Avatar of jkirman
Flag for United States of America asked on

Request for suggestions for network traffic analysis for VOIP call quality issues


I have a client who has been experiencing severe VOIP call quality issues at a small branch office for some time.  A summary of the voice/data configuration at that office is as follows:

Cable-modem circuit is from a local NYC provider, 35 X 5 speed
The cable modem circuit provides voice and data feeds, and connects via coax into an Arris cable-modem-router.
The circuit has a static IP assigned to the router, last octet .225, and a block of 5 public IP's.
The data interface from the Arris connects to a Sonicwall TZ100 firewall, which has the first available public IP at .226.
The Sonicwall LAN connects to an 8-port managed HP GB speed switch.

A secondary interface on the Arris connects to a Cisco 1841 router.  The 1841 handles the VOIP / Voice traffic, and has the next available public IP address assigned to it, at .227.
The Cisco 1841 router connects into a Cisco Catalyst switch.
The Cisco 1841 and the Catalyst are both provided and managed by the VOIP provider, which is a separate company from the cablemodem ISP.

There are 6 or 7 VOIP phones connected into the Cisco catalyst switch.
There are 2 PC's on the data circuit which are connected into the HP managed switch.
FYI the office is a building engineering office.  Engineers on different shifts work out of the office and take care of the building's electrical, HVAC, plumbing and all other aspects of commercial building operations.

The problem they've been experiencing is that when anyone in the office is using the VOIP phones, whether for outgoing or incoming calls, they intermittently experience severe dropouts.  During a typical conversation, there are invariably 1- or 2-second losses of any given conversation.  The person's speech just blanks out for that 1- or 2-second period.  The noise level on the calls is also noticeable, even when the dropouts aren't occurring.  Call quality has been so poor that the users at the branch office only make outgoing calls with their cell phones, and request that outside callers call into their cell phones whenever possible.

I've spoken to the main cablemodem circuit ISP, but they're unable to do any type of packet loss or traffic analysis monitoring.  The VOIP provider has told me that if their are line issues, it's probably the main ISP's issue.  Typical finger-pointing for these types of situations.

I've had the main ISP run health checks for a full week on the cablemodem circuit.  They found that the signal to the cablemodem was stable and at a good level.  On 2 to 3 occasions during the week, they saw that there was a traffic overage on the upstream side, which is somewhat strange, since there are maybe 3 or 4 calls taking place at one time, and only a couple of PC's.  The users on the PC's are using Citrix to access email remotely, so there is very little upstream traffic they should be generating.  I understand from conversations I've had with various VOIP professionals that a typical VOIP call takes max c. 125K of bandwidth, so between say 4 or 5 calls going on and limited upstream data traffic, I don't know how that ends up generating traffic overages on a circuit with 5 MB upstream capacity.  

I checked the HP switch on the data side, and don't see any bad packets or errors accumulated after 2 months of that switch monitoring the data traffic.  I've had the main circuit ISP check and confirm that ALG and H225 are disabled on the Arris cablemodem.

My career professional experience has been pretty much all on the data side, but I've been asked to see if I can assist on this and locate the source of the voice issues.  If this can't be resolved, they've told me that they want to put in a T1 for the voice connectivity.  I believe a T1 will be much more expensive, and although proven technology, it's also somewhat dated.  So I'm hoping I can get the current configuration working properly and save them the expense of a T1.

I'm requesting anyone's suggestions on what is the most effective way to diagnose this type of issue.  Can you please suggest:

1) Network monitoring software you'd recommend
2) General methodology / approach towards locating the issue source

Any and all suggestions would be appreciated.   Thanks.
Voice Over IPNetwork Analysis

Avatar of undefined
Last Comment

8/22/2022 - Mon
J Spoor

Did you try to use the SonicWALL's bandwidth management features?

View example configurations and the SonicWALL webui and features on http://livedemo.sonicwall.com or http://ngfw-demo.com

Multiply the effectiveness of your APT Sandbox, stop unknown and zero-day attacks at the gateway. See a demo on http://apt-demo.com or http://atp.demo.com

You can also view the Next-Generation Firewalls via
http://next-generation-firewall.com or http://next-generation-firewall-demo.com

View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.

Kimputer thanks for the thoughts.  I'll be doing that basic voice-train only (i.e. shutting down/disconnecting the firewall) test early next week and will post results here.

Kimputer sorry for the delay in closing this out and rewarding the points.  I did isolate the voice communications by pulling out the data, but there was not much difference.  The carriers involved were basically useless in doing anything besides saying that their tests showed no issues from their respective sides.  In the end the client will be replacing the combined voice + data lines with separate circuits for voice and data.  Thanks again for your input.
Experts Exchange is like having an extremely knowledgeable team sitting and waiting for your call. Couldn't do my job half as well as I do without it!
James Murphy