Tag Archives: ERS2500

untagAll vs tagAll on Avaya Ethernet Routing Switches

20 Replies

This is probably the most often referred to topic both on the forums and here on my blog. After finding it in the top 10 keyword searches to my blog this morning I decided to try and write up a new post that would conclusively answer the question with respect to Avaya (formerly Nortel) Ethernet Routing Switches.

Definitions

Now before I get started lets define some basic terms;

  • Access port is defined as a port belonging to a single VLAN
  • Trunk port as defined in Wikipedia is a port designed to carry multiple VLANs through a single network link through the use of a “trunking protocol”. To allow for multiple VLANs on one link, frames from individual VLANs must be identified. The most common and preferred method, IEEE 802.1Q adds a tag to the Ethernet frame header, labeling it as belonging to a certain VLAN. Since 802.1Q is an open standard, it is the only option in an environment with multiple-vendor equipment.

So by it’s definition an access port can only belong to one VLAN while a trunk port can belong to multiple VLANs.

It’s important to distinguish that we’re talking about single ports. A trunk group or trunk port group is made up of multiple ports which are combined into a single virtual port. Protocols such as MultiLink Trunking (Avaya), EtherChannel (Cisco) and LACP provide the ability to combine multiple trunk ports into a single virtual interface providing redundancy and additional bandwidth.

Basic Examples

In general the majority of edge switch ports will be configured as access ports. Any port used to connect a personal computer, laptop, server, printer, etc will be configured as an access port. Any port that connects to another switch will be configured as a trunk port.

Complex Examples

With the advent of virtualization VMware servers are often configured and connected to trunk ports. Where as servers would have traditionally been connected to access ports they can also be connected to trunk ports depending on their configurations. The advent of Voice Over IP (VoIP) to the desktop has also had an impact on how edge switches are configured when the desktop or laptop is connected to the IP phone which is in turn connected to the edge switch. I’ll cover that topic in more detail later on.

Avaya Ethernet Routing Switches

Ethernet Routing Switch 2500, 4000, 5000 Series

The Avaya Ethernet Routing Switch 2500, 4000 and 5000 series switches currently offer the following options.

  • tagAll – sets the port as a trunk port tagging all frames with an 802.1Q header as they egress the port.
  • untagAll – sets the port as an access port stripping all 802.1Q headers as they egress the port.
  • tagPvidOnly – sets the port as a trunk port but only adds 802.1Q headers for the PVID VLAN as they egress the port.
  • untagPvidOnly – sets the port as a trunk port but only adds 802.1Q headers for every VLAN other than the PVID VLAN as they egress the port.

What is the PVID? The PVID is the Default VLAN ID configured for that specific port. In a typical configuration where the port is an access (untagAll) port the PVID will be set to that VLAN automatically by the switch. In a trunk port configuration the PVID will be used to determine which VLAN to bridge any received untagged frames to if DiscardUntaggedFrames is not enabled. It’s recommended to enable DiscardUntaggedFrames on any port configured as a trunk (tagAll) port to avoid any potential configuration issues which might lead to a loop and a network outage. It’s also a best practice to configure the PVID on all trunk (tagAll) ports with the VLAN ID of your management VLAN.

 

Ethernet Routing Switch 1600, 8600, 8800 Series

You’ll notice on the Ethernet Routing Switch 1600, 8600 and 8800 series that the options are slightly different but achieve the same outcome.

  • PerformTagging (Checked) – sets the port as a trunk port tagging all frames with an 802.1Q header as they egress the port.
  • PerformTagging (Unchecked) – sets the port as an access port stripping all 802.1Q headers as they egress the port.

Additional options include DiscardTaggedFrames, DiscardUntaggedFrames and UntagDefaultVlan. These options can be used to achieve the same results as with the Avaya Ethernet Routing Switch 2500, 4000 and 5000 series switches with the exception of tagPvidOnly.

Is the PVID equivalent to the native vlan command in Cisco switches? It is if untagPvidOnly/UntagDefaultVlan is enabled. The PVID (DefaultVlanId) by itself only acts on untagged received frames. The untagPvidOnly/UntagDefaultVlan option acts on transmitted frames and so the combination of the two equates to the “switchport trunk native vlan #” on a Cisco switch.

It’s also important to point out that Avaya only supports 802.1Q tagging. So while Cisco supports ISL and 802.1Q there is no Avaya command similar to “switchport trunk encapsulation dot1q” since this is the default behavior with Avaya switches.

IP Telephony

There are some special considerations when desktops and laptops are physically connected to the PC port on back of an IP phone and then the IP phone is cabled to the edge switch.  In this scenario the common approach is to tag the voice VLAN while leaving the data VLAN untagged. Why? It’s important that we separate the voice traffic from the data traffic so we utilize two different VLANs, one VLAN will carry the voice traffic while one VLAN will carry the data traffic destined to the desktop or laptop. The desktop or laptop probably won’t be configured for 802.1Q tagging so it won’t understand an 802.1Q tagged frame. We need to guarantee that any frames being delivered to the PC port on the back of the IP phone are untagged, if they aren’t the laptop or desktop will just discard the frame. The IP phone will tag the voice frames with an 802.1Q header so the switch will properly bridge those frames to the voice VLAN. In this scenario we need to utilize the untagPvidOnly option in combination with configuring the PVID (DefaultVlanId) as the data VLAN. This way the voice VLAN will be tagged with an 802.1Q header so the phone understands it and the data VLAN will be untagged so the desktop or laptop understands it. The IP phone will be configured with the Voice VLAN ID so it knows which ID to use when communicating with the Call Server and Media Gateways.

Cheers!

Avaya Ethernet Routing Switches and non-ADAC VLANs

10 Replies

I recently stumbled across this little tidbit and thought I would share it with everyone here.

Up until recently if you wanted to change the default VLAN (the data VLAN for the IP phones) on a port that had ADAC enabled you had to first disable ADAC, change the VLAN assignment of the port and then re-enable ADAC. This was problematic for two major reasons; 1) disabling ADAC would remove the port from the voice VLAN and would interrupt the connectivity to the IP phone causing an outage, 2) if your network administrator forgot to disable ADAC before making the VLAN change the switch would eventually restore the port to it’s originally configured VLAN (usually on reboot of the switch) which would ultimately leave the end device in the wrong VLAN and unable to communicate.

I blogged about the problem back in 2008 here and here and there were many of you that found out the hard way that neither Java Device Manager nor the CLI would warn you before making any VLAN changes on a port which had ADAC enabled. It’s now 2011 and while I definitely have more grey hair (I guess I should be happy I still have hair) it seems that Avaya has finally gotten around to resolving this issue. It seems Avaya also took the opportunity to eliminate two birds with one stone with the ability to now define multiple uplinks/downlinks in ADAC. In the past you could only define a single uplink which would be problematic if you intended to use the switch as a distribution switch to feed other switches downstream. There was no way to provision the voice VLAN on the downlinks because ADAC would remove any manually added ports from the voice VLAN.

The Autodetection and Autoconfiguration ( ADAC) Enhancements provide increased flexibility in deployments that use ADAC as follows:

  • expanded support for up to 8 ADAC uplinks and 8 call-server links – individual ports or any combination of MLT, DMLT or LAG – per switch or stack
  • the ability to change the non-ADAC VLANs on a port without disabling ADAC

Here’s what the ADAC settings look like within Enterprise Device Manager.

Ethernet Routing Switch 4500 - ADAC via EDM

Here are the platforms that support the new feature and the minimum software releases you need to be at.

I must admit upfront that I have not yet tested this new feature… although both changes highlighted above are very very welcome to me as a user. I can’t tell you how many issues we had with network administrators or engineers forgetting to check the status of ADAC and having all sorts of issues after a reboot (or more often an extended power failure – which led to a… yes reboot).

Has anyone else had the opportunity to test this out?

Cheers!

Nortel Ethernet Switch "Agent Not Found"

42 Replies

This post applies to the following models;

  • Nortel Business Policy Switch 2000
  • Nortel Ethernet Switch 300 Series
  • Nortel Ethernet Switch 460
  • Nortel Ethernet Switch 470
  • Nortel Ethernet Switch 2500 Series
  • Nortel Ethernet Switch 4500 Series
  • Nortel Ethernet Route Switch 5500 Series

It is possible that the switch agent image, that is stored in NVRAM on the switch, can become corrupt for some reason or another. In this case the switch will not boot up properly and will require some special intervention.

Diagnostic Version X.X.X.X
Press Control-C to Enter Diag

Test ROM Config - PASSED
Test FANs - PASSED
Test Internal Loopback - PASSED
Test ASIC1 Registers - PASSED
Test ASIC2 Registers - PASSED
Test PHY Registers - PASSED
Test USB Registers - PASSED
Agent code verification fails!

>> Break Recognized - Wait...
Press 'a' to run Agent code
Press 'd' to download Agent code
Press 'e' to display errors
Press 'c' to clear log message
Press 'i' to initialize config flash
Press 'p' to run POST tests...

You can use the boot diagnostic code to download the agent code to the switch using the “d” option. While the switch is booting using “Ctrl-C” to break the boot sequence and select “d” from the menu.

WARNING: the TFTP server needs to be physically connected to the switch in question

Download Agent Code

Enter Port Number [  ]:
Enter Speed: 10, 100, 1000 [  ]:
Enter Local IP Address [ 0.0.0.0 ]: 10.10.10.15 (IP given to Switch)
Enter Server IP Address [ 0.0.0.0 ]: 10.10.10.1 (IP of local TFTP server)
Enter Subnet Mask [ 255.255.255.0 ]:
Enter Filename: boss_1234.img
Wait..
TFTP: Sending Open: .aaaaa.a
TFTP: Open
...............................................................
.............................................................
Len= 0x20795E= 2128222. (@1200000)
Agent Version= 5.0.0.0 ModelMask= 0x1C
Program y/N [ N ]: y (Press y)
Erasing - Wait 56 sec..
Programming - Wait 96 sec..

Once the download is complete you’ll need to run the agent code by selecting “a”

Starting Agent Code..

Decompressing the image ...
Target Name: vxTarget
User: target
Attaching network interface idtip0... done.
Attaching network interface lo0... done.

Completing initialization...

At this point the switch should be booting up although it may take ~ 2 minutes for the switch to fully initialize the software and configuration.

Cheers!