Retour au blog
Tech

Enhancing Call Troubleshooting and Quality Monitoring with PCAP Recording

Published on:

September 5, 2014

In version 5.2.3, we improved the email client to better handle multi-tenant environments. Previously, email problems could affect all domains if one email server went down, causing delays in outgoing messages. We redesigned the client to be multi-tenant while preserving the reliability of the previous setup. However, issues arose with the TLS context when multiple emails were sent in quick succession. This required a patch to resolve the problem. If you upgraded to 5.2.3 before June 28, we recommend repeating the upgrade to ensure the latest email fixes are applied for faster, more reliable email performance.

Christian Stredicke

Almost a year ago we introduced a new feature: Call recording using PCAP.For those who are not familiar with the term PCAP, here is a short explanation (more to be found on http://en.wikipedia.org/wiki/Pcap).

For us the PBX guys, this is a file format that we can generate that contains the packets that are processed on the PBX. There are several tools available out there that can read PCAP and display it in various formats, including Wireshark. The great things about using such tools is that they have special functions specifically for SIP and RTP. This way, whoever needs to look at problematic calls, can drill down to each bit of the call. Together with the timestamps, this provides an incredible level of detail that can still be managed easily.

There were two milestone achievement that we did with the PCAP introduction. The first one is that each call gets its own PCAP file. That is usually not possible when using external tools. They usually record everything on a network interface. When doing this, you get a lot of by-catch that is irrelevant for the analysis of the call. And you have to sort out which packet belongs to which call. Whoever has done this on a busy server knows what I am talking about. File sizes can easily get to a gigabyte or more, and then every time filtering for a call stalls the PC for a minute or two.

The other huge achievement that is that the PBX has the security context for generating decrypted PCAP files, even if the call was encrypted. This makes it possible to use the PCAP recording in live environments where TLS and SRTP are essentially and cannot be turned off for the sake of troubleshooting.

Because of the decrypting of the SIP packets, TLS traffic is stored as UDP packets. It looks kind of weird at first glance when you see a UDP packet that has the SIP/2.0/TLS in it. It was the easiest way to get the packet into the PCAP. The problem is that TLS packets can get big, like TCP packets. Unfortunately, it crashes Wireshark if the UDP packets exceed a certain size. We had cases where we had to first edit the PCAP in a raw text editor, seek to the problematic packet and then cut the rest of the trace off. Maybe someone can open a ticket with the Wireshark guys and let them know they should make the buffer bigger.

The PCAP recording goes beyond pure troubleshooting. Memory has become so cheap, that some clients record every call, regardless if they have trouble or not (sometimes you need to look up older calls). It can even be used to proof service level agreements. What is better than having the raw data for the call to prove that its quality was okay! I am not sure if there are tools available that can scan through the PCAP folders and automatically generate reports. Generating those reports can be done easily with a little delay. This would be a perfect job for a low-priority process on the system.

We are thinking about extending it even further. The first obvious move would be to have the PCAP accessible from the web interface, along with the call history; similar to the call recording. But we could also extend it further, so that the content of the call is not being recorded any more. In cases when only the call quality should be monitored, it can be an advantage not to record the voice itself. We could replace the voice parts in the RTP packets with zeros, so that there would be no problem having those packets archived. Of course, that would be a true waste of hard disk capacity. Originally I thought that RTCP-XR would do that job, but at least in our world we did not see that happen yet.

Derniers articles

Voir tous
Tech

Keycloak OpenID Connect Integration for the Vodia PBX

Vodia’s PBX now integrates with Keycloak OpenID Connect, providing secure single sign-on for users so they can access all connected applications without repeated authentication. Logging out from one application automatically logs the user out of all connected systems, simplifying user management and improving security. Keycloak, a Cloud Native Computing Foundation project, supports standard protocols including OpenID Connect, OAuth 2.0, and SAML, offering enterprise-grade identity and access management. To ensure proper integration, Keycloak user emails must match the corresponding PBX extension emails. Complete guidance is available in the Vodia Keycloak integration guide, with additional details in the Keycloak official documentation.

September 12, 2025
Announcement

Vodia Announces Partnership with Comms Group Global

Vodia Networks has announced a strategic distribution partnership with Comms Group Global (ASX: CCG), aiming to expand the reach of its feature-rich cloud PBX solutions across APAC and EMEA. Through this collaboration, Comms Group Global will serve as an official reseller, providing businesses of all sizes with scalable, secure, and integrated telephony solutions. Customers will benefit from advanced call management features, Microsoft Teams integration, and robust security standards, while also gaining access to Comms Group’s SIP coverage in over 65 countries. The partnership enables a streamlined “one-touch” provisioning process, ensuring fast and seamless deployment for enterprises and SMEs seeking to improve efficiency and reduce operational costs.

September 8, 2025
Editorial

Why Fax Still Matters in 2025 and How Vodia Makes It Easy

Although many consider fax outdated, it continues to play a crucial role in sectors where compliance, confidentiality, and legal proof of delivery are non-negotiable. Healthcare providers rely on fax to meet HIPAA requirements, while industries such as finance, law, and real estate depend on it for contracts and documents that require signatures or legally verifiable transmission. Unlike email, fax offers confirmation reports that serve as proof of receipt, along with time-stamped records that hold up in legal proceedings. With Vodia’s PBX, digital fax becomes faster, easier, and more accessible than ever before, enabling users to drag and drop documents, monitor transmission progress, and receive immediate confirmations.

September 5, 2025