Professional Documents
Culture Documents
Lync Recording
How to validate port mirror for recording Lync calls
Table of Contents
Purpose ..................................................................................................................................................... 3
Audience ................................................................................................................................................... 3
Prerequisites ............................................................................................................................................. 3
Introduction: SmartTAP recording concepts ............................................................................................ 4
SmartTAP processing of Lync Signaling ................................................................................................. 4
SmartTAP processing of Media ............................................................................................................ 5
Procedure.................................................................................................................................................. 6
Setup Lync Logging ................................................................................................................................ 6
Setup Sniffer.......................................................................................................................................... 6
Capture a test call ................................................................................................................................. 7
Analysis ..................................................................................................................................................... 7
Locate test call in Lync log .................................................................................................................... 7
Compare Call Information with sniffer trace ........................................................................................ 8
Determine whether SmartTAP will record this call .................................................................................. 8
How to validate port mirror for Lync calls
Purpose
This document provides a procedure to verify that a proposed or existing SPAN/RSPAN/Mirrored port
location (also referred to as the tapping location) meets the SmartTAP recording requirements for Lync.
Audience
This document is intended for the IT personnel responsible for the Lync infrastructure and the
Networking personnel responsible for the network.
The document is not intended as a tutorial. There is the expectation that the personnel involved in this
activity will be able to examine a basic SIP call flow, to configure SPAN/RSPAN Mirroring on the
switches/routers, and to administer the Lync servers.
Prerequisites
The following tools and Administrative privileges are required in order to perform the procedure in this
document.
The Lync Plug-in resides on the Front End Server(s) and provides the call details to the SmartTAP
recorder that, in turn, records the MEDIA for the call through the recording NIC interface.
Figure-1
AudioCodes
Software plug-in
Front SmartTAP
Whether the SmartTAP Lync plug-in is installed, the Lync Administrator has access to logging facilities
that allow the ability to log SIP signaling and to save it in a text file. This log file contains the Lync call
information and the MEDIA information that correlates with the call information the plug-in sends to
the SmartTAP recorder.
Figure-2
Procedure
This procedure is a step by step sequence of instructions guiding the user from setup of Lync and
network environment, gathering of data, and finally to the analysis of the data collected.
Figure-3
Setup Sniffer
• Log into the test PC (or SmartTAP Server)
• Start the sniffer software (Wireshark)
• Select the recording NIC interface to monitor
Analysis
To verify the MEDIA for the test call is present on the sniffer log we must first find the signaling for the
test call in the Lync log. Once we have found the test call signaling, we must extract the MEDIA
information for the call and then examine the sniffer log and see if in fact there was traffic present on
that IP and PORT.
TL_INFO(TF_PROTOCOL) [0]08B8.11C4::12/13/2011-22:14:16.164.0000bab2
(SIPStack,SIPAdminLog::TraceProtocolRecord:SIPAdminLog.cpp(125))$$begin_record
Trace-Correlation-Id: 1066643171
Instance-Id: 000010F8
Direction: outgoing
Peer: 10.133.11.71:1081
Message-Type: request
Start-Line: INVITE sip:10.133.11.71:1081;transport=tls;ms-opaque=f265f30ed4;ms-received-cid=FB00;grid SIP/2.0
From: <sip:ocs_client3@planolab.audiocodes.com>;tag=79882da9cf;epid=518fe1de1d
To: <sip:ocs_client2@planolab.audiocodes.com>;epid=ad43a533af;tag=e63e42b63f
CSeq: 3 INVITE
Call-ID: 3c5eed8dfdc748729bd72ad2c64bf510
… (removed text here)
o=- 0 0 IN IP4 10.133.11.73
s=session
c=IN IP4 10.133.11.73
b=CT:99980
t=0 0
m=audio 1462 RTP/SAVP 114 9 112 111 0 8 116 115 4 97 13 118 101
a=ice-ufrag:E385
a=ice-pwd:x7t5IzxDgQExybbhBdRG1H0F
a=candidate:1 1 UDP 2130706431 10.133.11.73 1462 typ host
a=candidate:1 2 UDP 2130705918 10.133.11.73 1463 typ host
a=crypto:2 AES_CM_128_HMAC_SHA1_80 inline:94jUIdYJL2x94mTvmABNbD1cjkxywrN77mP4JQ1T|2^31|1:1
a=remote-candidates:1 10.133.11.71 26064 2 10.133.11.71 26065
… (removed text here)
Legal Notice
No part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form or
by any means, electronic, mechanical, photocopying, recording, or otherwise, without the prior written
consent of AudioCodes USA, Inc.
Copyright © 2000 - 2010 AudioCodes USA, Inc. All rights reserved.
AudioCodes and the AudioCodes logo are trademarks or registered trademarks of AudioCodes, Inc.
Microsoft Windows is a registered trademark of Microsoft Corporation.
All other trademarks or registered trademarks are the property of their respective companies.
AudioCodes reserves the right to make changes to its products and specifications at any time in order
to improve on performance, manufacturing, or reliability. Information furnished by AudioCodes is
believed to be accurate. AudioCodes assumes no responsibility neither for the use of said information,
or for any infringement of patents or of other third party rights that may result from said use. No license
is granted by implication or otherwise under any patent or patent rights of any AudioCodes, Inc.