Here is the tshark capture:
tshark: Promiscuous mode not supported on the "any" device.
frame 2219 on eth1(LAN) 2220 on ppp0, 2221 on eth0 encapsulated in PPPoE
Capturing on Pseudo-device that captures on all interfaces
Frame 2219 (356 bytes on wire, 356 bytes captured)
Arrival Time: May 15, 2007 20:55:36.994382000
[Time delta from previous packet: 0.108268000 seconds]
[Time since reference or first frame: 26.910773000 seconds]
Frame Number: 2219
Packet Length: 356 bytes
Capture Length: 356 bytes
[Frame is marked: False]
[Protocols in frame: sll:ip:udp:sip]
Linux cooked capture
Packet type: Unicast to us (0)
Link-layer address type: 1
Link-layer address length: 6
Source: jim (00:11:d8:32:ca:b0)
Protocol: IP (0x0800)
Internet Protocol, Src: 192.168.10.15 (192.168.10.15), Dst: 62.219.102.53 (62.219.102.53)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 340
Identification: 0x32b7 (12983)
Flags: 0x00
0... = Reserved bit: Not set
.0.. = Don't fragment: Not set
..0. = More fragments: Not set
Fragment offset: 0
Time to live: 128
Protocol: UDP (0x11)
Header checksum: 0x971a [correct]
[Good: True]
[Bad : False]
Source: 192.168.10.15 (192.168.10.15)
Destination: 62.219.102.53 (62.219.102.53)
User Datagram Protocol, Src Port: sip (5060), Dst Port: 5062 (5062)
Source port: sip (5060)
Destination port: 5062 (5062)
Length: 320
Checksum: 0x7fc0 [correct]
Session Initiation Protocol
Request-Line: REGISTER sip:62.219.102.53 SIP/2.0
Method: REGISTER
[Resent Packet: False]
Message Header
Via: SIP/2.0/UDP 192.168.10.15:5060;rport;branch=123456789
Transport: UDP
Sent-by Address: 192.168.10.15
Sent-by port: 5060
RPort: rport
Branch: 123456789
Route: <sip:62.219.102.53;lr>
From: nobody <sip:nobody@62.219.102.53>;tag=123456789
SIP Display info: nobody
SIP from address: sip:nobody@62.219.102.53
SIP tag: 123456789
To: <sip:nobody@62.219.102.53>
SIP to address: sip:nobody@62.219.102.53
Call-ID: 000001@ping
Contact: <sip:nobody@192.168.10.15>
Contact Binding: <sip:nobody@192.168.10.15>
URI: <sip:nobody@192.168.10.15>
SIP contact address: sip:nobody@192.168.10.15
CSeq: 2 REGISTER
Sequence Number: 2
Method: REGISTER
Content-Length: 0
Frame 2220 (356 bytes on wire, 356 bytes captured)
Arrival Time: May 15, 2007 20:55:36.994446000
[Time delta from previous packet: 0.000064000 seconds]
[Time since reference or first frame: 26.910837000 seconds]
Frame Number: 2220
Packet Length: 356 bytes
Capture Length: 356 bytes
[Frame is marked: False]
[Protocols in frame: sll:ip:udp:sip]
Linux cooked capture
Packet type: Sent by us (4)
Link-layer address type: 512
Link-layer address length: 0
Source: <MISSING>
Protocol: IP (0x0800)
Internet Protocol, Src: 217.128.124.171 (217.128.124.171), Dst: 62.219.102.53 (62.219.102.53)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 340
Identification: 0x32b7 (12983)
Flags: 0x00
0... = Reserved bit: Not set
.0.. = Don't fragment: Not set
..0. = More fragments: Not set
Fragment offset: 0
Time to live: 127
Protocol: UDP (0x11)
Header checksum: 0x0ca6 [correct]
[Good: True]
[Bad : False]
Source: 217.128.124.171 (217.128.124.171)
Destination: 62.219.102.53 (62.219.102.53)
User Datagram Protocol, Src Port: sip (5060), Dst Port: 5062 (5062)
Source port: sip (5060)
Destination port: 5062 (5062)
Length: 320
Checksum: 0xf44b [correct]
Session Initiation Protocol
Request-Line: REGISTER sip:62.219.102.53 SIP/2.0
Method: REGISTER
[Resent Packet: False]
Message Header
Via: SIP/2.0/UDP 192.168.10.15:5060;rport;branch=123456789
Transport: UDP
Sent-by Address: 192.168.10.15
Sent-by port: 5060
RPort: rport
Branch: 123456789
Route: <sip:62.219.102.53;lr>
From: nobody <sip:nobody@62.219.102.53>;tag=123456789
SIP Display info: nobody
SIP from address: sip:nobody@62.219.102.53
SIP tag: 123456789
To: <sip:nobody@62.219.102.53>
SIP to address: sip:nobody@62.219.102.53
Call-ID: 000001@ping
Contact: <sip:nobody@192.168.10.15>
Contact Binding: <sip:nobody@192.168.10.15>
URI: <sip:nobody@192.168.10.15>
SIP contact address: sip:nobody@192.168.10.15
CSeq: 2 REGISTER
Sequence Number: 2
Method: REGISTER
Content-Length: 0
Frame 2221 (364 bytes on wire, 364 bytes captured)
Arrival Time: May 15, 2007 20:55:36.994456000
[Time delta from previous packet: 0.000010000 seconds]
[Time since reference or first frame: 26.910847000 seconds]
Frame Number: 2221
Packet Length: 364 bytes
Capture Length: 364 bytes
[Frame is marked: False]
[Protocols in frame: sll
ppoes
pp:ip:udp:sip]
Linux cooked capture
Packet type: Sent by us (4)
Link-layer address type: 1
Link-layer address length: 6
Source: D-Link_f0:52:2d (00:0f:3d:f0:52:2d)
Protocol: PPPoE Session (0x8864)
PPP-over-Ethernet Session
0001 .... = Version: 1
.... 0001 = Type: 1
Code: Session Data (0x00)
Session ID: 0x0eca
Payload Length: 342
Point-to-Point Protocol
Protocol: IP (0x0021)
Internet Protocol, Src: 217.128.124.171 (217.128.124.171), Dst: 62.219.102.53 (62.219.102.53)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 340
Identification: 0x32b7 (12983)
Flags: 0x00
0... = Reserved bit: Not set
.0.. = Don't fragment: Not set
..0. = More fragments: Not set
Fragment offset: 0
Time to live: 127
Protocol: UDP (0x11)
Header checksum: 0x0ca6 [correct]
[Good: True]
[Bad : False]
Source: 217.128.124.171 (217.128.124.171)
Destination: 62.219.102.53 (62.219.102.53)
User Datagram Protocol, Src Port: sip (5060), Dst Port: 5062 (5062)
Source port: sip (5060)
Destination port: 5062 (5062)
Length: 320
Checksum: 0xf44b [correct]
Session Initiation Protocol
Request-Line: REGISTER sip:62.219.102.53 SIP/2.0
Method: REGISTER
[Resent Packet: True]
[Suspected resend of frame: 2220]
Message Header
Via: SIP/2.0/UDP 192.168.10.15:5060;rport;branch=123456789
Transport: UDP
Sent-by Address: 192.168.10.15
Sent-by port: 5060
RPort: rport
Branch: 123456789
Route: <sip:62.219.102.53;lr>
From: nobody <sip:nobody@62.219.102.53>;tag=123456789
SIP Display info: nobody
SIP from address: sip:nobody@62.219.102.53
SIP tag: 123456789
To: <sip:nobody@62.219.102.53>
SIP to address: sip:nobody@62.219.102.53
Call-ID: 000001@ping
Contact: <sip:nobody@192.168.10.15>
Contact Binding: <sip:nobody@192.168.10.15>
URI: <sip:nobody@192.168.10.15>
SIP contact address: sip:nobody@192.168.10.15
CSeq: 2 REGISTER
Sequence Number: 2
Method: REGISTER
Content-Length: 0