[VOIPSEC] RTP packet signature
voip at skora.net
Wed Oct 5 14:40:23 BST 2005
Marc.JACOBS at etca.alcatel.be writes:
> Is there a means to know either an UDP/TCP packet encapsulates a RTP/RTCP
> packet or not without using the signaling protocols (SIP, H323, ...) ? In
> other words, how can I identify a RTP packet on-the-fly without having
> access to the signaling protocol ?
One possibility I've discovered for QoS purposes was that the flags of
RTP-packets sent by VoIP applications are set in a manner that at offset
0x2A of the whole packet (first byte of UDP-payload) the value 0x80
stands. This is not really satifying because nothing prevents that RTP
packets are sent with other flags and on other side you recognize some
other UDP-packets as RTP that match this condition.
More information about the Voipsec