at your own (or your support dollars) risk)

2) If you have more then one interface, decide which interface you want to listen to calls on.

3) Run “tcpdump -i INTERFACE -s 1500 -w someFile.pcap

4) This starts the capture. This file can grow rapidly, so don't leave it running for hours at a time unless you are sure you have diskspace and the cpu resources.

5) Press ctrl + c to stop the dump.

6) Install WinSCP on your desktop, and use it to copy the someFile.pcap to your computer.

7) Install Wireshark

8) Double Click on the someFile.pcap, and it should automatically open and load into wireshark. Large files can take a long time, 50MB takes about a minute to load on a fast computer (2.8Ghz Core 2 Duo)

9) From the Wireshark Menu, click on “Statistics → VoIP Calls” This will take a little while to analyze all the packets as well.

10) Select a voip call from the list, this list is a multi select toggle list, so if it acts wierd, it is probably because you just de-selected the call you want to listen to, instead of selecting it.

11) Click on Player

12) Check the streams you want to listen to, and viola!!!

13) Also, you can check jitter stats, by clicking on a RTP packet in the Wireshark window, selecting “Analyze → Decode As” from the menu, and then selecting RTP, then, from the Statistics menu, select RTP → Stream Analysis, and this will show you packets that are out of sequence, or dropped packets, average delta time for the packet, etc… Very very useful.

wireshark_and_tcpdump.txt · Last modified: d/m/Y H:i by admin
Recent changes RSS feed Creative Commons License Donate Powered by PHP Valid XHTML 1.0 Valid CSS Driven by DokuWiki