Debugging Skype Traffic

From Allegro Network Multimeter Manual
Jump to navigation Jump to search

This page describes how Microsoft Teams and Skype traffic can be analyzed with the Allegro Network Multimeter.

Microsoft Teams and Skype client protocols

The Microsoft Teams and Skype clients rely on SSL for all control based traffic and RTP for all audio/video based traffic.

The Allegro Network Multimeter allows you to search for traffic to the Microsoft cloud, helps to analyze the response time of the SSL encrypted control traffic and analyzes the RTP traffic for quality parameters like packet loss, jitter, etc.

Microsoft Teams and Skype control traffic

Microsoft Teams and Skype control traffic is SSL encrypted. This does not allow for decoding and analysis of the control connection content. Since SSL uses TCP as the Layer 4 protocol, all of the TCP connection quality statistics can be used for debugging. Additionally, the response time for the SSL handshake and the first encrypted SSL data response time is available.

The most important quality parameters are:

  • TCP handshake response time
  • TCP retransmission rates
  • TCP Zero Window times
  • SSL hello handshake response time
  • SSL first data response time

Please read the TCP module and SSL module for more information on these and more counters.

A simple way to see an overview of the response time for Microsoft Teams and Skype servers is the IP statistics table. You can use the free text search for "skype" and select the graph dialogue: "TCP response time". This will present you the top IP addresses with a correlated name to skype and their TCP response times. You can also enable the Timing columns to view and sort for response times.

Skype response time.png

This graph shows you the TCP stack delay to confirm data reception. Note that many TCP stacks wait a few milliseconds if there is no data to respond to(see [Wikipedia TCP delayed acknowledgment]). Any additional delay on top of this time (usually 40 ms) indicates a significant roundtrip time delay. If you have installed the Allegro Network Multimeter close to the Microsoft Teams or Skype client, it will be the roundtrip time of the TCP packets from your network to the Teams/Skype cloud.

DNS names and IP address ranges for both Microsoft Teams and Skype are subject to change regularly, since the control servers in the Microsoft cloud use load balancing, which can point data to different servers. A current description for Skype for Business can be found here: [1]

The analysis can also be done for TCP retransmissions and TCP Zero Window statistics. If you have installed the Allegro Netwok Multimeter close to the Microsoft Teams or Skype client, this will indicate if the data sent to the Teams/Skype server required a retransmission on the WAN link or if the receiver buffer is full, indicating receiver overload.

Teams IP and port ranges:

See Microsoft support document for list of IP address ranges and ports used for different Microsoft services.

Microsoft Teams and Skype audio/video traffic

The Microsoft Teams and Skype audio/video traffic is sent by encrypted RTP frames. As RTP encryption is applied only on the content and not on the RTP header, you can still debug the RTP traffic with the RTP decoder output of the Allegro Network Multimeter.

To get an overview of which IPs have used RTP, you can use the ApplicationsRTP statistics page and search for Teams or Skype.

Skype rtp statistics overview.png

This allows you to see which IP address have used the protocol RTP. It shows an overview of the RTP packet loss and jitter based on RTP sequence numbers. To obtain detailed information about individual connections, click on the IP address. This will show RTP packet loss and jitter for each connection.

Skype rtp statistics ip detailed.png