Posts Tagged ERS5520
Nortel Internet Telephones – Network Loops
Posted by Michael McNamara in VoiceOverIP on May 6, 2008
A Tek-Tips forum member recently reported that one of his technicians improperly cabled a Nortel i2002/i2004 Internet Telephone (plugging both the ports on the back of the Internet Telephone into the network switch) causing a loop which took down their entire network. The member was curious about how to configure Spanning Tree to help prevent this problem. I went digging and found the following information in the current phone firmware release notes;
Network Loop (Applies to IP Phone 2002, 2004, 2007, 1120E, 1140E)
These firmware releases include a fix to help prevent network loop scenarios from being introduced into the network, and the resultant network outages that can occur. The network loop avoidance fix was first introduced in 0604D9H, 0621C2B, 0624C1E and 0625C1E. One important note when upgrading to 0604DBN, 0621C4T, 0624C4L or 0625C4L from any load previous to 0604D9H, 0621C2B, 0624C1E or 0625C1E respectively, is that IP Phones that were inadvertently mis-wired during initial installation will not be allowed to work until the cabling problem is corrected. This fix is only an issue if the installer, when installing the Nortel IP Phone 2002, 2004, 2007, 1120E or 1140E, inadvertently connected the network Ethernet cable to the PC Ethernet port on the back of the phone, instead of connecting it to the network Ethernet port on the back of the phone. Phase II IP Phones (2002 and 2004) running firmware previous to 0604D9H, IP Phones 2007 running firmware previous to 0621C2B and IP Phone 1120E and 1140E running firmware previous to 0624C1C and 0625C1C respectively will work when incorrectly connected, but this does introduce the potential for network degradation. These new firmware loads will try and safe guard the network by trying to prevent phones that are mis-cabled to function. This means that the IP Phones that are working on a previous release of firmware may stop working if they are not correctly wired.But realize that a mis-cabled phone may still work, even with the new firmware, if the network infrastructure supports Auto MDIX. If the network infrastructure supports Auto MDIX, network loop can still occur if the network is not running the Spanning Tree Protocol (STP) or a similar loop avoidance protocol.
As a preventative measure to reduce the potential for network degradation, and to prevent mis-cabled phones from ceasing to work when their firmware is upgraded, please consider taking the necessary steps to ensure your Nortel IP phones network cables are plugged into the correct ports on the back of the phone – network cable into the network Ethernet port, and the PC Ethernet cable (if connecting a PC) to the PC Ethernet port (little computer icon) on the back of the phone.
I’ve highlight a very important caveat above in RED. While this was and is a great feature of the new phone firmware the important piece to realize here is that if the network switch supports Auto MDIX, which the Nortel Ethernet Routing Switch 5520 and Ethernet Switch 470 PWR do you can’t rely on this feature alone to protect your network.
Ever since the release of the Nortel Ethernet Switch 470 we now configure Spanning Tree on every port with the exception of the core MLT/SMLT uplinks. Prior to the availability of the “Auto MDIX” feature a technician would need a crossover cable to physically put a loop between two switch ports. We made sure there were never any crossover cables left lying around. With the arrival of the “Auto MDIX” feature technicians could now put a loop in the switch with a standard straight-thru cable, which happened on a number of occasions. In order to prevent this problem we reconfigured every closet to run Spanning Tree locally on that switch. We would not run it on the uplinks but we would run it on all other ports in the switch/stack.
Here are some of the commands to enable Spanning Tree with Fast Learning on ports 1-46 of an ERS 5520 switch;
5520-48T-PWR> enable 5520-48T-PWR# configure terminal 5520-48T-PWR (config)# interface fastEthernet 1-46 5520-48T-PWR (config-if)# spanning-tree learning fast 5520-48T-PWR (config-if)# exit 5520-48T-PWR (config)#
Cheers!
Multicast Routing Protocol (Part 1)
Posted by Michael McNamara in EthernetRtngSwitch on March 24, 2008
We have a few Nortel Contact Center (formerly Symposium) installations deployed throughout the organization. The Nortel Agent Desktop Display (ADD) utilizes multicast to distribute the information between the server and the individual clients. Unless the clients are in the same VLAN as the server (Application/Web server and Database server) you’re going to need a Multicast Routing Protocol to facilitate the multicast communications between VLANs. I should point out that at this point I’m only talking about making multicast traffic available between VLANs on a single Nortel Ethernet Routing Switch 8600.
Note: Nortel Contact Center 6.0 appears to use the following two Multicast addresses by default; 230.0.0.1, 230.0.0.2
Unfortunately I didn’t have a spare Contact Center server to test with so I needed to figure out how I could test multicast traffic ahead of time and then just schedule any changes that needed to be made to facilitate inter-VLAN multicast communications. I recalled that VideoLAN – VLC media player could stream audio/video via multicast.
In order to test I setup two laptops running Windows XP Service Pack 2, laptop A (10.1.55.50/24) on VLAN 55 (10.1.55.0/24) and laptop B (10.1.56.50/24) on VLAN 56 (10.1.56.0/24).
Laptop A will be the broadcast server and stream the video while laptop B will be the client.
Let’s setup the ERS 8600 switch;
ERS-8610:6# config vlan 55 create byport 1 ERS-8610:6# config vlan 55 ip address 10.1.55.5/24 ERS-8610:6# config vlan 55 ip ospf enable ERS-8610:6# config vlan 55 ip vrrp 1 10.1.55.1 ERS-8610:6# config vlan 55 ip dvmrp enable ERS-8610:6# config vlan 56 create byport 1 ERS-8610:6# config vlan 56 ip address 10.1.56.5/24 ERS-8610:6# config vlan 56 ip ospf enable ERS-8610:6# config vlan 56 ip vrrp 1 10.1.56.1 ERS-8610:6# config vlan 56 ip dvmrp enable
And then some global settings;
ERS-8610:6# config ip dvmrp enable ERS-8610:6# config ip ospf enable
Now we need to look at how to make VLC do what we need;
Once you install VLC and start the program you will be greeted by this lightweight frontend.
Click File -> Open File to bring up the Open dialog box.
Click on the Browse button to bring up a standard Windows file selection box. Select the file you want to play. Then click Open.
Your selection should appear in the text box next to the Browse button. Click the check box for Stream Output and then click the button Settings.
If you wish to view the video on the source laptop then check the box next to Play Locally under Output Methods. When streaming to another system you don’t have to play the file on the server, but you can use this option to visually confirm that our video is playing properly before trying to access the stream from another computer.
Check the box marked UDP and type in the Muticast address you want to stream the file to. You should use a local-scope multicast address between 239.0.0.0 – 239.255.255.255. You should also make sure that the Time-To-Live (TTL) is set to 2. Then click OK. The file is ready to play so click OK in the Open dialog box too.
The video or audio file should begin playing on the computer. The last thing to do before switching to the second laptop is to turn on VLC’s web interface by clicking Settings -> Add Interface -> Web Interface. This will help provide remote control over VLC if we should need it from the second laptop.
Open VLC on the second laptop.
Click on File -> Open Network Stream. Select UDP/RTP Multicast and use the same Multicast address you use on the server. Click the OK button and VLC will start playing your stream.
Now that the stream is successfully playing on your computer you can open up a web browser to control VLC remotely. Type http://10.1.55.10:8080/ into the address bar. The web browser will present you with all of the controls you need to manage playlists and playback remotely.
If you’ve setup the ERS8600 properly your video should start playing on the client laptop.
If you want to make sure that VLC is configured and working properly move both laptops to the same VLAN. If the video stream works then you know that VLC is working properly and you need to focus the network configuration.
Note: Windows XP defaults to IGMP v3 which is fine for this test.
You can use the following commands to troubleshoot the network pieces. In the examples below I had the laptops connected to an ERS 5520 switch which was uplink on port 1/1. That is why the port is reported as 1/1 throughout the different commands.
DVMRP
ERS-8610:6# show ip dvmrp info
================================================================== Dvmrp General Group
==================================================================
AdminStat : enabled
Genid : 0x47c42ef1
Version : 3
NumRoutes : 2
NumReachableRoutes : 2
UpdateInterval : 60
TriggeredUpdateInterval : 5
LeafTimeOut : 125
NbrTimeOut : 35
NbrProbeInterval : 10
FwdCacheTimeout : 300
RouteExpireTimeout : 140
RouteDiscardTimeout : 260
RouteSwitchTimeout : 140
ShowNextHopTable : disable
generate-trap : disable
generate-log : disable
PruneResend : disable
ERS-8610:6# show ip dvmrp interface
================================================================================ Dvmrp Interface
================================================================================ DEFAULT DEFAULT DEFAULT ADVERTISEIF ADDR METRIC OPERSTAT LISTEN SUPPLY METRIC SELF
-------------------------------------------------------------------------------
Vlan55 10.1.55.1 1 up enable disable 1 enable
Vlan56 10.1.56.1 1 up enable disable 1 enable
2 out of 2 entries displayed
--------------------------------------------------------------------------------
IF ADDR IN-POLICY OUT-POLICY INTF TYPE
--------------------------------------------------------------------------------
Vlan55 10.1.55.1 ActiveVlan56 10.1.56.1 Active
2 out of 2 entries displayed
ERS-8610:6# show ip dvmrp route
================================================================================
Dvmrp Route
================================================================================
SOURCE MASK UPSTREAM_NBR INTERFACE METRIC EXPIRE
--------------------------------------------------------------------------------
10.107.55.0 255.255.255.0 0.0.0.0 Vlan55 1 155
10.107.56.0 255.255.255.0 0.0.0.0 Vlan56 1 155
2 out of 2 entries displayed
IGMP
ERS-8610:6# show ip igmp cache
================================================================================
Igmp Cache
================================================================================
GRPADDR INTERFACE LASTREPORTER EXPIRATION V1HOSTTIMER TYPE STATICPORTS
--------------------------------------------------------------------------------
239.255.1.1 Vlan56 10.1.56.50 213 0 DYNAMIC NULL
239.255.255.250 Vlan55 10.1.55.50 214 0 DYNAMIC NULL
239.255.255.250 Vlan56 10.1.56.50 219 0 DYNAMIC NULL
3 out of 3 entries displayed
ERS-8610:6# show ip igmp group
================================================================================
Igmp Group
================================================================================
GRPADDR INPORT MEMBER EXPIRATION TYPE
-------------------------------------------------------------------------------
239.255.1.1 V56-1/1 10.1.56.50 209 Dynamic
239.255.255.250 V55-1/1 10.1.55.50 210 Dynamic
239.255.255.250 V56-1/1 10.1.56.50 215 Dynamic
Total number of groups 3Total number of unique groups 2
ERS-8610:6# show ip igmp sender
================================================================================
Igmp Sender
===============================================================================
GRPADDR IFINDEX MEMBER PORT STATE
--------------------------------------------------------------------------------
239.255.1.1 Vlan 55 10.1.55.50 1/1 NOTFILTERED
1 out of 1 entries displayed
Hopefully I haven’t gone over the top on this one.
Please post any comments, corrections or suggestions.
Cheers!
Nortel ERS 5520 PwR Switch (Part 2)
Posted by Michael McNamara in EthernetRtngSwitch on October 23, 2007
In this post I’m going to outline some of the basic commands you can use to troubleshoot any issues you might have between the ERS5520 and the i2002/i2004 phones.
Q. How can I check the log file?
A. show logging
ERS-5520# show logging Type Time Idx Src Message ---- ----------------------- ---- --- ------- S 00:00:00:00 1 NVR SNTP: Could not sync to NTP servers. S 2007-04-05 17:18:08 GMT 2 NVR SNTP: Could not sync to NTP servers. S 2007-04-05 17:22:07 GMT 3 NVR Audit data initialized - incorrect magic number: 0xffffffff I 2007-04-19 01:21:03 GMT 4 Web server starts service on port 80. I 2007-04-19 01:21:19 GMT 5 IGMP: Unknown Multicast Filter disabled I 2007-04-19 01:21:19 GMT 6 PoE Port Detection Status: Port 1 Status: Delivering Power I 2007-04-19 01:21:22 GMT 7 PoE Port Detection Status: Port 35 Status: Delivering Power I 2007-04-19 01:21:49 GMT 8 Port 0/47 reenabled by VLACP I 2007-04-19 01:21:49 GMT 9 Port 0/48 reenabled by VLACP I 2007-04-19 01:23:05 GMT 10 SNTP: First synchronization successful. I 2007-04-19 01:23:18 GMT 11 Warm Start Trap I 2007-04-19 01:23:19 GMT 12 Link Up Trap Port: 1 I 2007-04-19 01:23:20 GMT 13 Trap: pethPsePortOnOffNotification I 2007-04-19 01:23:20 GMT 14 Trap: bsAdacPortConfigNotification for Port: 47, Config: Applied
Q. How can I check the state of a port?
A. show interfaces
ERS-5520# show interfaces 47,48 Status Auto Flow Port Trunk Admin Oper Link LinkTrap Negotiation Speed Duplex Control ---- ----- ------- ---- ---- -------- ----------- -------- ------ ------- 47 1 Enable Up Up Enabled Enabled 1000Mbps Full Asymm 48 1 Enable Up Up Enabled Enabled 1000Mbps Full Asymm
Q. How can I check the VLACP state of a port?
A. show vlacp interface
ERS-5520# show vlacp interface 47,48 =============================================================================== VLACP Information =============================================================================== PORT ADMIN OPER HAVE FAST SLOW TIMEOUT TIMEOUT ETH MAC ENABLED ENABLED PARTNER TIME TIME TYPE SCALE TYPE ADDRESS ------------------------------------------------------------------------------- 0/47 true true yes 500 30000 short 3 8103 01:80:c2:00:11:00 0/48 true true yes 500 30000 short 3 8103 01:80:c2:00:11:00
Q. How can I check what FDB entries have been learned on a specific port?
A. show mac-address-table port
ERS-5520# show mac-address-table port 47 Mac Address Table Aging Time: 300 Number of addresses: 9 MAC Address Source MAC Address Source ----------------- -------- ----------------- -------- 00-00-5E-00-01-01 Trunk: 1 00-15-40-45-68-00 Trunk: 1 00-17-D1-57-30-00 Trunk: 1 00-17-D1-57-30-10 Trunk: 1 00-17-D1-57-32-03 Trunk: 1 00-18-B0-CC-F0-00 Trunk: 1 00-18-B0-CC-F0-10 Trunk: 1 00-18-B0-CC-F2-01 Trunk: 1 00-1B-25-4C-74-00 Trunk: 1
Q. How can I check the FDB table for a specific MAC address?
A. show mac-address-table address
ERS-5520# show mac-address-table address 00:18:b0:cc:f0:10 Mac Address Table Aging Time: 300 Number of addresses: 1 MAC Address Source MAC Address Source ----------------- -------- ----------------- -------- 00-18-B0-CC-F0-10 Trunk: 1
Q. How can I check to see if ADAC has been configured/enabled?
A. show adac
ERS-5520# show adac ADAC Global Configuration --------------------------------------- ADAC: Enabled Operating Mode: Tagged Frames Traps Control Status: Enabled Voice-VLAN ID: 12 Call Server Port: None Uplink Port: 48
Q. How can I check to see if ADAC has been applied to a specific port?
A. show adac interface
ERS-5520# show adac interface 20 Port Auto-Detection Auto-Configuration ---- -------------- ------------------ 20 Enabled Applied
Q. How can I check to see the LLDP information with a specific port?
A. show lldp port neighbor detail
ERS-5520# show lldp port 20 neighbor detail ------------------------------------------------------------------------------- lldp neighbor ------------------------------------------------------------------------------- Port: 20 Index: 5 Time: 8 days, 13:47:49 ChassisId: Network address ipV4 192.168.100.101 PortId: MAC address 00:17:65:ff:e0:fc SysCap: TB / TB (Supported/Enabled) PortDesc: Nortel IP Phone SysDescr: Nortel IP Telephone 2002, Firmware:0604DAS PVID: 0 PPVID Supported: not supported(0) VLAN Name List: none PPVID Enabled: none Dot3-MAC/PHY Auto-neg: supported/enabled OperMAUtype: 100BaseTXFD PSE MDI power: not supported/disabled Port class: PD PSE power pair: signal/not controllable Power class: 2 LinkAggr: not aggregatable/not aggregated AggrPortID: 0 MaxFrameSize: 1522 PMD auto-neg: 10Base(T, TFD), 100Base(TX, TXFD) MED-Capabilities: CNLDI / CNDI (Supported/Current) MED-Device type: Endpoint Class 3 MED-Application Type: Voice VLAN ID: 12 L2 Priority: 6 DSCP Value: 46 Tagged Vlan, Policy defined Med-Power Type: PD Device Power Source: Unknown Power Priority: High Power Value: 5.4 Watt HWRev: FWRev: 0604DAS SWRev: SerialNumber: ManufName: Nortel-01 ModelName: IP Phone 2002 AssetID: ------------------------------------------------------------------------------- Port: 20 Index: 6 Time: 8 days, 13:48:20 ChassisId: Network address ipV4 10.119.241.50 PortId: MAC address 00:17:65:ff:e0:fc SysCap: TB / TB (Supported/Enabled) PortDesc: Nortel IP Phone SysDescr: Nortel IP Telephone 2002, Firmware:0604DAS PVID: 0 PPVID Supported: not supported(0) VLAN Name List: 12 PPVID Enabled: none Dot3-MAC/PHY Auto-neg: supported/enabled OperMAUtype: 100BaseTXFD PSE MDI power: not supported/disabled Port class: PD PSE power pair: signal/not controllable Power class: 2 LinkAggr: not aggregatable/not aggregated AggrPortID: 0 MaxFrameSize: 1522 PMD auto-neg: 10Base(T, TFD), 100Base(TX, TXFD) MED-Capabilities: CNLDI / CNDI (Supported/Current) MED-Device type: Endpoint Class 3 MED-Application Type: Voice VLAN ID: 12 L2 Priority: 6 DSCP Value: 46 Tagged Vlan, Policy defined Med-Power Type: PD Device Power Source: Unknown Power Priority: High Power Value: 5.4 Watt HWRev: FWRev: 0604DAS SWRev: SerialNumber: ManufName: Nortel-01 ModelName: IP Phone 2002 AssetID: ------------------------------------------------------------------------------- Sys capability: O-Other; R-Repeater; B-Bridge; W-WLAN accesspoint; r-Router; T-Telephone; D-DOCSIS cable device; S-Station only. Med Capabilities-C: N-Network Policy; L-Location Identification; I-Inventory; S-Extended Power via MDI - PSE; D-Extended Power via MDI - PD.
Those are some of the commands that you might have to execute if you needed to perform troubleshooting between an ERS5520 and a i2002/i2004 phone.
Your DHCP server logs will be your friend during your troubleshooting. If you don’t see the phone making a DHCP request (or a request in the proper VLAN) then you should check that ADAC was applied to the switch port. ADAC is the component that will automatically add the switch port (the switch port the phone is connected to) into the Voice VLAN. If ADAC is not applied (or enabled) on the port then you’ll be able to see that the switch port in question is only a member of the Data VLAN. You need to remember that ADAC works on MAC address ranges. You need to check that the MAC address of your phone is in the ADAC MAC address table.
5520-48T-PWR# show adac mac-range-table Lowest MAC Address Highest MAC Address ------------------------ ------------------------- 00-0A-E4-01-10-20 00-0A-E4-01-23-A7 00-0A-E4-01-70-EC 00-0A-E4-01-84-73 00-0A-E4-01-A1-C8 00-0A-E4-01-AD-7F 00-0A-E4-01-DA-4E 00-0A-E4-01-ED-D5 00-0A-E4-02-1E-D4 00-0A-E4-02-32-5B 00-0A-E4-02-5D-22 00-0A-E4-02-70-A9 00-0A-E4-02-D8-AE 00-0A-E4-02-FF-BD 00-0A-E4-03-87-E4 00-0A-E4-03-89-0F 00-0A-E4-03-90-E0 00-0A-E4-03-B7-EF 00-0A-E4-04-1A-56 00-0A-E4-04-41-65 00-0A-E4-04-80-E8 00-0A-E4-04-A7-F7 00-0A-E4-04-D2-FC 00-0A-E4-05-48-2B 00-0A-E4-05-B7-DF 00-0A-E4-06-05-FE 00-0A-E4-06-55-EC 00-0A-E4-07-19-3B 00-0A-E4-08-0A-02 00-0A-E4-08-7F-31 00-0A-E4-08-B2-89 00-0A-E4-09-75-D8 00-0A-E4-09-BB-9D 00-0A-E4-09-CF-24 00-0A-E4-09-FC-2B 00-0A-E4-0A-71-5A 00-0A-E4-0A-9D-DA 00-0A-E4-0B-61-29 00-0A-E4-0B-BB-FC 00-0A-E4-0B-BC-0F 00-0A-E4-0B-D9-BE 00-0A-E4-0C-9D-0D Total Ranges: 21
If the MAC address of your i2002/i2004 phone does not match any of the MAC address ranges in the switch you’ll need to add a range to include those MAC addresses. If the MAC address of your i2002 phone was 00:18:b0:11:22:33 you could use the following commands;
5520-48T-PWR> enable 5520-48T-PWR# config terminal 5520-48T-PWR (config)# adac mac-range-table low-end 00:18:b0:00:00:00 high-end 00:18:b0:ff:ff:ff
You might think you could configure a port mirror and run a quick packet capture to understand what’s going on… unfortunately you cannot configure any port with port mirroring that has ADAC enabled.
Thats all for now.
The last step is the DHCP server so stay tuned.
Nortel ERS 5520 PwR Switch
Posted by Michael McNamara in EthernetRtngSwitch on October 23, 2007
I’ve added a command to disable the User Interface Button (UI Button) “no ui-button enable”.
Update: February 7, 2009
It was time to update this article with some additional information and settings that I’m now using in all my switch deployments. The big change is the updated ADAC MAC address table. Please also note the VLACP time-out scale change and I’ve updated the year field for the Daylight Saving Time change.
Update: August 13, 2008
This was one of the first articles I wrote back in October 2007 and it is by far the most popular article out of all 110 articles that I currently have published. With that said I decided to come back and spruce up this post with some additional “tweaks” that I’ve added over the past 10 months. I’m also going to attack a link to a text file so folks can just download the file of commands, tweak the specific individual settings such as IP address and VLAN information, and then cut and paste into the CLI interface of the Nortel Ethernet Routing Switch 5520. It will hopefully save folks from having to cut and paste each section.
Note: just a quick warning about cutting and pasting into the CLI interface, I’ve often found that the buffer will overflow if I try to paste an entire configuration at once. I usually need to break it into at least two or three sections and cut and paste those section one at a time.
In this post I’ll try to outline how you can configure the Nortel Ethernet Routing Switch 5520 in a VoIP environment using Nortel i2002/i2004 Internet Telephones (this procedure will also work the same with the i2007/1120E/
1140E phones).
You’ll obviously need a ERS 5520 switch and you’ll need SW 5.0.6.22 or later and FW 5.0.0.3 or later (there are known issues with earlier software versions that create inconsistent results using LLDP with the i2002/i2004 phones). I would strongly advise that you start with a default configuration. From the CLI issue the following commands to reset the switch to factory defaults;
5520-48T-PWR> enable 5520-48T-PWR# boot default
The switch should reboot with a default configuration. Let’s proceed with the configuration;
5520-48T-PWR> enable 5520-48T-PWR# configure terminal
Let’s set the local read-only and read-write passwords;
5520-48T-PWR (config)#cli password read-only readpass 5520-48T-PWR (config)#cli password read-write writepass 5520-48T-PWR (config)#cli password serial local 5520-48T-PWR (config)#cli password telnet local
Let’s disable the user interface button (UI button);
5520-48T-PWR (config)# no ui-button enable
Enable AUTOPVID;
5520-48T-PWR (config)# vlan configcontrol autopvid
We’ll be up linking this switch using a MultiLink trunk on ports 47 and 48 so we’ll enable tagging on the fiber uplinks;
5520-48T-PWR (config)# vlan ports 47,48 tagging enable
Let’s create the data VLAN (VID 100) and management VLAN (VID 200) on the switch;
5520-48T-PWR (config)# vlan members remove 1 ALL 5520-48T-PWR (config)# vlan create 200 name "10-1-200-0/24" type port 5520-48T-PWR (config)# vlan members add 200 47,48 5520-48T-PWR (config)# vlan create 100 name "10-1-100-0/24" type port 5520-48T-PWR (config)# vlan members add 100 1-48 5520-48T-PWR (config)# vlan port 1-46 pvid 100 5520-48T-PWR (config)# vlan port 47,48 pvid 200
Let’s make VLAN 200 the management VLAN and assign the IP address;
5520-48T-PWR (config)# vlan mgmt 200 5520-48T-PWR (config)# ip address switch 10.1.200.10 netmask 255.255.255.0 default-gateway 10.1.200.1
Let’s setup Simple Network Management Protocol (SNMP);
5520-48T-PWR (config)# snmp-server authentication-trap disable 5520-48T-PWR (config)# snmp-server community ro 5520-48T-PWR (config)# snmp-server community rw 5520-48T-PWR (config)# snmp-server host
Let’s configure the logging so it will overwrite the oldest events;
5520-48T-PWR (config)# logging volatile overwrite 5520-48T-PWR (config)# logging enable
Let’s setup Simple Network Time Protocol (SNTP);
5520-48T-PWR (config)# sntp server primary address 5520-48T-PWR (config)# sntp server secondary address 5520-48T-PWR (config)# sntp enable
Depending on the version of switch software your running you may be able to configure Daylight Saving Time;
5520-48T-PWR (config)#clock time-zone EST -5 5520-48T-PWR (config)#clock summer-time EDT date 9 Mar 2009 2:00 2 Nov 2009 2:00 +60
Let’s setup the MultiLink trunk that will connect the switch back to the backbone;
5520-48T-PWR (config)# mlt 1 disable 5520-48T-PWR (config)# mlt 1 name "MLT-8600" 5520-48T-PWR (config)# mlt 1 learning disable 5520-48T-PWR (config)# mlt 1 member 47,48 5520-48T-PWR (config)# mlt 1 enable
Let’s setup ADAC (Automatic Detection and Automatic Configuration) for our i2002/i2004 phones. We’ll using VLAN 50 as our voice VLAN and we’ll use port 48 as our uplink (the switch will add 47 automatically because of the MLT configuration). There is a new command to clear the ADAC MAC address table that may be missing from earlier versions, “no adac mac-range-table”. I’ve also updated the list of entries that I use.
5520-48T-PWR (config)# adac voice-vlan 50 5520-48T-PWR (config)# adac op-mode tagged-frames 5520-48T-PWR (config)# adac uplink-port 48 5520-48T-PWR (config)# no adac mac-range-table 5520-48T-PWR (config)# adac mac-range-table low-end 00:0a:e4:75:00:00 high-end 00:0a:e4:75:ff:ff 5520-48T-PWR (config)# adac mac-range-table low-end 00:13:65:00:00:00 high-end 00:13:65:ff:ff:ff 5520-48T-PWR (config)# adac mac-range-table low-end 00:14:c2:00:00:00 high-end 00:14:c2:ff:ff:ff 5520-48T-PWR (config)# adac mac-range-table low-end 00:16:ca:00:00:00 high-end 00:16:ca:ff:ff:ff 5520-48T-PWR (config)# adac mac-range-table low-end 00:17:65:00:00:00 high-end 00:17:65:ff:ff:ff 5520-48T-PWR (config)# adac mac-range-table low-end 00:18:b0:00:00:00 high-end 00:18:b0:ff:ff:ff 5520-48T-PWR (config)# adac mac-range-table low-end 00:19:69:00:00:00 high-end 00:19:69:ff:ff:ff 5520-48T-PWR (config)# adac mac-range-table low-end 00:19:e1:00:00:00 high-end 00:19:e1:ff:ff:ff 5520-48T-PWR (config)# adac mac-range-table low-end 00:1b:ba:00:00:00 high-end 00:1b:ba:ff:ff:ff 5520-48T-PWR (config)# adac mac-range-table low-end 00:1e:ca:00:00:00 high-end 00:1e:ca:ff:ff:ff 5520-48T-PWR (config)# adac mac-range-table low-end 00:22:67:00:00:00 high-end 00:22:67:ff:ff:ff 5520-48T-PWR (config)# adac enable
We need to strip the 802.1q tag from any packets in the PVID VLAN from going to the phone. In this design we’re expecting to connect IP phones to ports 1 – 46.
5520-48T-PWR (config)# vlan port 1-46 tagging untagpvidOnly
Let’s configure LLDP for the ports we expect to connect IP phones (1 – 46);
5520-48T-PWR (config)# interface fastEthernet 1-46
5520-48T-PWR (config-if)# vlan ports 1-46 filter-unregistered-frames disable
5520-48T-PWR (config-if)# lldp tx-tlv port-desc sys-cap sys-desc sys-name
5520-48T-PWR (config-if)# lldp status txAndRx config-notification
5520-48T-PWR (config-if)# lldp tx-tlv med extendedPSE med-capabilities network-policy
5520-48T-PWR (config-if)# poe poe-priority high
5520-48T-PWR (config-if)# spanning-tree learning fast
5520-48T-PWR (config-if)# adac enable
5520-48T-PWR (config-if)# exit
The option in RED above was added after an issue was discovered when trying to upgrade the firmware on the IP phones. The filter-unregistered-frames is enabled by default and should be disabled to avoid and issues with upgrading the firmware on the IP phones. We are attempting to investigate further with Nortel and our voice vendor Shared Technologies.
Let’s disable the two remaining ports that share the GBIC interfaces incase we need those in the future;
5520-48T-PWR (config)# interface fastEthernet 45-46 5520-48T-PWR (config-if)# shutdown 5520-48T-PWR (config-if)# exit
Let’s setup a QoS interface group to trust all traffic that will ingress on the fiber uplinks. By default the ERS 5520 switch will strip all QoS tags on all ports. Thankfully ADAC will take care of the QoS settings for all VoIP traffic.
5520-48T-PWR (config)# qos if-group name allUpLinks class trusted 5520-48T-PWR (config)# interface fastEthernet 47,48 5520-48T-PWR (config)# qos if-assign port 47,48 name allUpLinks 5520-48T-PWR (config)# exit
Let’s set the SNMP information;
5520-48T-PWR (config)# snmp-server name "sw-icr1-1east.sub.domain.org" 5520-48T-PWR (config)# snmp-server location "Acme Internet Phone Company (ICR1)" 5520-48T-PWR (config)# snmp-server contact "Network Infrastructure Team"
Let’s enable rate limiting for all broadcast and multicast traffic to 10% of the link;
5520-48T-PWR (config)# interface fastEthernet ALL 5520-48T-PWR (config-if)# rate-limit both 5 5520-48T-PWR (config-if)# exit
Let’s setup VLACP (Virtual Link Aggregation Protocol) on the uplinks to the core;
5520-48T-PWR (config)# interface fastEthernet 47,48 5520-48T-PWR (config-if)# vlacp port 47,48 timeout short 5520-48T-PWR (config-if)# vlacp port 47,48 timeout-scale 5 5520-48T-PWR (config-if)# vlacp port 47,48 enable 5520-48T-PWR (config-if)# exit 5520-48T-PWR (config)# vlacp enable
That’s it your done! Well hopefully your done.
In my next post I’ll tell you what DHCP options you’ll need to configure on your DHCP server in order for the phones to boot properly and connect to the Nortel Call Server.
Cheers!
About Me
network architect and security professional, excited about helping folks make the most out of what technology as a whole has to offer.
POLL
Loading ...
RECENT COMMENTS