Back to Blog
Tech

PCAP made it

Published on:

July 21, 2015

Once we have the PCAP, finding a problem is becoming almost a pleasure. Because the files are small, and everything is in the same place. It becomes easy to find jitter problems, missing RTP packets and so on. Last week I saw how another external tool took the PCAP idea to the next level. Using an Ethernet switch with port mirroring, all the traffic that hits the PBX also hits the monitoring server, which also sorts the traffic by calls and then puts them into different files. There were nice logs of SIP packets, RTP analysis and other things you want to know about a call.

Hamlet Collado

A few years ago, we have added PCAP recording to the list of features supported by the Vodia PBX. At that time we were just so sick of going through Gigabytes of Wireshark traces that we just added something in the code that does this job based on the associated call. It would save us a lot of time sipping through endless lists of calls that have been recorded over hours of conversations, literally trying to find the needle in the haystack.

Once we have the PCAP, finding a problem is becoming almost a pleasure. Because the files are small, and everything is in the same place. It becomes easy to find jitter problems, missing RTP packets and so on. Last week I saw how another external tool took the PCAP idea to the next level. Using an Ethernet switch with port mirroring, all the traffic that hits the PBX also hits the monitoring server, which also sorts the traffic by calls and then puts them into different files. There were nice logs of SIP packets, RTP analysis and other things you want to know about a call.

There is only one problem when using the port mirror method: Encrypted calls will be invisible there. Because the TLS traffic cannot be intercepted by the monitoring device, it will not be able to figure out which RTP packets belong to which call, and thus not be able to put the whole call together. The PBX can do that, because it has the cryptographic context.

The disadvantage of the PBX recording all the PCAP is performance. It simply takes additional CPU horse power to write the files. The decoding is not so much a problem as it has to be done anyway. But the writing to the file system causes the system some extra work. Compared to the call recording this causes less work, because the PBX does not actually have to look into the media packets.

I can think about two things that the PBX could have in the next version. The first thing is to automatically delete the PCAP files after so-and-so many days, simply to make sure that the system is not eventually running out of disk space. The other thing is to make the PCAP files accessible from the web interface, possibly linked to the CDR records.

Latest Articles

View All
Tech

Fortify Your Communications with Vodia PBX's Uncompromising Security: A Proactive Defense Against Modern Threats

Vodia PBX is built with security at its core, featuring a codebase that eliminates third-party vulnerabilities. Passkey authentication, IP address locking, and multi-factor authentication (2FA & SSO) protect against unauthorized access and credential theft. Advanced rate limiting defends against SIP attacks, while SIP TLS and WebRTC encryption secure VoIP traffic. Automatic SSL certificates and secure MAC-based phone provisioning enhance data protection. With a distributed architecture for scalability and comprehensive toll fraud prevention, Vodia PBX ensures reliable, secure, and seamless communications.

March 17, 2025
Announcement

Vodia Announces Version 69.5.6 of Its Industry-Leading Phone PBX

Vodia PBX version 69.5.6 brings several important updates, including real-time AI integration with OpenAI, enabling enhanced workflows, and call transcriptions through the Whisper API, with the option for self-hosting to ensure better data privacy. The release also introduces cloud storage for call recordings via the S3 protocol, offering flexibility and easier compliance. The user interface has been refined for a smoother experience, and queue management features have been improved with added CSV export options. Security is boosted with TLS 1.3, and the release expands VoIP hardware support. Additionally, new Azure cloud hosting and licensing models provide greater flexibility and performance for users.

March 12, 2025
Announcement

Vodia Will Attend Enterprise Connect 2025

Vodia is attending Enterprise Connect 2025, where Sales Engineer Eric Altman will be available on March 18-19 to meet with partners and industry professionals. The event is a key opportunity to discuss Vodia’s latest innovations, including its Microsoft Teams-certified phone system, integration with Cliniko for healthcare providers, and its beta PBX featuring OpenAI API integration. Vodia has also launched a series of articles highlighting its PBX capabilities, with topics like its REST API, web user portal, and call recording. Additionally, the company is introducing a new podcast, “Vodia - Giving Voice to Our Partners,” featuring conversations with MSPs and SIP providers.

March 11, 2025