Žilinská univerzita > Fakulta riadenia a informatiky > Katedra informačných sietí

Q-in-Q (VLAN Stacking) packet capture

The capture is showing the q-in-q tagging where VLAN ID 600 is the customer VLAN and VLAN ID 101 is the metro tag (Service provider tag). Tha capture consist of ICMP pings among two customer IP hosts (vlan 600) with IP addresses, and, carried over ISP MAN network (service ID 101).

Number of packets: 11

We should apply the Wireshark filter

vlan.id == SERVICE_PROVIDER_ID && vlan.id == CUSTOMR_ID

with appropriate VLAN tags, in the example

Remove Yahoo Search! from Firefox

One of firefox features is that when typing a partial URL into the URL field (URL or location bar), Firefox will automatically contact Google's search engine to find and provide search answers. This work fine till one of your computer users download the Yahoo search add-ons, which makes Yahoo Search! default Firefox search without being aware or alerted about that. So if we have the Yahoo add-on and we will type a key word (or partial Web address), we will not go straight to the Google search but instead we will see Yahoo Search results.

STP - Loop itself with BPDUfilter

We investigate a special topology condition, where a switch is connected itself on ports Faa0/1 and Fa0/2, and one of the port has BPDUFilter feature applied (i.e. simulating STP is switched off). Both ports are in the same vlan (vlan 1 here). The question is: Is there a topology loop?

Initial state

We check first interfaces status, where we should see that both ports are connected and operational

Parsing OSPF packets using tcpdump

Sometimes we need to capture and parse OSPF packets for next analysis and we have a comand line only, in my case on linux server with dynamips. We should use tcpdump tool for this purpose, of course, several ways are available.

Capturing OSPF packets on the fly

tcpdump -i eth0 ip[9] == 89

where OSPF ip protocol number is 89, and the protocol field is the 9th octet on the ip header.

Another way is:

tcpdump -i eth0 proto ospf

Writing captured packets to a file

Kamailio configuration to provide load balancing and failover for media services

In many setups Kamailio is used as a PROXY server that takes care of routing calls to servers providing voice services, e.g. voicemail, IVR or conference calls.

There are a few things an administrator must keep in mind.

Kamailio Call establishment permission rules

This article talks about deploying permission control mechanism for call establishment in Kamailio SIP Proxy.

In many VoIP solutions, it is crutial to deploy numbering scheme and write down rules where users are/aren't allowed to call.
On top of that, a company can allow the people to call outside, for example to PSTN. The rules can change over time as well as the numbering scheme itself.

Router IP Traffic Export - the router packet capture capabilities


Cisco switches provides SPAN and RSPAN feature which is suitable for monitoring and capturing packets flowing through switch ports or VLANs. But this feature is not provided on Cisco routers, therefore if you look for it there is not result.

SIPp benchmarking

Testing SIP server (Proxy, Registrar, B2BUA...) using SIPp. We use a remote connection (ssh) to connect to the client UAC from our server. All ssh connections could be without password in authentification. UAC generates calls. The Other side UAS is always running and respond. The reason why we run the script from the server is monitoring its performance via SAR. All testing is automated by cycle in script.

Packages & Libraries


 SAR (System activity reporter)

     apt-get install sysstat

Installing SIPp 3.2 on Debian Squeeze 6.0.5 32 bit

SIPp version 3.2 hasn't precompiled binary packages. There are some instructions provided at the sipp home page, however small comment about limits.h is missing and therefore the compilation will not be succesfull. Here we provide instructions how to compile Sipp with SSL, pcap play and distributed pauses features enabled.

Install prerequisities

Three pre-requisites are necessary to compile SIPp:

Enabling SCTP support in Kamailio 3.3.x - debian squeeze

Preprepared binary package of the Kamailio server hasn't enabled the SCTP support. You may check this on your running platform both ways:

First running kamailio command with -V options and checking the output for the sctp flag:

kamailio -V


kamailio -V | grep SCTP

and if nothing to see, there is no SCTP support enabled.

Second, using sercmd tool, but we have to load and enable ctl module in our kamailio.cfg. Then run

Syndicate content