Communications options are more robust than ever before. Voice-over-IP (VoIP) systems have revolutionized the way large enterprises and smaller businesses communicate by enabling the integration of more communication options than previously available on traditional telephone systems.
Despite the myriad of advantages, VoIP calling can still require troubleshooting from time to time to ensure the best call quality. Familiarizing oneself with common troubleshooting steps, as well as some common causes of interruptions and total outages can help resolve some of the connection issues a business might experience. Outlined below is an explanation of how to best troubleshoot VoIP calls via SIP packet captures.
The Session Initiation Protocol (SIP) is the dominant signaling protocol used in VoIP. Though it’s a common and robust protocol, things can sometimes go awry. Calls might drop or you might experience one-way audio when calling certain numbers. Troubleshooting these issues can be challenging because it’s difficult to get to the root of the problem.
One way to get to the cause of the issue is by capturing and analyzing packets. Everything sent over the internet is considered a packet, which are bite-sized chunks of data sent to be processed and stitched back together once arriving at their ultimate destination. VoIP calls are controlled by tiny SIP packets that communicate between end points. The packets set up the parameters of the call and define the media stream, which will eventually contain the audio of the phone conversation. “Packet capturing” is the process of intercepting and logging traffic sent to and from systems. By capturing these packets, the caller can look behind the scenes and gain a greater level of insight on how the VoIP calls are provisioned.
Some of the most common issues a packet capture and analysis tool can easily resolve include: voice quality issues, False Answer Supervision (FAS) or early media related issues, intermittent call failures, VoIP interconnection issues, protocol or codec mismatch issues, identification of malicious network activity and identification of bandwidth utilization. Packet captures are helpful because they are made up of the actual SIP packets, which is the universal language of SIP. And while individual systems will have their own log output, the SIP always holds the truest information.
How do I capture a SIP packet?
SIP packet capturing can vary between system types. On systems running on Linux (FreePBX, Asterisk, FreeSWITCH, etc.), the simplest method is using the “tcpdump” command line utility. To use this, you will first need direct command line access to your phone system, either via SSH or a keyboard and monitor plugged in. Once in, you can run the following command to start the capture running: tcpdump -s 3000 -w ~/capture-file.pcap port 5060 or portrange 10000-35000. For a screenshot of what this code looks like, check out this blog post.
If your system asks for permissions, add “sudo” on the front to run the command with root permissions. Running this command will grab packets on the default SIP signaling port 5060 and from the common media ports in the specified port range; it will then write the resulting file to the current user’s home directory (~/).
After starting this capture, place a call. At this point, you will not see anything, but “tcpdump” is quietly listening to the packets and writing them to the specified file. After your call is complete, you can close the capture with Control-C.
How do I read a packet capture?
Now equipped with the capture, you can review the raw SIP signaling and RTP data for your call. There are a few different options available for reading packet capture files, but the most common and well-known option is Wireshark. To see a Wireshark screenshot, check out this blog post.
Knowing how to troubleshoot problems when they occur can help businesses ensure their communications run smoothly. Common VoIP issues like one-way audio, bandwidth problems, or dropped calls can be easily solved with a foundational understanding of how to find the root of the problem.
Learning how to capture and read SIP packets will provide an advantage when tackling new problems related to your VoIP. Sometimes phone issues can be hard to duplicate after you are off the call, so getting a capture of that occasional issue when it occurs can help get resolution on an issue and mitigate future risks.
