VoIP Ethernet Capture
From TBwiki
(Difference between revisions)
(→Procedure) |
|||
(7 intermediate revisions by 4 users not shown) | |||
Line 1: | Line 1: | ||
The [[Tmedia]] product can configure one of its VoIP Ethernet ports to do [http://en.wikipedia.org/wiki/Port_mirroring Port Mirroring]. This is useful when investigating RTP, Codecs or IP Tones issues. | The [[Tmedia]] product can configure one of its VoIP Ethernet ports to do [http://en.wikipedia.org/wiki/Port_mirroring Port Mirroring]. This is useful when investigating RTP, Codecs or IP Tones issues. | ||
− | + | === Preparing the Tmedia for capture (enable ports mirroring) === | |
− | + | *If the traffic to be captured is on a 802.1Q VLAN and the [[Tctrl]] version is >= 2.8, an IP interface with the 'MANAGEMENT' service must be created through the Web Portal. The IP interface must be assigned to a virtual port that is assigned to the capture port and uses the 802.1Q VLAN ID that is targeted by the capture. | |
− | + | ||
− | == | + | |
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
*Access the [[Tmedia]] unit using SSH. | *Access the [[Tmedia]] unit using SSH. | ||
*Access the telecom baseboard from the [[Tmedia]] using telnet. | *Access the telecom baseboard from the [[Tmedia]] using telnet. | ||
telnet 172.31.1.1 | telnet 172.31.1.1 | ||
+ | *Type in the mv88eMonitor command to get the list of ports on the unit: | ||
+ | mv88eMonitor | ||
+ | *A list (such as the one below) should appear: | ||
+ | Port Mapping: | ||
+ | PortDesc : eth0 eth1 voip0 voip1 mspeedsw1 mspeedsw2 fpga0 fpga1 host cpu | ||
+ | PortNumber : 0 1 2 3 4 5 6 7 8 9 | ||
+ | PortMask : 0x1 0x2 0x4 0x8 0x10 0x20 0x40 0x80 0x100 0x200 | ||
+ | *The 'PortNumber' is the '''destination''' port for the capture. | ||
+ | **If the traffic is to be captured on the '''internal host''' of the TMG unit, use the number below the '''host''' port (in the above example, 8). | ||
+ | **If the traffic is to be captured on an '''external host''' (laptop, PC, or specialized equipment), choose the number below the desired target port (for example, 0 for eth0). | ||
+ | *The 'PortMask' is the '''source''' mask for the capture. On the above example, traffic going through the voip0 port would be captured using the 0x4 mask. | ||
+ | *Use the mv88eMonitor command in order to mirror traffic as desired. Here is the syntax: | ||
+ | mv88eMonitor <IngressPortMask> <EgressPortMask> <PortNumber> <TimeoutInSeconds> | ||
+ | **The 'IngressPortMask' is the mask used for capturing traffic that is sent to the TMG. | ||
+ | **The 'EgressPortMask' is the mask used for capturing traffic that is sent from the TMG. | ||
+ | **The 'PortNumber' is where the captured traffic should be mirrored to. | ||
+ | **The 'TimeoutInSeconds' is the time the mirror operation is active before being automatically stopped. | ||
+ | *Here is an example to mirror all the voip0 traffic to a TMG3200's internal host, for 60 seconds: | ||
+ | mv88eMonitor 0x4 0x4 8 60 | ||
+ | *Here is an example to mirror the incoming voip0 traffic on a TMG3200 to an external host connected to the eth1 port: | ||
+ | mv88eMonitor 0x4 0 1 60 | ||
− | === | + | === Start the capture === |
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
*Exit the telecom baseboard's shell (type "exit") | *Exit the telecom baseboard's shell (type "exit") | ||
− | * | + | *If the capture is to be done on an external host, use a tool such as 'Wireshark' to capture and analyze the mirrored traffic. |
− | = | + | **When configuring a port as a mirror, it is important to connect that Ethernet port directly to a host (like a laptop). Otherwise, it could cause issues such as an Ethernet loop. |
+ | **If capturing 802.1Q tagged traffic, make sure the receiving equipment is actually configured to process 802.1Q tagged traffic. | ||
+ | *If the capture is to be done on the TMG's internal host: | ||
+ | **Use the '''[[Get Product Type|tbinfo]]''' command to find out which product is currently used. | ||
+ | **Use the following table to know on which Linux interface to capture the traffic: | ||
+ | {| class="wikitable" | ||
+ | |- | ||
+ | ! TMG800 !! TMG3200 !! 802.1Q capture | ||
+ | |- | ||
+ | | '''mgmt0''' || '''int0''' || '''vlanXXXX''', where XXXX is the VLAN ID (e.g. vlan333) | ||
+ | |} | ||
+ | *Use the "tcpdump" tool to capture mirrored packets: | ||
tcpdump -i mgmt0 -s 1500 -w capture_file.cap | tcpdump -i mgmt0 -s 1500 -w capture_file.cap | ||
− | + | *To capture 802.1Q tagged traffic, use the correct VLAN interface: | |
− | + | tcpdump -i vlan333 -s 1500 -w capture_file.cap | |
− | tcpdump -i | + | |
− | + | ||
=== Stop the Capture === | === Stop the Capture === | ||
Line 49: | Line 53: | ||
telnet 172.31.1.1 | telnet 172.31.1.1 | ||
*Stop the capture | *Stop the capture | ||
− | mv88eMonitor 0 0 | + | mv88eMonitor 0 0 0 |
=== Download the Capture === | === Download the Capture === | ||
To download the capture, use SSH secure copy ("sftp") to the Tmedia management port. This can be done on Windows using tools like Filezilla. | To download the capture, use SSH secure copy ("sftp") to the Tmedia management port. This can be done on Windows using tools like Filezilla. | ||
− | |||
− | |||
− | === | + | == Procedure == |
− | + | ||
− | + | ||
− | + | *[[Toolpack:Troubleshooting_D#VoIP_Ethernet_Capture|VoIP Ethernet Capture for v3.0]] | |
− | + | *[[Toolpack:Troubleshooting_C#VoIP_Ethernet_Capture|VoIP Ethernet Capture for v2.10]] | |
− | + | *[[Toolpack:Troubleshooting_B#VoIP_Ethernet_Capture|VoIP Ethernet Capture for v2.9]] | |
− | * | + | *[[Toolpack:Troubleshooting_A#VoIP_Ethernet_Capture|VoIP Ethernet Capture for v2.8]] |
− | * | + | *[[Web_Portal_Tutorial_Guide_v2.7#VoIP_Ethernet_Capture|VoIP Ethernet Capture for v2.7]] |
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | * | + | |
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + |
Latest revision as of 14:43, 9 January 2019
The Tmedia product can configure one of its VoIP Ethernet ports to do Port Mirroring. This is useful when investigating RTP, Codecs or IP Tones issues.
Contents |
Preparing the Tmedia for capture (enable ports mirroring)
- If the traffic to be captured is on a 802.1Q VLAN and the Tctrl version is >= 2.8, an IP interface with the 'MANAGEMENT' service must be created through the Web Portal. The IP interface must be assigned to a virtual port that is assigned to the capture port and uses the 802.1Q VLAN ID that is targeted by the capture.
- Access the Tmedia unit using SSH.
- Access the telecom baseboard from the Tmedia using telnet.
telnet 172.31.1.1
- Type in the mv88eMonitor command to get the list of ports on the unit:
mv88eMonitor
- A list (such as the one below) should appear:
Port Mapping: PortDesc : eth0 eth1 voip0 voip1 mspeedsw1 mspeedsw2 fpga0 fpga1 host cpu PortNumber : 0 1 2 3 4 5 6 7 8 9 PortMask : 0x1 0x2 0x4 0x8 0x10 0x20 0x40 0x80 0x100 0x200
- The 'PortNumber' is the destination port for the capture.
- If the traffic is to be captured on the internal host of the TMG unit, use the number below the host port (in the above example, 8).
- If the traffic is to be captured on an external host (laptop, PC, or specialized equipment), choose the number below the desired target port (for example, 0 for eth0).
- The 'PortMask' is the source mask for the capture. On the above example, traffic going through the voip0 port would be captured using the 0x4 mask.
- Use the mv88eMonitor command in order to mirror traffic as desired. Here is the syntax:
mv88eMonitor <IngressPortMask> <EgressPortMask> <PortNumber> <TimeoutInSeconds>
- The 'IngressPortMask' is the mask used for capturing traffic that is sent to the TMG.
- The 'EgressPortMask' is the mask used for capturing traffic that is sent from the TMG.
- The 'PortNumber' is where the captured traffic should be mirrored to.
- The 'TimeoutInSeconds' is the time the mirror operation is active before being automatically stopped.
- Here is an example to mirror all the voip0 traffic to a TMG3200's internal host, for 60 seconds:
mv88eMonitor 0x4 0x4 8 60
- Here is an example to mirror the incoming voip0 traffic on a TMG3200 to an external host connected to the eth1 port:
mv88eMonitor 0x4 0 1 60
Start the capture
- Exit the telecom baseboard's shell (type "exit")
- If the capture is to be done on an external host, use a tool such as 'Wireshark' to capture and analyze the mirrored traffic.
- When configuring a port as a mirror, it is important to connect that Ethernet port directly to a host (like a laptop). Otherwise, it could cause issues such as an Ethernet loop.
- If capturing 802.1Q tagged traffic, make sure the receiving equipment is actually configured to process 802.1Q tagged traffic.
- If the capture is to be done on the TMG's internal host:
- Use the tbinfo command to find out which product is currently used.
- Use the following table to know on which Linux interface to capture the traffic:
TMG800 | TMG3200 | 802.1Q capture |
---|---|---|
mgmt0 | int0 | vlanXXXX, where XXXX is the VLAN ID (e.g. vlan333) |
- Use the "tcpdump" tool to capture mirrored packets:
tcpdump -i mgmt0 -s 1500 -w capture_file.cap
- To capture 802.1Q tagged traffic, use the correct VLAN interface:
tcpdump -i vlan333 -s 1500 -w capture_file.cap
Stop the Capture
When you're ready, stop the capture by
- pressing control-C on the shell that was running tcpdump command
- Access the telecom baseboard from the Tmedia using telnet.
telnet 172.31.1.1
- Stop the capture
mv88eMonitor 0 0 0
Download the Capture
To download the capture, use SSH secure copy ("sftp") to the Tmedia management port. This can be done on Windows using tools like Filezilla.