2A STRA

   I was genuinely surprised when I learned that our VoIP recording software had detected the use of an unknown Codec 52 in our IP network. That simply shouldn't be possible. To the best of my knowledge, only standard codecs are in use here - typically the legacy G.711, or in some cases, the more modern wideband G.722.2 (AMR-WB) for HD voice. But Codec 52? It must be a mistake - such a codec shouldn't even exist. Check RTP Header Structure  Let's start by reviewing the standard to understand how VoIP payload types are encoded. RTP: A Transport Protocol for Real-Time Applications ( RFC3550 )    The RTP header has the following format:     0                   1                   2                   3     0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1    +-+-+-+-+-+-+-+-+...

We need to capture VoIP traffic - including both inbound and outbound RTP streams - from dedicated IP phones for delivery to the Call Recording server. These IP phones are distributed across various remote switches within the Layer 2 Ethernet network. By configuring RSPAN (Remote Switched Port Analyzer), we can mirror the VoIP traffic from these remote switches to a destination switch that is directly connected to the Call Recorder.  Network diagram: RSPAN configuration We are using Edge-Core ECS4100 series switches, which feature a Cisco-like command-line interface (CLI). Source switch 1 Create VLAN 100 for RSPAN traffic: vlan database  VLAN 1 name DefaultVlan media ethernet  VLAN 100 media ethernet rspan Create RSPAN session 1 with Source and Remote ports : rspan session 1 source interface ethernet 1/2 both rspan session 1 remote vlan 100 source uplink ethernet 1/25 Both transmit (TX) and receive (RX) traffic on port 2 will be mirrored to uplink port 25 via VLAN 100. Sh...