{{tag>Troubleshooting}}
====== Linux and Windows Command Line Tools for Troubleshooting ======
See [[troubleshooting:sip_traces|SIP traces]] for information on how to obtain PCAP SIP traces on Linux-based phone systems. Most Asterisk and FreeSWITCH systems run on Linux.

See [[nat_and_firewall_settings|NAT and firewall settings]] for guidance on what ports are required to be open on your firewall. Static NAT entries (port forwarding) is only required if you run your own phone system on your network.

====== Testing Network Connectivity ======
==== ICMP (Ping) ====
  ping TARGET.IP
Ctrl+C to stop

Checks host is up and reachable. Note that some servers may be configured to ignore ICMP Echo requests (pings).

Also useful for determining latency. Should be under 150ms

==== Traceroute ====

  traceroute www.surevoip.co.uk

Checks route taken to the SureVoIP website. Useful for identifying which gateways the data takes to reach the target.

Send the output of this to SureVoIP Support if requested.

==== MTR ====

<code>
mtr www.surevoip.co.uk
</code>

MTR is a combination of traceroute and ping. You can press P to pause the test to enable you to copy and paste the output.

For Windows you will need to download [[http://winmtr.net/|WinMTR]]

For Linux you may need to install the MTR package (//apt-get install mtr// or //yum install mtr//)


====== Analysing Traffic ======
Sometimes it may be necessary to analyse SIP or other network data.

See [[troubleshooting:sip_traces|SIP traces]] support guide for further guidance.

Ensure //ngrep// is installed on the server. Also install //Wireshark// on your desktop.

For all traffic on the SERVER run:
  tcpdump -i eth0 -s 1500 -w trafficCapture.pcap

Leave for 5 to 10 minutes, or make a test call. Then press Ctrl+C to stop capture.

For pure SIP run:

  ### capture all SIP packets on 5060 on all interfaces
  ngrep -W byline -td any . port 5060

  ### capture all SIP packets containing 'username' on port 5060 on all interfaces
  ngrep -W byline -tqd any username port 5060


If Wireshark is on a different computer than the server, **tar -czf FILENAME.tgz FILENAME.cap** to compress it.

Transfer the file via rsync or scp or another method to the Wireshark computer (you may want to take md5sum or sha1sum).

  rsync -avh --progress FILENAME.tgz user@DESKTOP:~
  scp FILENAME.tgz user@DESKTOP:~

Note the above rsync/scp commands may not work as expected if you are behind a NAT.