Debugging Skype Traffic

From Allegro Packets Product Wiki
Jump to navigation Jump to search

This page describes how Skype traffic can be analyzed with the Allegro Network Multimeter.

Skype client protocols

The Skype client relies on SSL for all control based traffic and RTP for all audio/video based traffic.

The Allegro Network Multimeter allows you to search for traffic to the Microsoft cloud, helps to analyze the response time of the SSL encrypted control traffic and analyzes the RTP traffic for quality parameters like packet loss, jitter, etc.

Skype control traffic

Skype control traffic is SSL encrypted. This does not allow for decoding and analysis of the control connection content. Since SSL uses TCP as the Layer 4 protocol, all of the TCP connection quality statistics can be used for debugging. Additionally, the response time for the SSL handshake and the first encrypted SSL data response time is available.

The most important quality parameters are:

  • TCP handshake response time
  • TCP retransmission rates
  • TCP Zero Window times
  • SSL hello handshake respone time
  • SSL first data response time

Please read the TCP module and SSL module for more information on these and more counters.

A simple way to see an overview of the response time for Skype servers is the IP statistics table. You can use the free text search for "skype" and select the the graph dialogue: "TCP response time". This will present you the top IP addresses with a correlated name to skype and their TCP response times. You can also enable the Timing columns to view and sort for response times.

Skype response time.png

This graph shows you the TCP stack delay to confirm data reception. Note that many TCP stacks wait a few milliseconds if there is no data to respond to(see [Wikipedia TCP delayed acknowledgment]). Any additional delay on top of this time (usually 40 ms) indicates a significant roundtrip time delay. If you have installed the Allegro close to the Skype client, it will be the roundtrip time of the TCP packets from your network to the Skype cloud.

DNS names used and IP address ranges can differ for Skype since the control servers in the Microsoft cloud use load balancing which can point data to different servers. A current description for Skype for Business can be found here: [1]

The analysis can also be done for TCP retransmissions and TCP Zero Window statistics. If you have installed the Allegro close to the Skype client, this will indicate if the data sent to the Skype server required a retransmission on the WAN link or if the receiver buffer is full, indicating receiver overload.

Skype audio/video traffic

The Skype audio/video traffic is sent by encrypted RTP frames. As RTP encryption is applied only on the content and not on the RTP header, you can still debug the RTP traffic with the RTP decoder output of the Allegro Network Multimeter.

To get an overview of which IPs have used RTP, you can use the ApplicationsRTP statistics page and search for skype.

Skype rtp statistics overview.png

This allows you to see which IP address have used the protocol RTP. It shows an overview of the RTP packet loss and jitter based on RTP sequence numbers. To obtain detailed information about individual connections, click on the IP address. This will show RTP packet loss and jitter for each connection.

Skype rtp statistics ip detailed.png