Ask Your Question
0

RTP Packet in VoIP Call

asked 2020-04-17 09:22:59 +0000

Hilman gravatar image

updated 2020-04-17 09:55:21 +0000

grahamb gravatar image

Hello, I am trying to test the encryption process in VoIP communication. Before, I try capture "audio in VoIP" communication "without encryption".

When I try to capture VoIP audio between "two clients in one bridge", the RTP packet only appears as many as "4 pieces" in the main display of Wireshark. When "one client stops communication" and the other client is still on the bridge, the RTP packet then appears until the client stops communication.

Are there certain settings that must be met so that Wireshark can capture VoIP audio between two clients who are communicating? Anybody can help ?

Note, Wireshark is run on the same computer as the communication server. Thanks

edit retag flag offensive close merge delete

Comments

Have you looked at the signaling too? It could be that after the first few RTP packets, the audio between the two VoIP endpoints is sent directly (which means your capture point is not in the path of the RTP packets)

SYN-bit gravatar imageSYN-bit ( 2020-04-17 09:53:34 +0000 )edit

I think signaling is appropriate. I also tried to filter packets that were captured based on the ip device used in communication, but still did not display data with the RTP packet while communicating (2 channel in 1 bridge). When one channel remains in the bridge, the RTP packet then appears until the channel is hanged.

Hilman gravatar imageHilman ( 2020-04-17 10:36:57 +0000 )edit
add a comment

1 Answer

Sort by ยป oldest newest most voted
0

answered 2025-11-20 12:23:30 +0000

gielo gravatar image

updated 2025-11-20 12:25:25 +0000

I assume you are using SIP.

The communication server on which you are running Wireshark will only be aware of the signalling (SIP/SDP). When phone A contacts phone B, the signalling (SIP/SDP) would go through your communication server, however when the two phones "know" each other the RTP stream will flow directly between the two phones (not though the Communication server), which I think is where your problem is. You are sitting in the signalling path and to get the RTP packets you should tap into the path between the two phones using a port span/port mirror,

There is however settings on most of the communication servers to keep the connection between the two phones pinned up through the server ( called hair pinning). This however put a lot of strain on your communication server. Then only, the RTP packet would traverse the communication server

I hope this helps

edit flag offensive delete link more
add a comment

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

subscribe to rss feed

Stats

Asked: 2020-04-17 09:22:59 +0000

Seen: 692 times

Last updated: Nov 20

Related questions

Voip Calls -> Player rewind

How to connect rtp streams with corresponding voip calls?

Now that the g.729 codec patent has expired, will Wireshark include a decoder for it?

Having issues with RTP not showing up in Voip Calls flow sequence in version 2.4.2.

RTP player playback issue

Decode TURN Traffic as RTP

Why is wireshark interpreting RTP and RTCP as Skype traffic?

How to capture SIP and RTP traffic

Telephony > VoIP Calls > Select All > Play Streams > Play [Hard Crash] [closed]

Wireshark 2.6 does not show RTP in certain conditions