Remote Port Mirroring for Passive VoIP Call Recordings

-

We need to capture VoIP traffic - including both inbound and outbound RTP streams - from dedicated IP phones for delivery to the Call Recording server. These IP phones are distributed across various remote switches within the Layer 2 Ethernet network. By configuring RSPAN (Remote Switched Port Analyzer), we can mirror the VoIP traffic from these remote switches to a destination switch that is directly connected to the Call Recorder.

 Network diagram:

RSPAN configuration

We are using Edge-Core ECS4100 series switches, which feature a Cisco-like command-line interface (CLI).

Source switch 1

Create VLAN 100 for RSPAN traffic:

vlan database
 VLAN 1 name DefaultVlan media ethernet
 VLAN 100 media ethernet rspan

Create RSPAN session 1 with Source and Remote ports:

rspan session 1 source interface ethernet 1/2 both
rspan session 1 remote vlan 100 source uplink ethernet 1/25

Both transmit (TX) and receive (RX) traffic on port 2 will be mirrored to uplink port 25 via VLAN 100.

Show RSPAN configuration: 

sw-1#sh rspan session 1
RSPAN Session ID                : 1
Source Ports (mirrored ports)
  RX Only                       : None
  TX Only                       : None
  BOTH                          : Eth 1/2
Destination Port (monitor port) : None
Destination Tagged Mode         : None
Switch Role                     : Source
RSPAN VLAN                      : 100
RSPAN Uplink Ports              : Eth 1/25
Operation Status                : Up

Source switch 2

The same configuration on the second Source switch for port 3 and uplink port 26:

rspan session 1 source interface ethernet 1/3 both
rspan session 1 remote vlan 100 source uplink ethernet 1/26

Intermediate switch

Configure RSPAN session 1 on the intermediate switch with VLAN 100, specifying all uplink ports.

rspan session 1 remote vlan 100 intermediate uplink ethernet 1/25,26,28

Show RSPAN configuration: 

sw-3#sh rspan session 1
RSPAN Session ID                : 1
Source Ports (mirrored ports)   : None
  RX Only                       : None
  TX Only                       : None
  BOTH                          : None
Destination Port (monitor port) : None
Destination Tagged Mode         : None
Switch Role                     : Intermediate
RSPAN VLAN                      : 100
RSPAN Uplink Ports              : Eth 1/25, 1/26, 1/28
Operation Status                : Up 

Unfortunately, we cannot configure source ports for mirroring on the switch serving the intermediate role. A single port cannot be used as an uplink in multiple RSPAN sessions. Therefore, all IP phones intended for remote port mirroring must be connected to switches designated with the source role. 

Destination switch

rspan session 1 destination interface ethernet 1/1
rspan session 1 remote vlan 100 destination uplink ethernet 1/22  

We can now remotely capture all traffic from the IP phones connected to the source ports on Switches 1 and 2. This mirrored traffic is delivered to the destination switch, enabling the recording of VoIP calls.

Comments

Post a Comment

Popular posts from this blog

MX-ONE short installation and maintenance guide (Russian)

-
Image
Краткая инструкция по установке и настройке УПАТС MX–ONE Версия 5.0 / 6.x Настоящая инструкция является кратким руководством по MX-ONE, за полным руководством следует обращаться к комплекту документации CPI. Описание компонентов системы и последние версии прошивок (firmware) для терминалов можно скачать с официального сайта Mitel . Для установки и настройки MX-ONE требуются базовые знания администрирования Linux, принципов IP–телефонии и прохождение учебных курсов Mitel MX–ONE. Дистрибутивы ПО MX–ONE доступны для скачивания прямым партнерам Mitel прошедшим соответствующую аттестацию. Содержание 1. Вводная часть . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 1.1. Новые названия при переходе с версии 5.0 на версию 6.0 . . . . . . . . . . . . . 5 1.2. Инсталляция MX–ONE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 1.2.1. Установка на виртуальную машину из образа ISO . . . . . . . . . . . . 6 1.2.2. Файловая структура MX–ONE TSE ....
Read more

Matrix server with self build Element-Web

-
Image
This instruction describes how to run Matrix server with custom Element-Web client. Matrix  - Matrix is an open standard for interoperable, decentralized, real-time communication over IP. Element-Web  - A glossy Matrix collaboration client for the web. TL;DR On  repo  development server Clone Element-web source code: userrepo@repo :~$ git clone https://github.com/vector-im/element-web.git Change the code. Build new docker image (tag 0.1): userrepo@repo :~/element-web$ docker build -t repo:5000/myelement:0.1 . Upload created image to local registry: userrepo@repo :~$ docker push repo:5000/myelement:0.1 On  matrix  test server Execute ansible script for automatic build and deploy: root@matrix :~# ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start Prepare local docker registry and git server Configure local registry server OS name: userrepo@repo :~$ uname -a Linux repo 5.10.0-10-amd64 #1 SMP Debian 5.10.84-1 (2021-12-08) x86_64 GNU/Linux Co...
Read more

Mitel SIP-phone XML API configuration server on Python/Flask and registration on Asterisk PBX

-
Image
  Agenda: Configuration server SIP-phones XML configuration Flask XML server Asterisk SIP extensions configuration 0. Configuration server Setting up configuration server for SIP-phones was described on previous post:  Configuration server We will use the following configuration file  startup.cfg : # Configuration server download protocol:HTTP http server:192.168.5.22 #can be IP or FQDN http path:aastra68xxi http port:8888 firmware server: "http://192.168.5.22:8888/firmware" # SIP server sip transport protocol:1 #UDP(1),TCP(2),TLS(4) sip srtp mode:0 #0(SRTP disabled),1(SRTP preferred),2(SRTP only) sip line1 user name: EmergencyCallsOnly sip proxy ip: 192.168.5.22 sip proxy port: 5060 sip registrar ip: 192.168.5.22 sip registrar port: 5060 # XML server xml application uri: "http://192.168.5.22:8888" # Time settings time server disabled:0 #server enabled(0), server disabled(1) time server1: de.pool.ntp.org time zone name: Custom #Required setting if ...
Read more