Help with MBG SIP traces – Wireshark display filters

I dont’t know why i didnt research this before but you can look for calls by the CLI using the wireshark display filters

  • show SIP packets to/from this number: sip contains 01684595000
  • show SIP packets to this number: sip.To contains 01684595000
  • show SIP packets from this number: sip.From contains 01684595000

So instead of serching through an endless list of calls for the one you are looking for

Continue reading

FIX: Trunk to Trunk calls fail on Talk Talk SIP Trunks error 630

Bouncing a call back off the Mitel fails.

The SIP trace shows you an error code of 630 Denied. Continue reading

How do i trouble shoot SIP trunks on Mitel Border Gateway (MBG)?

  1. Type this in on putty root logon
  2. tcpdump -s0 -i eth0 -w testsip.pcap  .Useful examples
  3. eth0 is the NIC, if you have two NIC’s in your MBG then you may want to use eth1
  4. Start it running before making test call and stop it running after with “Control C”
  5. then sftp it with winsftp and open testsip.pcap in wireshark   (my mirror –winscp517setup)
  6. Also on MCD 5.0 and above you can now do “Sip TCPDump on/off” in the maintanence commands
  7. This creates a file in the “vmail” directory on the mitel
  8. Ftp to the mitel which will put you in the “sysro” directory.
    You need to go one directory up to get the the vmail directory
  9. Same logon to FTP as phone system

Note Gamma Tech Support number = 0808 178 8000 option 1, 1, 2

 

Update June 2021

The newer veisons of MBG have a useful feature that splits the wireshark capture in to managable file sizes

Here is an example of how to do the same via TCPDUMP on the older version of MBG that dont have this feature

I had a customer where they had 1000’s of phones connecting to 2 x MIVB with 2 x MBG SBC’s accross 10’s of sites

When they had a speech quality issue and i needed to prove the speech was poor before it got the MBGSBC i started a wireshark capture.

Of course the file got far to be far to quickly.

To try and remendy this i needed to filter the capture to only collect the packets going to the particular phone subnets

As well as the packets going ot he phone system so i could capture the signalling

tcpdump -n \(net 10.1.2.0/24 or net 10.1.36.0/24 or net 172.20.26.211\) -C 500 -W 20 -w sbc1.pcap -Z root

-n = do not look up DNS for the IP’s

net 10.1.2.0/24 = include all packets coming from and to that subnet

net 10.1.36.0/24 = include all packets coming from and to that subnet

net 172.20.26.211 = include all packets going to and from the phone system

-C 500 = file size limit

-W 20 = number of files to create before rolling over (Note the upper case)

-w sbc1.pcap = file name to write too (once the first file has reached 500mb the next file is created with a 01 appended)

-Z root = file permission ( you will get permission denied with out this)

This should collect all the RTP going through the MBGSBC as well as the SIP signalling to and from the MIVB

so you can still use wireshark to inspect and filter the captured file like i explained in these posts 1 2 3

Source web pages 1 2 3