Tech

PCAP made it

Published on:

July 21, 2015

Once we have the PCAP, finding a problem is becoming almost a pleasure. Because the files are small, and everything is in the same place. It becomes easy to find jitter problems, missing RTP packets and so on. Last week I saw how another external tool took the PCAP idea to the next level. Using an Ethernet switch with port mirroring, all the traffic that hits the PBX also hits the monitoring server, which also sorts the traffic by calls and then puts them into different files. There were nice logs of SIP packets, RTP analysis and other things you want to know about a call.

A few years ago, we have added PCAP recording to the list of features supported by the Vodia PBX. At that time we were just so sick of going through Gigabytes of Wireshark traces that we just added something in the code that does this job based on the associated call. It would save us a lot of time sipping through endless lists of calls that have been recorded over hours of conversations, literally trying to find the needle in the haystack.

Once we have the PCAP, finding a problem is becoming almost a pleasure. Because the files are small, and everything is in the same place. It becomes easy to find jitter problems, missing RTP packets and so on. Last week I saw how another external tool took the PCAP idea to the next level. Using an Ethernet switch with port mirroring, all the traffic that hits the PBX also hits the monitoring server, which also sorts the traffic by calls and then puts them into different files. There were nice logs of SIP packets, RTP analysis and other things you want to know about a call.

There is only one problem when using the port mirror method: Encrypted calls will be invisible there. Because the TLS traffic cannot be intercepted by the monitoring device, it will not be able to figure out which RTP packets belong to which call, and thus not be able to put the whole call together. The PBX can do that, because it has the cryptographic context.

The disadvantage of the PBX recording all the PCAP is performance. It simply takes additional CPU horse power to write the files. The decoding is not so much a problem as it has to be done anyway. But the writing to the file system causes the system some extra work. Compared to the call recording this causes less work, because the PBX does not actually have to look into the media packets.

I can think about two things that the PBX could have in the next version. The first thing is to automatically delete the PCAP files after so-and-so many days, simply to make sure that the system is not eventually running out of disk space. The other thing is to make the PCAP files accessible from the web interface, possibly linked to the CDR records.

Latest Articles

View All

On-Premise Persists: Why It Still Matters, and How NEC's Decision to Exit the Market Creates Opportunity

On-premise solutions continue to be vital for many enterprises due to their superior data security and control, essential for industries like finance and healthcare. They offer deep customization, fitting specific needs and legacy systems, and provide reliable performance, especially for latency-sensitive applications. Additionally, while cloud solutions have a pay-as-you-go model, on-premise can be more cost-effective in the long run for predictable workloads. This balance of security, customization, and cost-efficiency ensures on-premise remains a strong option amidst the growing shift to cloud services.

July 19, 2024

Locality networks Case Study: Providing an Industry-Leading Multi-Tenant UC PBX with Advanced Features to Its Customers

Locality Networks, delivers high-speed fiber optic internet and advanced tech solutions to homes and businesses. Seeking to enhance their offerings, they implemented Vodia’s multi-tenant UC PBX, which provides top-tier features like mobile extensions, web clients, texting and CRM integrations. This has enabled them to offer cutting-edge communication tools, enhancing customer productivity and satisfaction. The seamless deployment, robust call center features and excellent support from Vodia and partners have made this transition successful for their diverse clientele.

July 12, 2024

Cove Central TAPP Expands Nationwide

Cove Central Communications announced its nationwide Technology Alliance Partner Program (TAPP) with Vodia in November 2023, aimed at supporting Managed Service Providers (MSPs) in delivering VoIP solutions. Since its launch, TAPP has seen significant interest, with Cove Central now providing VoIP solutions to over 30,000 users through regional MSP partners. The program addresses challenges such as FCC fees, compliance, and E911 configuration, simplifying VoIP deployment for MSPs. Jim Whittaker, Head of Technology, noted a projected revenue increase of 60% or more in 2024 due to TAPP.

July 3, 2024