Hi Daniel, Thank you very much for your prompt response. The output mentioned is generated by ngrep and can be seen by tcpdump as well. It seems a "space" and the bogus part ends up after the port used in the socket opened. For example "5060" becomes "5060 yadieyaboguspartdrdfg5r3245234". Obviously sending a packet towards an IPv6 address using such a port doesn't work. For the time being, we disabled the topoh.so module and rewrote code using uac_replace_from() and substituded the code with $fn = "string", $fd = "otherstring" equivalents. Thanks again! Cheers, Kees