VoIP Ethernet Capture TMG3200

From TBwiki
Revision as of 22:41, 25 March 2018 by William Wong (Talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Applies to version(s): v2.7

Capturing using the TMG3200's internal host

The TMG3200's internal host can be used for capturing packets that are mirrored from the VOIP0 and/or VOIP1 physical ports. This includes RTP traffic.

Start Capture

You need two SSH sessions to capture the traffic:

First, access the Tmedia management interface using SSH. Then, access the telecom baseboard using

telnet 172.31.1.1 

Prompt is now:

0/tbgw>

To capture VoIP0 traffic:

mv88eMonitor 0x4 0x4 8 600

To capture VoIP1 traffic:

mv88eMonitor 0x8 0x8 8 600

In the example the duration is 600 seconds, thus will capture traffic for 10 minutes.

Note: We don't recommend to keep the capturing for a long time. This is only for debugging purpose.

Second, access the Tmedia management interface using SSH
Prompt is now:

[root@TBxxxxxx ~]#

To dump the content of the VOIP traffic in the file voip_capture.cap

tcpdump -i int0 -s 1500 -w voip_capture.cap

You will see something like this:

tcpdump: listening on int0, link-type EN10MB (Ethernet), capture size 1500 bytes


Stop Capture

When you're ready, stop the capture by pressing control-C on the shell that was running tcpdump command
You will see something like this:

364 packets captured
590 packets received by filter
0 packets dropped by kernel
  • Access the telecom baseboard from the Tmedia using telnet.
telnet 172.31.1.1
  • Stop the capture
mv88eMonitor 0 0 0

Download Capture

To download the voip_capture.cap file, use SSH secure copy ("sftp") to the Tmedia management port. This can be done on Windows using tools like Filezilla or WinSCP.
The file will be located in

/root

References

Personal tools