Hey guys. I have noticed something very odd. When I do a PCAP of calls, while the audio works fine during the actual call, the PCAP shows the “would be RTP” packets as plain UDP. So when I try to anaylze the PCAP it doesn’t show that there was audio. The PCAPs are done using tcpdump. I put in a bug FREEPBX-7089 http://issues.freepbx.org/browse/FREEPBX-7089 but was told that this is not a bug, but rather to bring the issue to the forums. Help please.
Thanks
Theta is correct it is not a bug, rdp IS udp and you need to tell whatever you want that is analysing the pcap file what it is the stream contains. If in doubt try google.
I understand that RTP is UDP. when I open the PCAP in Wireshark, I see to conversations. The conversation between the phone and FreePBX shows up as RTP under the protocol column. However, the same conversation on the FreePBX towards the VoIP Provider just shows UDP in the protocol column. Therefore if I try to analyze the VoIP Provider side, Wireshark doesn’t see that there was RTP on that stream.
If your calls are working, then pretty well certainly the rtp streams are correct and working as advertized, perhaps your post perhaps better belongs in a wireshark support forum?
This always shows like this if wireshark did not see the start of the call. You can change it by right clicking on one of the protocols in the list and pick “Decode As” and pick RTP.
Thanks Tony,
That is what I thought too, so I had the tcpdump running before the call start to make sure all packets are captured right. Yet that is what I get, the missing first RTP packet. When I decode as RTP, I still can’t listen to that side of the call. I see all the SSRC IDs and everything tagged on the packets.
This smells like a wireshark forum problem, no?