SIP/H323/Streaming media verifying QOS settings with packet captures

03/26/2020 29 People found this article helpful 475,295 Views

Description

Resolution

The concept of Quality if Service,(QOS) is explained in the document “SonicOS Enhanced 3.1 Configuring QoS and BWM”
The main purpose of this article is determining if QOS is applied to the traffic. This is accomplished by running a packet capture and viewing the media traffic.
In the Wireshark utility this is normally identified with Real-Time Transport Protocol, RTP.

The caveat to QOS is no matter the settings used, once it leaves the firewall it is dependent upon the path traveled to and from the firewall. The providers will perform one of three action:

preserve and process the markings
preserve, and ignore the markings as it passes through their network
mangle marking to an unrecognizable setting
strip the markings completely.

Once again this article is only to show how to view the markings in a packet capture. This is done by looking at the IP information in the Differentiated services field. You can see the value in two ways. On the expressions menu you select IP, then to ip.dsfield.dscp. In the screen shot Expedited forwarding EF is selected with a hex value 0x2e.

The second method is to use the filter “rtp”. This filter will show only the media traffic. Expand the Internet Protocol header, then go to the Differentiated Services field select the field. Right click on the field and follow the menu to apply filter on selected. It will then create the filter ip.dsfield == 184. This filter value needs to be explained

Most vendors by default set the QOS to 0 which is best effort, for RTP traffic. Please refer to the vendor’s admin guide. Most vendor a marking of EF which is a decimal value of 46, according to RFC. The way the RFC for EF calculates the decimal value gives two values, the RFC value of 46, and wireshark along with some vendor’s documentation of decimal value 184. It is all in the way the value is read in the packet.

Since the purpose of this article is how to verify the markings are set correctly there is a filter that can assist with looking for packets the do not have the value. The filter is without the quotes “rtp && ip.dsfield < 184” This will show the RTP packets without the EF settings. Normally the packets with the missing EF settings are inbound. At this point discuss with you provider their policy on QOS markings. The service may be provided at a cost. If after performing these few traces assistance is still needed, please contact our help desk.

Not Finding Your Answers?

ASK THE COMMUNITY

Was This Article Helpful?

YES NO

SIP/H323/Streaming media verifying QOS settings with packet captures

Description

Resolution

Related Articles

Categories

Not Finding Your Answers?

Was This Article Helpful?

Article Helpful Form

Article Not Helpful Form

Follow Us

Subscribe to newsletter

Stay In Touch