![]() ![]() using directly the proxy server: this second solution is about capturing traffic on the unix server hosting the proxy.The port we will copy is where the SIP proxy is connected, but we can also copy an IP phone port if we know more precisely what to look for. If the voice traffic is separated from the data traffic onto a specific VLAN, it is sometimes possible to copy all traffic going through the VLAN towards the copy port. The feature is sometime called port mirroring or SPAN port but the way it works is the same: we configure the switch to copy all frames transferred by a specific port to another dedicated port to which the analyzer is connected. This feature is generally available on advanced enterprise products, some low end devices don't support it. using a mirror port on a switch: this solution requires the use of network switches with a port mirroring feature.With the chosen tool, two approaches are proposed: In order to collect voice frames we can either use Wireshark directly or use the application tcpdump, available on most Unixes and working directly from the command line. Since the SIP protocol is really distributed by nature, gathering voice traffic is a challenge, but there are solutions. More important is where to locate the probe in order to gather the appropriate frames containing voice related protocols. Analysis could be done either in real time when Wireshark is running on the probe itself, or it is also possible to capture the frames, store these in a file, and perform the analysis afterwards. Prior to analyzing the network frames traversing the network, it is required to capture them. This article focuses on SIP and RTP protocols which represent most of today's Voice over IP implementations. Even if you will find on some commercial products very powerful features, Wireshark has some good plug-ins targeting the VoIP space (as well as many others). It is simple, efficient, and runs either on Microsoft Windows or Linux. Wireshark (formerly Ethereal) is THE tool to have in your toolbox whenever working with applications that use the network. This article presents some interesting Wireshark features related to Voice over IP protocols. When working in the IP telephony world it is crucial to know how to use a network analyzer, in order to understand how the traffic is propagating over the network.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |