In the present paragraph we want to deal with Network checks, which happens to be a wide subject. Since it's difficult to nail down a narrow path, we will focus on Network status from the PrivateServer Appliance point of view.
This means checking that the appliance's network configuration is working as expected to be. Also we will suggest to you some deeper checking to deal with top level debuggings.
We can't provide to you the necessary Network Management and Protocol Layers background. To fully understand the following parts you need to have good expertise about:
- Network fundamentals:
- main transport layer protocol features and actions
- main network analysis methods and applications (tcpdump or ping)
It would also help to know something about the SIP protocol itself.
3.4.2 Getting started
In the voice exchange system's world, the network is usually divided in two legs:
- From the caller to the PBX
- From the PBX to the callee
The above distinction is made from a logical network design point of view. In a real world implementation you would probably have almost three logical networks (as in fig. 22.214.171.124).
fig 126.96.36.199: A typical network design (semplified)
The Network check should be performed on the full end-to-end communication channel, which is the sum of the aboves. On each network we should measure the following features:
- packet loss percentage
- round trip time average
- jittering level
Network behavior and quality are crucial to provide a good quality service. Some requirements are mandatory to operate a Secure Call Service, other requirements affects the Service quality, ranging from “Secure Call not very good” to “impossible to Secure Call”.
Check Operational requirements for more details on pre-requisites.
3.4.3 Measure the Network
Given the above considerations, requirements and thresholds, we are going to measure the Infrastructure network. The following tests would perform the Infrastructure Network mostly, but we want to stress that a good Network test should involve the whole communication channels.
188.8.131.52 Measure the Packet Loss percentage
The first test to perform is about the Packet Loss percentage, as this can lead both to a Bad Quality communications (ie: gaps made of silence during the Secure Call) or worse: can't place calls at all. We are going to measure the packet loss percentage between the PrivateServer appliance and an user network. This case is not always possible, but it's worthy. A simple way to run such test is using the well know "ping" network application. In the below box you can have a session example of the test:
The test aims to simulate a network traffic with voice packets. As the voice packets are sent any 200 ms, the ICMP packets forged by the ping command "ping -i 0.02 pbx.mydomain.it" perform almost the same way. As a matter of fact we can read in the bottom line the test results. In particular we focus on the "2.4% packet loss", which is way over our basic threshold for a good Secure Call performance.
184.108.40.206 Measure the round trip average
The round trip measure has to be performed on the SIP protocol to have some debugging value. Thus we can desume the round trip by the client log, as a first step before deciding to choose a deeper investigation. Here we report an excerption from a client's log. When performing this analysis we look for a "REGISTER" request by our client and we note the time the message has been sent:
So in the above excerption the REGISTER message was sent at 16:00:59 (which is 4:00:59 pm).
The time informations are written in minutes:seconds:hundredths
Now let's check when did the server answer to the client with a SIP "200 OK" message and then let's have some math:
So the client received the answer at 16:01:02. This means that the roundtrip between client and server is the difference between the command sent (16:00:59) and the answer received (16:01:02), which is:
So the roundtrip result is almost 1 seconds, which is border line outcome by our basic threshold statements.
220.127.116.11 Consider the jitter
For this consideration the output of the "ping" command is useful, but it still needs a human eye pair to understand it correctly. The "ping" outcome about jittering won't be written down in an easy to read output line, instead it needs to be deduced by the time variation each line shows up.
For example let's focus on the following lines extracted by the previous example:
You might have noticed that the average response time is about 32/33 ms, but it suddenly delays until it gets a "request timeout". Then it perform better from the "177.517" ms back to a 32 ms average response speed.
This time variation in response to the ICMP request is the jitter. We should measure it on UDP packets inside a Secure Call, but as we can't perform it arbitrarily, we otherwise relay on the ICMP test which goes pretty close to a possible jitter issue.
For a non jitter network communication we should have almost the same response time for each packet.
18.104.22.168 Following a SIP Session by User
If we are not sure about one client's behaviour and want to check out its network situation, then we first have to retrieve the user's name or peername (put some link here about this?). After that, we can check the client network history through the SIP Session Logs (link this to the SIP SessionLOG). Messages like "NETWORK_ERROR" or frequent "DISCONNECT" or "UNREGISTER", which might trigger a deeper analysis about the client status and its network performance.
Another method to debug a possible network issue in the client-server communication is to watch a live sip session. To perform such a test, first log in via SSH and the to the Asterisk Console (please refer to the related documentation to do so).
Using the Peername value, we can now set up a debug trace on a specified user this way:
In the above case we assume that the username/Peername is "922". The Asterisk server would answer with the client's IP address, if it's registered. Else you can get an answer as below:
Soon you should watch on the console all the SIP messages exchanged between PrivateServer Asterisk Service and the client. This method is usually usefull to understand if there are too many registration by one client or if the network link is somehow broken, such as the PrivateServer tries to send SIP messages to the client (ie: INVITE, OPTIONS, etc) with alternate luck.
When you think you're done with the Live SIP Session monitor, you can shut it down the following way: