> 1
Performance analysis of open source solutions using
Wireshark
Koolwal Jai ,Pal Sumalya
 this project we are using Wireshark on Ubuntu Karmic Koala
Abstract— The goal of this project is to form a detailed analysis of
Multi point video, audio, text and collaboration softwares like the
Ekiga , Empathy and BigBlueButton ; and will be completing a
survey, comparing them on issues like robustness in call quality,
video quality in one to one as well as conference mode , for this
purpose we shall deploy the WIRESHARK (packet sniffer for
Linux) and building on the data collected we shall have a better
comparative understanding about the performance of these
softwares in different open source environments like UBUNTU &
FEDORA.
KeyWords-wireshark,bigbluebutton,ekiga,empathy, packet,
networking, linux, alpine linux, fedora, ubuntu,Voip, web
conference, data, Multi point video, audio, text
I. INTRODUCTION
In modern times when there is financial turmoil, the industries
are looking for ways to grade down the costs in view of
sustaining their profits. One way to cut down their cost is
cheap or rather cost less alternatives for hard line telephones.
Hence Soft phones has gained enormous popularity. Using
Soft Phones the industries can set up telephony systems that
will help them curb down their call costs. Also in recent times
with the advent of free open source SIP platforms like
Asterisk, Kamailo, and Freeswitch; the world of VOIP and SIP
phones have become a major player in the world of free
telephony.
Now as SIP phone are gaining popularity more and more,
the technicians are discovering new problems associated with
this technology. While using SIP phone services whether for
home use or business purpose in a one to one or conference
mode one often comes across problems like lost calls, bad call
quality, other line seems to be engaged while it is actually not
& also jump calls(calls to wrong telephone number) . There
have been multiple softwares produced for deciphering such
problems in SIP telephony. These softwares mainly deal with
analyzing the incoming and outgoing calls through the router
that are using the SIP protocol or the RTP or UDP protocols.
After the analyses of these protocols are done the problem is
pinpointed and can be dealt with effectively.
Two of the most acknowledged software in this field are
TCP Dump and Wireshark. While TCP Dump can only run on
UNIX platforms, Wireshark can be run on any platform. In
platform for analyzing SIP protocol for various soft phones
used by industries as well as individuals in modern times.
II. SCHEME OF THE PROJECT
In this project we will be analyzing the different SIP/VOIP
solutions using Wireshark that are available in the market and
then give a detailed report on the QoS (quality of service) as a
comparison for all these solutions. The solutions that we will
test are:
1. Empathy: This is an instant messaging client which
supports text, voice, video, file transfers, and inter-
application communication over various IM
protocols.
Empathy also provides a collection of re-usable
Graphical User Interface widgets for developing
instant messaging clients for the GNOME desktop.
It is written as extension to the Telepathy
framework, for connecting to different instant
messaging networks with a unified user interface.
Empathy has been included in the GNOME
desktop since version
2. Ekiga : This was formerly called gnome is a VoIP
and video conferencing application for GNOME
and Windows . It is distributed as free software
under the terms of the GNU General Public
License. se" Ekiga supports both the SIP and
H.323 (based on OpenH323 protocols )and is fully
interoperable with any other SIP compliant
application and with Microsoft NetMeeting . It
supports many high-quality audio and video
codecs.
3. BigBlueButton = The BigBlueButton is a versatile
open source project that is built over fourteen open
source components to create an integrated web
conferencing system that runs on mac, unix or pc
computers. some of the features of this softphone
are web cam management, presentation in which
any user can upload PDF presentation, office
document and keep everyone in sync with their
current page, zoom, pan, and see the presenters
mouse pointer. BigBlueButton voice conferencing
supports voice over IP (VOIP) conferencing out-of-
the-box.
> 2

III. WIRESHARK in offline mode.

Wireshark is the world's foremost network protocol analyzer, We did this for two SIP phones. First we
and is the de facto standard across many industries and analyzed Ekiga and then Empathy.
educational institutions. The features of this tool are:
 Live capture of packets and their offline analysis. VI. RESULTS
 Standard three pane packet browser.
 Runs on multiple platforms: Packet Sequenc Time Delta Jitter(ms) Skew IP BW Mark Status
Windows, Linux, Solaris, NetBSD, e stamp (ms) (ms) (Kbps) er
FreeBSD.
 Captured network data can be
1 623 4477 44860 0 0 0 1.6 SET [OK]
browsed via a GUI, or via the TTY-
0
mode TShark utility
2 625 4478 44876 19.8 0.01 0.17 3.2 [OK]
 The most powerful display filters in
0 3
the industry
3 627 4479 44892 19.9 0.01 0.21 4.8 [OK]
 Rich VOIP/SIP protocol analysis. 0 6
 Deep inspection of hundreds of 4 629 4480 44908 20 0.01 0.21 6.4 [OK]
protocols added every day. 0
5 632 4481 44924 20.5 0.04 -0.28 8 [OK]
0
IV. PROTOCOLS ANALYZED 6 633 4482 44940 19.7 0.05 -0.08 9.6 [OK]
0 9
7 636 4483 44956 20 0.05 -0.08 11.2 [OK]
V. THE PROCESS 0
First we start the wireshark protocol analyzer and start the packet
capture mechanism as shown in Fig 1. Fig. 2 Table showing the details of the SIP transaction

The above table gives us the detailed account of the SIP call
made from Empathy. We can see that the jitter accounted for
is very stable and is quite acceptable.
Next we will fetch another table like this one for Ekiga
and will be able to analyze in a comparable manner between
these two SIP services.

Fig 1. The wireshark capture window

Then we start the Soft phone and dialed a toll free

number (we dialed 001-800-457-7777, the toll free
number of Toshiba service center). As soon as the
number is dialed we could see wireshark capturing
the RTP (Real time protocol) packets.
After about three to four minutes, we stopped the
capturing process and started analyzing the packets
Fig 3. Graph showing the Forward Jitter and the Reverse
jitter in Empathy.
The above graph shows the forward jitter in the call. Note
that no green spikes can be seen in the graph. Green spikes
represent the reverse jitter. Since there was no answer from our
side , there were no reverse jitter experienced. Hence there are
> 3
no green spikes.
Fig 3. The analyzed call spikes in Empathy.
The above figure represents the Call graph. Here only one
channel seems to have the spikes. This is because only the
operator on the other side of the phone talked.
VII. THE MATHS INVOLVED
. Wireshark calculates jitter according to RFC3550 (RTP):
If Si is the RTP timestamp from packet i, and Ri is the time of
arrival in RTP timestamp units for packet i, then for two
packets
i and j, D may be expressed as
 D(i,j) = (Rj - Ri) - (Sj - Si) = (Rj - Sj) - (Ri - Si)
The interarrival jitter SHOULD be calculated continuously as
difference D for that packet and the previous packet i-1 in
order
of arrival (not necessarily in sequence), according to the
formula
 J(i) = J(i-1) + (|D(i-1,i)| - J(i-1))/16
RTP timestamp: RTP timestamp is based on the
sampling frequency
of the codec, 8000 in most audio codecs and 90000 in
most video codecs
As the sampling frequency must be known to correctly
calculate jitter
it is problematic to do jitter calculations for dynamic
payload types
as the codec and it's sampling frequency must be known
which implies
that the setup information for the session must be in the
trace and the codec
used must be known to the program(with the current
implementation).
If suppose we have the following sample data –
R0 = frame 624: frame.time = Jul 4, 2005 11:56:25.348411000
S0 = frame 624: rtp.timestamp = 1240
R1 = frame 625: frame.time = Jul 4, 2005 11:56:25.418358000
S1 = frame 625: rtp.timestamp = 1400
R2 = frame 626: frame.time = Jul 4, 2005 11:56:25.421891000
S2 = frame 626: rtp.timestamp = 1560
we also have rtp.p_type = ITU-T G.711 PCMA (8) and thus we know
sampling clock is 8000Hz and thus the unit of rtp.timestamp is 1/8000
sec = 0.000125 sec .
Then this is how we shall calculate the JITTER
frame 624:
J(0) = 0
frame 625:
D(0,1) = (R1 - R0) - (S1 - S0)
 = [in seconds] (.418358000 sec - .348411000 sec) - (1400 *
0.000125 sec - 1240 * 0.000125 sec) = 0.049947
J(1) = J(0) + (|D(0,1)| - J(0))/16
 = [in seconds] 0 + (|0.049947| - 0)/16 = 0.0031216875
frame 626:
D(1,2) = (R2 - R1) - (S2 - S1)
 = [in seconds] (.421891000 sec - .418358000 sec) - (1560 *
0.000125 sec - 1400 * 0.000125 sec) = -0.016467
J(2) = J(1) + (|D(1,2)| - J(1))/16
 = [in seconds] 0.0031216875 + (|-0.016467| - 0.0031216875)/16
= 0.00395576953125
 How bandwidth (BW) is calculated
The BW column in RTP Streams and RTP Statistics dialogs shows the
bandwidth at IP level for the given RTP stream. It is the sum of all octets,
including IP and UDP headers (20+8 bytes), from all the packets of the
given RTP stream over the last second.
VIII. FUTURE OF OUR PROJECT
We intend to perform the packet analysis on EKIGA,
EMPATHY on both FEDORA and UBUNTU with a
permutation and combination ensuring we are able to compare
each soft phone on each OS & hence get a better insight into
both the soft phones and the robustness of the OS.
REFERENCES
[1] A. Leon-Garcia, I. Widjaja, Communication Networks: Fundamental
Concepts and Key Architectures, 2nd ed., New York: McGraw-Hill,
2004, pp. 706-756.
[2] “QoS Assessment of Video Over IP.” [Online]. Available:
http://encyclopedia.jrank.org/articles/pages/6873/Qos-Assessment-of-
Video-Over-IP.html
[3] “Ethernet Capture Setup.” [Online]. Available:
http://wiki.wireshark.org/CaptureSetup/Ethernet
[4] WIRESHARK WEBSITE www.wireshark.org