Ask Your Question

Revision history [back]

Why is wireshark interpreting RTP and RTCP as Skype traffic?

We have a customer that is experiencing jitter on their call center agents softphone clients’ PCs to a cloud-based Voip solution provider. I am getting RTP packets and Skype packets in both a good call and a bad call. However, in the bad call, we noticed many of the Skype packets are going to the Cloud Voip providers’ ip address. Also, in the RTP stream statistics it shows the jitter plus a large percentage of dropped packets. I did a “decode as” on the SKYPE packets destined to that IP as RTP and now the dropped packets are gone. (Wireshark automatically also assigned the RTCP packets to the correct port after I also Decoded them as RTP, which was nice.) We observed normal Skype traffic is still there as well. Now I can listen to the call and hear the jitter there just as the end user did. What puzzles me is why does this not happen on a call with very low jitter? Is there some correlation? These captures are from the same user on the same day, with no PC changes in between. The good call has normal skype traffic and a full RTP stream, no decoding necessary. Has anyone else seen this behavior?

Why is wireshark interpreting RTP and RTCP as Skype traffic?

We have a customer that is experiencing jitter on their call center agents softphone clients’ PCs to a cloud-based Voip solution provider. I am getting RTP packets and Skype packets in both a good call and a bad call. However, in the bad call, we noticed many of the Skype packets are going to the Cloud Voip providers’ ip address. Also, in the RTP stream statistics it shows the jitter plus a large percentage of dropped packets. I did a “decode as” on the SKYPE packets destined to that IP as RTP and now the dropped packets are gone. (Wireshark automatically also assigned the RTCP packets to the correct port after I also Decoded them as RTP, which was nice.) We observed normal non-voice Skype traffic is still there as well. Now I can listen to the call and hear the jitter there just as the end user did. What puzzles me is why does this not happen on a call with very low jitter? Is there some correlation? These captures are from the same user on the same day, with no PC changes in between. The good call has normal skype non-voice Skype traffic and a full RTP stream, no decoding necessary. Has anyone else seen this behavior?