A digital VOIP phone
In the last 10 years, many businesses and telephone companies have moved away from the traditional Public Switched Telephone Network (PSTN) to Internet-based telephony systems. The traffic on a network that is generated by a telephone is known as Voice-Over Internet Protocol, or VOIP. VOIP traffic has two main components: the signalling protocol such as SIP, H.323 or MGCP to control the call, and the Real-Time Transport Protocol (RTP) to carry the speech itself.
Instructions
1. Download Wireshark, a free packet-capturing tool (see Resources).
2. Install Wireshark on your machine, and open the application. From the home screen, look under the list of Network Adapters and select the network interface patched into the network that has the VOIP traffic running through it.
3. Click on the file menu, and select "Start Real Time Capture." Make (or attempt to make) a call using one of the VOIP phones. Make a note of the IP addresses of the two VOIP phones and the PBX.
4. Edit the Wireshark capture to specify UDP as a filter on the type of packets, as both signalling traffic (e.g., SIP) and voice traffic (RTP) are UDP protocols.
5. Order the capture by Source by clicking on the heading of the Source column so you can quickly jump to the packets of the VOIP phone from which you obtained the IP address in Step 3. Here you will see all the packets that the phone is transmitting, first to the PBX to establish the call, and then to the second IP phone when the call is established.
Tags: network that, VOIP phone, VOIP phones, VOIP traffic