Tuesday, October 18, 2011

Cisco: How does ASR 5000 Monitor and Control OTT VoIP?

An updated document by Cisco provides information on the DPI capabilities of the ASR-5000 (here). In addition to the long list of detected protocols, the following features are listed:
  • P2P Voice Call Duration: The ADC product has the capability to detect network traffic created by P2P VoIP clients such as Skype, Yahoo, MSN, Gtalk, Oscar. The VoIP call duration is a direct indication to the revenue impact of the network operator. The ADC product is well poised to process the network traffic online to detect and control the VoIP presence, and generate records that can be used to calculate the VoIP call durations.
  • Random Drop Charging Action - The random drop charging action is added as an option to degrade P2P voice calls. This is achieved by randomly dropping packets of the voice calls over the voice call period. Voice data is encoded in multiple packets by the codec. Since there is a possibility of packets being dropped in a network, the codec replicates the same information across multiple packets. This provides resilience to random packet drops in the network. For a considerable degradable voice quality, a chunk of packets need to be dropped. By this way, the codec will be unable to decode the required voice information. The chunk size for achieving degradation of voice call varies from one protocol to another. The Random Drop decision has to be made once for a chunk of packets. By choosing the random drop time from a configured range, the drop is achieved at random seconds within a configured range. The packets will drop within a known period of time. For example, if a voice call happens for 2 minutes and if we configure a drop interval of 12–15 seconds, then a packet will be dropped within the first 15 seconds of the voice call.
Nevertheless - Skype classification is not perfect:
  • The Skype detection cannot detect traffic of most of the third-party plug-ins. The plug-ins use Skype only for marketing and presentation purposes such as opening a window within a Skype window or modifying the main Skype window with buttons or sounds. These plug-ins do NOT use the Skype protocol to transfer data over the network.
  • Other than Skype Voice, all detected Skype traffic is marked as Skype. Distinctions between different data types within Skype (i.e. text chat, file transfer, and so on) cannot be made.
  • Skype voice detection may not be accurate if it happens with other traffic (file transfer, video, etc.) on the same flow. 

Source: Cisco

See "Cisco ASR 5000 Series Application Detection and Control Administration Guide" - here.


  1. Any ISP caught using this "VoIP degradation" feature should be shut down and their staff thrown into jail.

  2. This seems rather easy to get around if the need is great enough. www.bicomsystems.com