VoIP Ethernet Capture

From TBwiki
Revision as of 14:47, 11 April 2013 by Abrassard (Talk | contribs)
Jump to: navigation, search

The Tmedia product can configure one of its VoIP Ethernet ports to do Port Mirroring. This is useful when investigating RTP, Codecs or IP Tones issues.



Contents

Capturing using the TMG800's internal host

The TMG800's internal host can be used for capturing packets that are mirrored from the VOIP0 and/or VOIP1 physical ports.

Physical Setup

No specific physical setup is required

Preparing Tmedia for Capture (enable ports mirroring)

  • Access the Tmedia unit using SSH.
  • Access the telecom baseboard from the Tmedia using telnet.
telnet 172.31.1.1

TMG800

Do one of the following command to capture packets according to your setup, to mirror packets toward the linux host CPU, for a configurable duration (in the following example the duration is 600 seconds, thus 10 minutes):

  • For capturing all Ethernet packets from VOIP0
mv88eMonitor 0x1 0x1 2 600
  • For capturing all Ethernet packets from VOIP1
mv88eMonitor 0x2 0x2 2 600
  • For capturing all Ethernet packets from VOIP0 and VOIP1
mv88eMonitor 0x3 0x3 2 600

TMG3200

Do one of the following command to capture packets according to your setup, to mirror packets toward the linux host CPU, for a configurable duration (in the following example the duration is 600 seconds, thus 10 minutes):

  • For capturing all Ethernet packets from VOIP0
mv88eMonitor 0x4 0x4 8 600
  • For capturing all Ethernet packets from VOIP1
mv88eMonitor 0x8 0x8 8 600
  • For capturing all Ethernet packets from VOIP0 and VOIP1
mv88eMonitor 0xC 0xC 8 600

Start the Capture

  • Exit the telecom baseboard's shell (type "exit")
  • Use the "tcpdump" tool on linux to capture mirrored packets (received on the "mgmt0" interface):

TMG800

tcpdump -i mgmt0 -s 1500 -w capture_file.cap

Note: The interface name "mgmt0" could be different on older TMG800. Use "ifconfig" command to find which interface has the IP address 172.31.1.2

TMG3200

tcpdump -i int0 -s 1500 -w capture_file.cap

Note: The interface name "int0" could be different on older TMG3200. Use "ifconfig" command to find which interface has the IP address 172.31.1.2

Stop the Capture

When you're ready, stop the capture by

  • pressing control-C on the shell that was running tcpdump command
  • Access the telecom baseboard from the Tmedia using telnet.
telnet 172.31.1.1
  • Stop the capture
mv88eMonitor 0 0 1

Download the Capture

To download the capture, use SSH secure copy ("sftp") to the Tmedia management port. This can be done on Windows using tools like Filezilla.

Capturing from an external host (laptop)

Warning: When configuring a port as a mirror, it is important to connect that Ethernet port directly to a host (like a laptop). Otherwise, it will create problem with to the Ethernet switch

Physical Setup

To do a VoIP capture it is required to:

  • Connect one of the VoIP Ethernet port to a laptop with Wireshark installed and 1Gbs Network card.

Once the physical setup is ready. It is possible to start capturing all packets received and sent from VOIP0 or VOIP1 using the other interface (VOIP1 or VOIP0).

Preparing Tmedia for Capture

  • Access the Tmedia unit using SSH.
  • Access the telecom baseboard from the Tmedia using telnet.
telnet 172.31.1.1
  • Start Wireshark to capture the Ethernet packets with the connected laptop.
  • Do one of the following command to capture packets according to your setup.

TMG800

For capturing all Ethernet packets that goes through VoIP0 with VoIP1, for a configurable duration (in the following example the duration is 600 seconds, thus 10 minutes)

mv88eMonitor 0x1 0x1 1 600

For capturing all Ethernet packets that goes through VoIP1 with VoIP0, for a configurable duration (in the following example the duration is 600 seconds, thus 10 minutes)

mv88eMonitor 0x2 0x2 0 600


TMG3200

For capturing all Ethernet packets that goes through VoIP0 with VoIP1, for a configurable duration (in the following example the duration is 600 seconds, thus 10 minutes)

mv88eMonitor 0x4 0x4 3 600

For capturing all Ethernet packets that goes through VoIP1 with VoIP0, for a configurable duration (in the following example the duration is 600 seconds, thus 10 minutes)

mv88eMonitor 0x8 0x8 2 600

Stop the Capture

mv88eMonitor 0 0 0

TMG7800

Physical Setup

To do a VoIP capture it is required to:

  • Connect one of the VoIP Ethernet port to a laptop with Wireshark installed and 1Gbs Network card.

Once the physical setup is ready. It is possible to start capturing the RTP.

Preparing Tmedia for Capture

telnet [eth0 IP address of the telecom unit]
  • Start Wireshark to capture the Ethernet packets with the connected laptop.
  • Do one of the following command to capture packets according to your setup.

Start the Capture

For capturing all Ethernet packets that goes through VoIP0 with VoIP1

mv88eMonitor 0x4 0x4 3

For capturing all Ethernet packets that goes through VoIP1 with VoIP0

mv88eMonitor 0x8 0x8 2

Stop the Capture

mv88eMonitor 0 0 3
Personal tools