First time here? Check out the FAQ!
THIS IS A TEST INSTANCE. Feel free to ask and answer questions, but take care to avoid triggering too many notifications.
Ask Your Question
0

How to correlate output of tshark rtp.heuristic_rtp:TRUE with dialed phone numbers

  • retag add tags

I'm running VoIP server and use tshark to monitor RTP streams quality

I use something like this command:

> tshark -q -f 'udp portrange 16384-32768' -o rtp.heuristic_rtp:TRUE -z rtp,streams

And get nice output with RTP stats per client IP address:

> ========================= RTP Streams ========================
>     Src IP addr  Port    Dest IP addr  Port       SSRC          Payload  Pkts 
> Lost   Max Delta(ms)  Max Jitter(ms)
> Mean Jitter(ms) Problems?
>     27.17.59.11  5291   274.159.19.28 20174 0x50C709D4 ITU-T G.711 PCMA  
> 998     0 (0.0%)           35.25      
> 4.37            2.54
> ==============================================================

That works very well unless I have multiple simultaneous calls from one IP. In such situation it will be good to check RTP stats per IP and dialed number (to distinct calls) and get results on per-call basis

Any thoughts how to correlate above stats with dialed numbers?

mat_wwa's avatar
1
mat_wwa
asked 2018-02-19 11:31:43 +0000, updated 2018-02-19 11:50:27 +0000
edit flag offensive 0 remove flag close merge delete

Comments

Can you show an example output of the "multiple simultaneous calls from one IP" situation?

Jaap's avatar Jaap (2018-02-19 12:45:26 +0000) edit
more
  • delete

Sourc/dest port are randomized each call, so basically you get multiple lines like above with same IP but different ports

mat_wwa's avatar mat_wwa (2018-02-19 12:48:54 +0000) edit
more
  • delete
add a comment see more comments

1 Answer

0

You need the control signaling SIP? to see which port are assigned in a particular call. In the case of SIP the SDP data.

Anders's avatar
5k
Anders
answered 2018-02-19 14:16:56 +0000
edit flag offensive 0 remove flag delete link
more

Comments

Sure, I can change filter to monitor also for port used by SIP session management. The question is how to easily combine tshark's "RTP Streams" output with TO URI extracted from the initial SIP INVITE messages. Basically I need to extend RTP Streams output with TO URI column

mat_wwa's avatar mat_wwa (2018-02-19 15:29:17 +0000) edit
more
  • delete
add a comment see more comments

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account. This space is reserved only for answers. If you would like to engage in a discussion, please instead post a comment under the question or an answer that you would like to discuss.

Add Answer