[VoiceOps] Network Taps

Calvin Ellison calvin.ellison at voxox.com
Wed Aug 26 18:20:24 EDT 2020


If your network will support it, you can port mirror all your VoIP traffic
to a single VoIPmonitor sniffer. That sniffer can do the per-IP filtering.
This is now we are capturing the boxes where we cannot install the voipmon
sniffer locally. VoIPmonitor will also support IPIP encapsulation in case
your systems have a built-in tap feature, i.e. Sansay SBCs.

For the port mirror solution, do not put the list of IPs to capture in the
"filter" option or you will quickly have performance issues. VoIPmonitor
has provided a new configuration option for this, "interface_ip_filter". To
make managing groups of IP addresses easier, you can drop files
in /etc/voipmonitor/conf.d/. Each file can have one or more
"interface_ip_filter = 1.2.3.4" lines, and the service must be restarted
each time a file is added/removed/changed. I don't know if any of this has
made it to their documentation yet.

Regards,

*Calvin Ellison*
Senior Voice Operations Engineer
calvin.ellison at voxox.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/voiceops/attachments/20200826/6c8ab4e0/attachment.htm>


More information about the VoiceOps mailing list