In this video I show how you can easily pull a SIP capture by using a softphone and WireShark, a packet analyzer from your workstation. By learning how to pull SIP and RTP captures from your workstation is not only great for learning more about SIP and VoIP technologies, but excellent in troubleshooting network related VoIP issues.
I love to find out new and better ways of doing things, especially easy to learn hacks for the Cisco IOS. It’s the little tricks and hacks that give the edge to great technicians and engineers in their careers because it makes them more efficient and knowledgeable when it comes to getting the job done. One quick hack that I picked up lately is the ‘alias’ configuration command.
Continue Reading »
I love Wikipedia because its so full of information, that for the most part is very high profile and its search capabilities make find the information you are looking for easily retrievable. Wikipedia also provides links to other related subjects and external websites that provide more detail of the subject you are reading up on. Even my company keeps a loose wiki that is a quick and accessible source of important information to carry out our jobs, like important procedures and contact information for service providers and vendors. I think the key thing that I like about a wiki, is not only the ability to be a resource that is easily updated by anyone in a particular community, but the organization and ease of retrieving the information a person is looking for.
Since I’ve been studying for CCNP ROUTE exam, I’ve been using the remainder of a notebook that I was previously using for my CCNA. I use it to jot down notes from my CBT training and from what I read in my text books. I also used this paper note book to jot down small discoveries I made from doing labs and from quizzes that I’ve taken. None of these notes are organized in any particular order, rather it’s about 80 pages of random scribblings of my studies. Not only do I have notes but I also have tons of links to various websites that I found useful in my studies. The volume of bookmarks I have almost makes organizing my browsers bookmarks a chore. Actually I have imported my a majority of my bookmarks over to Delicious.com to utilize their tagging and search engine capabilities. It also makes my links available to me anywhere, especially if I’m on my Android phone or if I’m on a colleague’s workstation. As cool as Delicious.com is for organizing and storing copious amounts of bookmarks, it is not a repository for the personal notes and tips that I want keep tabs on.
5JVE5V7CS25H
A couple weeks ago I gave a brief synopsis of Session Initiation Protocol (SIP) and how a basic call is initiated. This article I would like to go in a little more detail about SIP, more specifically the message, also called a method, that starts it all – the INVITE.
First, let’s start with a quick refresher as to what SIP is and how it works. SIP is a signaling protocol that can be used by VoIP technologies to establish a session between an user agent client (UAC) and an User Agent Server (UAS). Similar to HTTP, SIP is also based on a request/response model. In other words, a SIP UAC sends some sort of request to the UAS, which requires the UAS to respond back to the UAC in turn. It is important to understand that an UAC and an UAS are just logical names. In fact an UAC can also be an UAS, it just depends if it is requesting or responding to a particular transaction. A transaction is the action of an UAC sending a request to the UAS or an UAS sending a response to a UAC.
The INIVITE of SIP signaling is one type of message that an UAC sends to an UAS, which requires the UAS to act upon it and respond back to the UAS. The INVITE method is probably the most important method in the SIP protocol, also know as IETF RFC 3261, as it is used by the UAC to initiate a dialog with a UAS. A dialog is a peer-to-peer relationship between an UAC and an UAS that lasts over a period of time is known as a session. A session can be made up of multiple dialogs between UAC, UAS, and stateful proxies.
OSPF is a standardized non-proprietary link state routing protocol that uses the Shortest Path First (SPF) algorithm also known as the Dijkstra algorithm to determine the best path to a particular subnet which gets added to the router’s routing table. One of the key differences between OSPF and distance vector routing protocols like RIP or EIGRP is that routers running OSPF are aware of the entire topology of the area which they’re in. OSPF routers create a topology database also known as a LSDB or a Link State Database. The LSDB includes:
Once the OSPF router has created the LSDB, it then analyzes the database and determines the cost of each route which then determines the best route using the SPF algorithm. The best routes then get put in the router’s routing table. However, keep in mind that OSPF has an administrative distance of 110 if you are using multiple routing protocols. If you happen to be using EIGRP (administrative distance of 90) or have a static route (administrative distance of 1 or 0) to a particular destination, the router will chose those routes over the OSPF route.
Last weekend a friend of mine asked me to come over and take a look at their family’s computer. I asked what was wrong with it and he told me everything was running way too slow on it. For example he said, “When I click the Internet Explorer icon it takes forever for it to start, and once I’m on the web it takes forever for each page to load.” I told him I’d come over a take a look and see what was wrong with it. Before leaving my house, I decided to throw a couple helpful apps on a thumb drive that I had laying around (Malwarebytes, SuperAntiSpyware, CCleaner, Avast!, etc.). I had a feeling the problem was just some malware junked up the system and a good cleaning would resolve the issue. It seems to me that almost every time that I sit down to fix a friend’s or family member’s computer, it’s because there are copious amounts of malware and viruses that suck up the resources on their computer.
I know have been writing a lot about EIGRP and Cisco stuff, but that’s because I’ve been studying like crazy for this upcoming CCNP Route test – which also explains why my blog posts have been so erratic. In this blog post I would like to step out of the Cisco world for a little a bit and venture into some Voice over IP stuff.
Today’s post is about a protocol that I use every day in VoIP which is Session Initiation Protocol, called SIP for short. SIP is a signaling protocol that is often used in VoIP sessions, although it is a versatile protocol that can be used for other applications between two or more points like instant messaging or video conferencing over IP. The great thing is about SIP is that it can be read in plain text, which means if you take a packet capture of SIP you can read the parameters of the protocol without having to decode/decrypt the packets content. This makes troubleshooting relatively easy.
Continue Reading »
I got my CloudShark t-shirt in the mail yesterday. Thanks so much Cloudshark!
For those of you wondering who is Cloudshark (http://www.cloudshark.org/) , well it is a site that lets you upload your .pcap captures to their website, which allows you to view your captures through your browser without using the Wireshark application – is this the way of the future?
What I like about CloudShark (and it’s not because they gave me a free t-shirt) is that you can us it to share a capture with others via the web. The site is great for NOC/support people that are trying to show their vendor who may not have Wireshark installed on their workstation to view the capture.
I definitely reccommend it to those who use Wireshark, especially those whom need to share captures with other co-workers and vendors on the daily basis.
In the course of my CCNP ROUTE studies the other day, I came across a nifty command that I was unaware of that helps the network engineer tweak the the EIRGRP Metric. The offset-list command adds a specific value that the network engineer may assign to the EIGRP metric. Having the ablility to fine tune the EIGRP metric as mulitple advantages, one of which is the ability to make a route that may not be a feasible successor (back up route) become one. Why is this important you ask? When an EIGRP router loses it’s successor route (main route) it can almost instantly instate the feasible successor rather than relying on DUAL (Diffussing Update Algorithm) to send a Query packet to find a new route. Convergence, the time it takes for the routers on the network to find all possible routes, takes longer when the EIGRP router uses DUAL and remember its all about keeping time of convergence low.
Today I will give a quick run through on how to add the offset-list command. This article already assumes that you know the basics of EIRGP functionality and configuration.
Continue Reading »
Authentication for EIGRP secures your Cisco router from malicious EIGRP packets from unauthorized EIGRP neighbors that may want to comprise the security of your EIGRP network. An unsecured EIGRP network can make it susceptible to DoS (denial of service) attacks, which can bring the network down and make it inaccessible. Configuring authentication for EIGRP is not difficult and is relatively easy to deploy.
![[Valid RSS]](valid-rss-rogers.png "Validate my RSS feed")