January 12, 2016 at 13:28Asterisk: ngrep, sipgrep, sngrep, protocol diagram
This is a small note about a couple of utilities that I use from time to time to work with an asterisk (for debugging telephony and viewing SIP packets). Many colleagues are not aware of simpler utilities that could save a minute or two of work time.
Next, we will talk about ngrep, sipgrep, sngrep, js-sequence-diagrams
Sometimes you need to quickly analyze: what is going on in the REGISTER package? Or INVITE left, but was there an answer?
The well-known wireshark and tcpdump programs remove dumps in which you can find information about all the packages that passed on the desired interface on the network, as well as analyze these packages and find sessions.
But tcpdump is too low-level, and wireshark is cumbersome, often all its functionality is not required. Therefore, you can use ngrep, sipgrep or sngrep, and solve the problem without using heavy artillery.
ngrep
Often this utility is already on the system, but if not, it is easily installed from the packages of your distribution. Allows you to see in real time where you are going on traffic.
You can filter SIP packets as follows:
And so it is possible to filter packets where there is the word REGISTER (i.e., REGISTER packets and answers to them will also get here)
Since ngrep is more about the network than about SIP, there are still other application examples .
sipgrep
Similar to ngrep, it only allows you to watch SIP protocol traffic: for example, there are options for searching in certain fields of the package - To, From, Contact, there is highlighting of some values.
Show all SIP traffic:
Show traffic To: 101 with session report:
More information about installation and use on the project page .
sngrep
Thanks, Emily_Rose . Perhaps the most advanced utility. You can observe in real time what is happening with the SIP dialogs on your SIP server.
Just install it and run it.
Sngrep project page
Of course, communication problems are not always limited to problems with SIP signaling. If there are problems with RTP, packet loss, gurgling voices, then it is already worth using more powerful tools (the Kamailio project has a page dedicated to SIP and RTP analysis tools ).
Sometimes it is necessary not to analyze existing packages, but to draw a protocol diagram to show where how which packet goes, such as this:
For this, it is convenient to use the js-sequence-diagrams page , the diagram is written in words, and then converted into a clear picture, it can be attached to -tracker for the task or add to the documentation.
I hope that this information is also useful to someone in their work.
What utilities do you use?
Next, we will talk about ngrep, sipgrep, sngrep, js-sequence-diagrams
Sip
Sometimes you need to quickly analyze: what is going on in the REGISTER package? Or INVITE left, but was there an answer?
The well-known wireshark and tcpdump programs remove dumps in which you can find information about all the packages that passed on the desired interface on the network, as well as analyze these packages and find sessions.
But tcpdump is too low-level, and wireshark is cumbersome, often all its functionality is not required. Therefore, you can use ngrep, sipgrep or sngrep, and solve the problem without using heavy artillery.
ngrep
Often this utility is already on the system, but if not, it is easily installed from the packages of your distribution. Allows you to see in real time where you are going on traffic.
You can filter SIP packets as follows:
ngrep -q -d any -p -W byline '' 'port 5060'
And so it is possible to filter packets where there is the word REGISTER (i.e., REGISTER packets and answers to them will also get here)
ngrep -q -d any -p -W byline 'REGISTER'
Since ngrep is more about the network than about SIP, there are still other application examples .
sipgrep
Similar to ngrep, it only allows you to watch SIP protocol traffic: for example, there are options for searching in certain fields of the package - To, From, Contact, there is highlighting of some values.
Show all SIP traffic:
sipgrep -d any
Show traffic To: 101 with session report:
sipgrep -d any -t 101 -G
More information about installation and use on the project page .
sngrep
Thanks, Emily_Rose . Perhaps the most advanced utility. You can observe in real time what is happening with the SIP dialogs on your SIP server.
Just install it and run it.
Sngrep project page
Of course, communication problems are not always limited to problems with SIP signaling. If there are problems with RTP, packet loss, gurgling voices, then it is already worth using more powerful tools (the Kamailio project has a page dedicated to SIP and RTP analysis tools ).
Protocol diagram
Sometimes it is necessary not to analyze existing packages, but to draw a protocol diagram to show where how which packet goes, such as this:
For this, it is convenient to use the js-sequence-diagrams page , the diagram is written in words, and then converted into a clear picture, it can be attached to -tracker for the task or add to the documentation.
I hope that this information is also useful to someone in their work.
What utilities do you use?