On opening you will be presented with the screen above. You now need to Choose the Interface that you wish to use to capture packets on.
Debugging SIP VoIP calls with Ethereal
Part 1 Setting it up and basic calls
Problems with VoIP calls can be difficult to debug. Many Soft phones and Hard phones have little or No debug information.
Ethereal can be a very useful tool to aid in debugging problems. The Following is taken from the website which goes someway to explain what it is
“Ethereal® is used by network professionals around the world for troubleshooting, analysis, software and protocol development, and education. It has all of the standard features you would expect in a protocol analyzer, and several features not seen in any other product. Its open source license allows talented experts in the networking community to add enhancements. It runs on all popular computing platforms, including Unix, Linux, and Windows. “
Ok so what are we going to do with it. Firstly if you haven't yet we need to download and install it. We haven't time to cover the process in detail here but full details are at the main ethereal website.
Once Installed we are ready to go.
On
opening you will be presented with the screen above. You now need to
Choose the Interface that you wish to use to capture packets on.
By clicking the far left Icon of a network card you will open a list of interfaces that are available
Now click on prepare
For what we are going to be doing here we can leave the setting pretty much as default. Except the “Promiscuous mode” setting which for wireless interfaces needs to be disabled in many cases.
Now click start
You will now get a window as above displaying the number and type of packets captured.
Now we need to get some data to look at.
At this stage we fire up our favourite softphone (I say this because it is easier to sniff the packets from a softphone on the Same PC.
Make a few calls and then click on Stop.
As you can see from above we have lots of data to look at. At this stage and in this screen all we need to know is that we have a list of packets with their source and destination address, Protocol and what is contained in the packet.
This is great but its still not that easy to decipher what is going on.
Ok Ethereal still has a couple of tricks up its sleeve.
On the menu there is an option called statistics. In this menu there are two options that are of great help.
The first is called “Sip” on clicking this you will get a small window as below
Click on Create stat and the following window will open
As you can see it displays the various packet types in the trace. This is useful but still not that helpful
So Close these down and click on VoIP calls in the Statistics menu.
What we now get is a list of the SIP calls that have been recognised.
Highlight the required call then click graph. And you will get a well laid out SIP call flow chart
Above is a successful call to voicemail
And here we have a call to an unobtainable number.
Details of what the messages mean can be found here
The above shows attempts to register with an incorrect password.
The next section to follow will cover more in depth debugging