2013
06.11

Wireshark

We had an interesting issue this week with video conferencing where ~20min into a VC call we would lose audio into one of our offices. Audio from this office would still be sent to all other offices and could be heard by everyone else in other offices on the call, but we just couldn’t hear them. Then 5-10min later incoming video would then freeze on our screen however to all other offices dialled into the call our video feed would still continue to be received smoothly. After a few calls with different service providers and confirming firewall config was correct and then removing our firewall config completely for testing purposes, we were still experiencing the issues and were no closer to an answer, it was finally time to break out wireshark for some packet capturing/debugging, if anything to prove that everything was working properly as expected on the network layer.

Below is the config needed to setup port mirroring on the switch stack:
monitor session 1 source interface Gigabitethernet 1/0/10
monitor session 1 destination interface GigabitEthernet 1/0/35
show monitor session 1

And how to install wireshark and run as a regular user on ubuntu:
sudo apt-get install wireshark
sudo groupadd wireshark
sudo usermod -a -G wireshark <USER>
sudo chgrp wireshark /usr/bin/dumpcap
sudo chmod 750 /usr/bin/dumpcap
sudo setcap cap_net_raw,cap_net_admin=eip /usr/bin/dumpcap
sudo getcap /usr/bin/dumpcap
sudo chmod +x /usr/bin/dumpcap

Log out and back into unity and you should be good to start packet capturing.

1 comment so far

Add Your Comment
  1. Super Duper Cool Site Man!!!