1. Portal Home
  2. Knowledgebase
  3. PBX F.A.Q
  4. Troubleshooting SIP using TCPdump

Troubleshooting SIP using TCPdump

TCPdump is a powerful tool for analyzing network traffic going to and from your server.  With the proper filter settings it is possible to isolate SIP and RTP packets.

First install tcpdump if not already
yum install tcpdump
Here are some practical examples of commands we use.
#VIEW ALL SIP TRAFFIC IN REAL TIME
tcpdump -nqt -s 0 -A port 5060
#LOOKING FOR A STRING
tcpdump -nqt -s 0 -A port 5060 | grep "User-Agent:"
#BY IP AND PORT
tcpdump -nqt -s 0 -A host xx.xx.xx.xx and port 5060
#WATCH SIP ACTIVITY IN REAL TIME FROM SRC IP DESTINATION PORT
tcpdump -nqt -s 0 -A "src host xx.xx.xx.xx and dst port 5060"
#VIEW ASTERISK RTP TRAFFIC (VOICE)
tcpdump -nqt portrange 10000-20000
#TO SAVE SIP ACTIVITY TO A FILE
tcpdump -n -s 0 port 5060 -vvv -w /tmp/capture_file_name
#TO SAVE SIP AND RTP ACTIVITY TO A FILE
tcpdump -n -s 0 port 5060 or udp portrange 10000-20000 -vvv -w /tmp/capture_file_name

Saved files can be opened and analyzed by a free network analyzer called wireshark.
https://www.wireshark.org

  • tcpdump, troubleshoot, sip

Related Articles

I have a bunch of anonymous call attempts showing up in my call logs

I have a bunch of calls that look like this. 2011-11-18 00:27:10SIP/xx.xx...unknown"unknown"...

Do I need to do anything on the server/linux side of things?

You should not have to do anything on the server/linux side unless you want to tweak things or...

How hard is it to upgrade my server?

Upgrading resources such as memory, processing, hard drive space is instantaneous and does not...

Do you automatically upgrade our software when a newer version comes out?

Software upgrades are not automatic because they usually require service interruption.  We can...

Do you provided automatic backups.

Our premium plan includes automatic online backups.  All other plans can be backed up manually...