technology, networking and IP telephony
Posts tagged VLACP
VLACP on a Nortel Ethernet Routing Switch Stack
Jan 4th
The bulletin advises users to re-configure the VLACP timeout from a default value of 3 to 5.
5520-48T-PWR(config)#interface fastEthernet 5-6 5520-48T-PWR(config-if)#vlacp timeout-scale 5 5520-48T-PWR(config-if)#show vlacp interface 5-6 =============================================================================== VLACP Information =============================================================================== PORT ADMIN OPER HAVE FAST SLOW TIMEOUT TIMEOUT ETH MAC ENABLED ENABLED PARTNER TIME TIME TYPE SCALE TYPE ADDRESS ------------------------------------------------------------------------------- 5 true true yes 500 30000 short 5 8103 00:00:00:00:00:00 6 true true yes 500 30000 short 5 8103 00:00:00:00:00:00
The bulletin also refers to a software fix in ERS 2500 v4.2.1, ERS4500 v5.2.1 and ERS5500/5600 v6.0.2 or later maintenance releases.
We really only use VLACP as a means of detecting FEFI when the switch equipment doesn’t support autonegotiation (example; Nortel Ethernet Switch 470 doesn’t support autonegotiation on the 1000Mbps uplinks).
Cheers!
Update: Friday February 13, 2009
It seems that Nortel has released software 6.0.3 for the Ethernet Routing Switch 5500/5600 series switches. This release is suppose to resolve the VLACP issues that were reported in the earlier bulletin. Here’s an excerpt from the release notes;
A feature enhancement (Q01645430) that changed the VLACP interoperability behavior with Passport 8600 was removed. For further details, please see the Technical Support Bulletin ID. 2008009238, Rev 1, published on 2008-12-12.
Cheers!
Virtual Link Aggregation Control Protocol (VLACP)
Dec 7th
Here’s what Nortel has to stay in their document, “Link Aggregation Control Protocol (LACP) 802.3ad and VLACP Technical Configuration Guide” dated August 2007;
Virtual LACP (VLACP) is an extension to LACP, used to detect end-to-end failure. VLACP takes the point-to-point hello mechanism of LACP and uses it to periodically send hello packets to ensure end-to-end reachability and provide failure detection (across any L2 domain). When Hello packets are not received, VLACP transitions to a failure state and the port will be brought down. The benefit of this over LACP is that VLACP timers can be reduced to 400 milliseconds between
a pair of ERS8600 switches. This will allow for approximately one second failure detection and switchover. Note that the lowest VLACP timer on an ES460/470 is 500ms. VLACP can also be used with Nortel’s proprietary aggregation mechanism (MLT) to complement its capabilities and provide quick failure detection. VLACP is recommended for all SMLT access links when the links are configured as MLT to ensure both end devices are able to communicate. By using VLACP over Single-Port SMLT, enhanced failure detection is extended beyond the limits of the number of SMLT or LACP instances that can be created on the ERS8600. VLACP can also be used as a loop prevention mechanism in SMLT configurations and should be used when setting up the IST. It also protects against CPU failures by causing traffic to be switched or rerouted to the SMLT peer in the case the CPU fails or gets hung up. Please refer to the Technical Configuration Guide for Switch Clustering using Split-Multilink Trunking (SMLT) with ERS8600 for more details.NOTE: In regards to the ERS8600, although either the CLI or JDM interface allows you to configure the short timers to less than 400ms, Nortel does not support this configuration unless the ERS8600 is equipped with the SuperMezz daughter module for the 8692SF. The SuperMezz allow for very quick sub 100ms failure detection.
Although functions such as Remote fault indication (RFI) or Far-end fault indication (FEFI) can be used to indicate link failure, there are some limitations with these mechanisms. The first limitation is that with either of these mechanisms, they terminate at the next Ethernet hop. Hence, failures cannot be detected on an end-to-end basis over multiple hops such as LAN Extension services. The second limitation is both of these mechanisms required Auto-Negotiation to be enabled on the Ethernet interface. Hence, if an Ethernet interface does not support Auto-Negotiation; neither of these mechanisms can be used. The third limitation is if an Ethernet interface should fail and still provide a transmit signal, RFI nor FEFI will be able to detect a failure. Hence, the far-end interface will still think the link up and continue to transmit traffic. VLACP will only work for port-to-port applications when there is a guarantee for a logical port-port match. It will not work in a port-to-multi-port scenario where there is no guarantee for a pointpoint match.
NOTE: Please note that VLACP does not perform link aggregation. Is it simply used to detect end-to-end link failures and can be enabled over single links or even MLT trunks. VLACP does not require LACP to be enabled; LACP and VLACP are independent features.
NOTE: When configuring VLACP, both ends of the link must be configured with the same EtherType, Multicast MAC address, and same timers. By default, the VLACP parameters across all ES and ERS switches are the same with the exception of the FastPeriodicTimer which is set to 200ms on the ERS8600 and 500ms on all other switches. When connecting, for example, an ERS8600 to and ERS5500, the recommendation is to use 500ms FastPeriodicTimers with ShortTimeout in order to achieve fast failover. Also, when using the ES460/470 in the 3.6.x software release, the VLACP EtherType must be configured with a different value on each MLT link. The EtherType must match the EtherType value at the far end of the MLT link.
NOTE: If VLACP is used with LACP, there is no difference in how VLACP and LACP bring down a port if no LACP or VLACP PDUs are received. VLACP will declare the VLACP status as down and will report the event in the log file whereas LACP will not synchronize, not activate Collecting and Distributing on this port, and not report a message in the log file. The end result is the same where the port will block traffic; the physical layer for this port will remain up. Although you can enable VLACP with LACP, there is no practical reason why you would do so.
There was an interim solution before VLACP developed by Nortel called Single Fiber Fault Detection (SFFD) specifically designed to allow remote fault detection on Gigabit Ethernet fiber ports that did not support autonegotiation. Unfortunately we had some issues with SFFD and never really deployed the feature beyond our testlab environment.
Ethernet Routing Switch 5510
Here’s how you would configure VLACP on the MLT uplinks to an ERS 8600 Switch. You’ll need to connect to the 5510 switch and enter the “Command Line Interface” if you have the menu up.
5510> enable 5510# configure terminal 5510(config)# interface fastEthernet 47,48 5510(config-if)# vlacp port 47,48 timeout short 5510(config-if)# vlacp port 47,48 enable 5510(config-if)# exit 5510(config)# vlacp enable 5510(config)# exit
Ethernet Routing Switch 8600
Here’s how you would configure VLACP on the MLT uplinks to the ERS 5510 Switch above.
ERS-8610:6# config ethernet 1/1, 2/1 vlacp enable
ERS-8610:6# config ethernet 1/1, 2/1 vlacp timeout short
ERS-8610:6# config ethernet 1/1, 2/1 vlacp fast-periodic-time 500
ERS-8610:6# config vlacp enable
In this example we’re using ports 1/1 and 2/1 as the uplinks to ports 47 and 48 on the ERS 5510 respectively. The VLACP short timeout timers on the ERS 8600 default to 200ms so we need to configure them to match the minimum possible with the ERS 5500 series switches of 500ms.
If the interface appears to be bouncing you should definitely check the timers.
Cheers!
Nortel ERS 5520 PwR Switch (Part 2)
Oct 23rd
In this post I’m going to outline some of the basic commands you can use to troubleshoot any issues you might have between the ERS5520 and the i2002/i2004 phones.
Q. How can I check the log file?
A. show logging
ERS-5520# show logging Type Time Idx Src Message ---- ----------------------- ---- --- ------- S 00:00:00:00 1 NVR SNTP: Could not sync to NTP servers. S 2007-04-05 17:18:08 GMT 2 NVR SNTP: Could not sync to NTP servers. S 2007-04-05 17:22:07 GMT 3 NVR Audit data initialized - incorrect magic number: 0xffffffff I 2007-04-19 01:21:03 GMT 4 Web server starts service on port 80. I 2007-04-19 01:21:19 GMT 5 IGMP: Unknown Multicast Filter disabled I 2007-04-19 01:21:19 GMT 6 PoE Port Detection Status: Port 1 Status: Delivering Power I 2007-04-19 01:21:22 GMT 7 PoE Port Detection Status: Port 35 Status: Delivering Power I 2007-04-19 01:21:49 GMT 8 Port 0/47 reenabled by VLACP I 2007-04-19 01:21:49 GMT 9 Port 0/48 reenabled by VLACP I 2007-04-19 01:23:05 GMT 10 SNTP: First synchronization successful. I 2007-04-19 01:23:18 GMT 11 Warm Start Trap I 2007-04-19 01:23:19 GMT 12 Link Up Trap Port: 1 I 2007-04-19 01:23:20 GMT 13 Trap: pethPsePortOnOffNotification I 2007-04-19 01:23:20 GMT 14 Trap: bsAdacPortConfigNotification for Port: 47, Config: Applied
Q. How can I check the state of a port?
A. show interfaces
ERS-5520# show interfaces 47,48 Status Auto Flow Port Trunk Admin Oper Link LinkTrap Negotiation Speed Duplex Control ---- ----- ------- ---- ---- -------- ----------- -------- ------ ------- 47 1 Enable Up Up Enabled Enabled 1000Mbps Full Asymm 48 1 Enable Up Up Enabled Enabled 1000Mbps Full Asymm
Q. How can I check the VLACP state of a port?
A. show vlacp interface
ERS-5520# show vlacp interface 47,48 =============================================================================== VLACP Information =============================================================================== PORT ADMIN OPER HAVE FAST SLOW TIMEOUT TIMEOUT ETH MAC ENABLED ENABLED PARTNER TIME TIME TYPE SCALE TYPE ADDRESS ------------------------------------------------------------------------------- 0/47 true true yes 500 30000 short 3 8103 01:80:c2:00:11:00 0/48 true true yes 500 30000 short 3 8103 01:80:c2:00:11:00
Q. How can I check what FDB entries have been learned on a specific port?
A. show mac-address-table port
ERS-5520# show mac-address-table port 47 Mac Address Table Aging Time: 300 Number of addresses: 9 MAC Address Source MAC Address Source ----------------- -------- ----------------- -------- 00-00-5E-00-01-01 Trunk: 1 00-15-40-45-68-00 Trunk: 1 00-17-D1-57-30-00 Trunk: 1 00-17-D1-57-30-10 Trunk: 1 00-17-D1-57-32-03 Trunk: 1 00-18-B0-CC-F0-00 Trunk: 1 00-18-B0-CC-F0-10 Trunk: 1 00-18-B0-CC-F2-01 Trunk: 1 00-1B-25-4C-74-00 Trunk: 1
Q. How can I check the FDB table for a specific MAC address?
A. show mac-address-table address
ERS-5520# show mac-address-table address 00:18:b0:cc:f0:10 Mac Address Table Aging Time: 300 Number of addresses: 1 MAC Address Source MAC Address Source ----------------- -------- ----------------- -------- 00-18-B0-CC-F0-10 Trunk: 1
Q. How can I check to see if ADAC has been configured/enabled?
A. show adac
ERS-5520# show adac ADAC Global Configuration --------------------------------------- ADAC: Enabled Operating Mode: Tagged Frames Traps Control Status: Enabled Voice-VLAN ID: 12 Call Server Port: None Uplink Port: 48
Q. How can I check to see if ADAC has been applied to a specific port?
A. show adac interface
ERS-5520# show adac interface 20 Port Auto-Detection Auto-Configuration ---- -------------- ------------------ 20 Enabled Applied
Q. How can I check to see the LLDP information with a specific port?
A. show lldp port neighbor detail
ERS-5520# show lldp port 20 neighbor detail ------------------------------------------------------------------------------- lldp neighbor ------------------------------------------------------------------------------- Port: 20 Index: 5 Time: 8 days, 13:47:49 ChassisId: Network address ipV4 192.168.100.101 PortId: MAC address 00:17:65:ff:e0:fc SysCap: TB / TB (Supported/Enabled) PortDesc: Nortel IP Phone SysDescr: Nortel IP Telephone 2002, Firmware:0604DAS PVID: 0 PPVID Supported: not supported(0) VLAN Name List: none PPVID Enabled: none Dot3-MAC/PHY Auto-neg: supported/enabled OperMAUtype: 100BaseTXFD PSE MDI power: not supported/disabled Port class: PD PSE power pair: signal/not controllable Power class: 2 LinkAggr: not aggregatable/not aggregated AggrPortID: 0 MaxFrameSize: 1522 PMD auto-neg: 10Base(T, TFD), 100Base(TX, TXFD) MED-Capabilities: CNLDI / CNDI (Supported/Current) MED-Device type: Endpoint Class 3 MED-Application Type: Voice VLAN ID: 12 L2 Priority: 6 DSCP Value: 46 Tagged Vlan, Policy defined Med-Power Type: PD Device Power Source: Unknown Power Priority: High Power Value: 5.4 Watt HWRev: FWRev: 0604DAS SWRev: SerialNumber: ManufName: Nortel-01 ModelName: IP Phone 2002 AssetID: ------------------------------------------------------------------------------- Port: 20 Index: 6 Time: 8 days, 13:48:20 ChassisId: Network address ipV4 10.119.241.50 PortId: MAC address 00:17:65:ff:e0:fc SysCap: TB / TB (Supported/Enabled) PortDesc: Nortel IP Phone SysDescr: Nortel IP Telephone 2002, Firmware:0604DAS PVID: 0 PPVID Supported: not supported(0) VLAN Name List: 12 PPVID Enabled: none Dot3-MAC/PHY Auto-neg: supported/enabled OperMAUtype: 100BaseTXFD PSE MDI power: not supported/disabled Port class: PD PSE power pair: signal/not controllable Power class: 2 LinkAggr: not aggregatable/not aggregated AggrPortID: 0 MaxFrameSize: 1522 PMD auto-neg: 10Base(T, TFD), 100Base(TX, TXFD) MED-Capabilities: CNLDI / CNDI (Supported/Current) MED-Device type: Endpoint Class 3 MED-Application Type: Voice VLAN ID: 12 L2 Priority: 6 DSCP Value: 46 Tagged Vlan, Policy defined Med-Power Type: PD Device Power Source: Unknown Power Priority: High Power Value: 5.4 Watt HWRev: FWRev: 0604DAS SWRev: SerialNumber: ManufName: Nortel-01 ModelName: IP Phone 2002 AssetID: ------------------------------------------------------------------------------- Sys capability: O-Other; R-Repeater; B-Bridge; W-WLAN accesspoint; r-Router; T-Telephone; D-DOCSIS cable device; S-Station only. Med Capabilities-C: N-Network Policy; L-Location Identification; I-Inventory; S-Extended Power via MDI - PSE; D-Extended Power via MDI - PD.
Those are some of the commands that you might have to execute if you needed to perform troubleshooting between an ERS5520 and a i2002/i2004 phone.
Your DHCP server logs will be your friend during your troubleshooting. If you don’t see the phone making a DHCP request (or a request in the proper VLAN) then you should check that ADAC was applied to the switch port. ADAC is the component that will automatically add the switch port (the switch port the phone is connected to) into the Voice VLAN. If ADAC is not applied (or enabled) on the port then you’ll be able to see that the switch port in question is only a member of the Data VLAN. You need to remember that ADAC works on MAC address ranges. You need to check that the MAC address of your phone is in the ADAC MAC address table.
5520-48T-PWR# show adac mac-range-table Lowest MAC Address Highest MAC Address ------------------------ ------------------------- 00-0A-E4-01-10-20 00-0A-E4-01-23-A7 00-0A-E4-01-70-EC 00-0A-E4-01-84-73 00-0A-E4-01-A1-C8 00-0A-E4-01-AD-7F 00-0A-E4-01-DA-4E 00-0A-E4-01-ED-D5 00-0A-E4-02-1E-D4 00-0A-E4-02-32-5B 00-0A-E4-02-5D-22 00-0A-E4-02-70-A9 00-0A-E4-02-D8-AE 00-0A-E4-02-FF-BD 00-0A-E4-03-87-E4 00-0A-E4-03-89-0F 00-0A-E4-03-90-E0 00-0A-E4-03-B7-EF 00-0A-E4-04-1A-56 00-0A-E4-04-41-65 00-0A-E4-04-80-E8 00-0A-E4-04-A7-F7 00-0A-E4-04-D2-FC 00-0A-E4-05-48-2B 00-0A-E4-05-B7-DF 00-0A-E4-06-05-FE 00-0A-E4-06-55-EC 00-0A-E4-07-19-3B 00-0A-E4-08-0A-02 00-0A-E4-08-7F-31 00-0A-E4-08-B2-89 00-0A-E4-09-75-D8 00-0A-E4-09-BB-9D 00-0A-E4-09-CF-24 00-0A-E4-09-FC-2B 00-0A-E4-0A-71-5A 00-0A-E4-0A-9D-DA 00-0A-E4-0B-61-29 00-0A-E4-0B-BB-FC 00-0A-E4-0B-BC-0F 00-0A-E4-0B-D9-BE 00-0A-E4-0C-9D-0D Total Ranges: 21
If the MAC address of your i2002/i2004 phone does not match any of the MAC address ranges in the switch you’ll need to add a range to include those MAC addresses. If the MAC address of your i2002 phone was 00:18:b0:11:22:33 you could use the following commands;
5520-48T-PWR> enable 5520-48T-PWR# config terminal 5520-48T-PWR (config)# adac mac-range-table low-end 00:18:b0:00:00:00 high-end 00:18:b0:ff:ff:ff
You might think you could configure a port mirror and run a quick packet capture to understand what’s going on… unfortunately you cannot configure any port with port mirroring that has ADAC enabled.
Thats all for now.
The last step is the DHCP server so stay tuned.
Nortel ERS 5520 PwR Switch
Oct 23rd
I’ve added a command to disable the User Interface Button (UI Button) “no ui-button enable”.
Update: February 7, 2009
It was time to update this article with some additional information and settings that I’m now using in all my switch deployments. The big change is the updated ADAC MAC address table. Please also note the VLACP time-out scale change and I’ve updated the year field for the Daylight Saving Time change.
Update: August 13, 2008
This was one of the first articles I wrote back in October 2007 and it is by far the most popular article out of all 110 articles that I currently have published. With that said I decided to come back and spruce up this post with some additional “tweaks” that I’ve added over the past 10 months. I’m also going to attack a link to a text file so folks can just download the file of commands, tweak the specific individual settings such as IP address and VLAN information, and then cut and paste into the CLI interface of the Nortel Ethernet Routing Switch 5520. It will hopefully save folks from having to cut and paste each section.
Note: just a quick warning about cutting and pasting into the CLI interface, I’ve often found that the buffer will overflow if I try to paste an entire configuration at once. I usually need to break it into at least two or three sections and cut and paste those section one at a time.
In this post I’ll try to outline how you can configure the Nortel Ethernet Routing Switch 5520 in a VoIP environment using Nortel i2002/i2004 Internet Telephones (this procedure will also work the same with the i2007/1120E/
1140E phones).
You’ll obviously need a ERS 5520 switch and you’ll need SW 5.0.6.22 or later and FW 5.0.0.3 or later (there are known issues with earlier software versions that create inconsistent results using LLDP with the i2002/i2004 phones). I would strongly advise that you start with a default configuration. From the CLI issue the following commands to reset the switch to factory defaults;
5520-48T-PWR> enable 5520-48T-PWR# boot default
The switch should reboot with a default configuration. Let’s proceed with the configuration;
5520-48T-PWR> enable 5520-48T-PWR# configure terminal
Let’s set the local read-only and read-write passwords;
5520-48T-PWR (config)#cli password read-only readpass 5520-48T-PWR (config)#cli password read-write writepass 5520-48T-PWR (config)#cli password serial local 5520-48T-PWR (config)#cli password telnet local
Let’s disable the user interface button (UI button);
5520-48T-PWR (config)# no ui-button enable
Enable AUTOPVID;
5520-48T-PWR (config)# vlan configcontrol autopvid
We’ll be up linking this switch using a MultiLink trunk on ports 47 and 48 so we’ll enable tagging on the fiber uplinks;
5520-48T-PWR (config)# vlan ports 47,48 tagging enable
Let’s create the data VLAN (VID 100) and management VLAN (VID 200) on the switch;
5520-48T-PWR (config)# vlan members remove 1 ALL 5520-48T-PWR (config)# vlan create 200 name "10-1-200-0/24" type port 5520-48T-PWR (config)# vlan members add 200 47,48 5520-48T-PWR (config)# vlan create 100 name "10-1-100-0/24" type port 5520-48T-PWR (config)# vlan members add 100 1-48 5520-48T-PWR (config)# vlan port 1-46 pvid 100 5520-48T-PWR (config)# vlan port 47,48 pvid 200
Let’s make VLAN 200 the management VLAN and assign the IP address;
5520-48T-PWR (config)# vlan mgmt 200 5520-48T-PWR (config)# ip address switch 10.1.200.10 netmask 255.255.255.0 default-gateway 10.1.200.1
Let’s setup Simple Network Management Protocol (SNMP);
5520-48T-PWR (config)# snmp-server authentication-trap disable 5520-48T-PWR (config)# snmp-server community ro 5520-48T-PWR (config)# snmp-server community rw 5520-48T-PWR (config)# snmp-server host
Let’s configure the logging so it will overwrite the oldest events;
5520-48T-PWR (config)# logging volatile overwrite 5520-48T-PWR (config)# logging enable
Let’s setup Simple Network Time Protocol (SNTP);
5520-48T-PWR (config)# sntp server primary address 5520-48T-PWR (config)# sntp server secondary address 5520-48T-PWR (config)# sntp enable
Depending on the version of switch software your running you may be able to configure Daylight Saving Time;
5520-48T-PWR (config)#clock time-zone EST -5 5520-48T-PWR (config)#clock summer-time EDT date 9 Mar 2009 2:00 2 Nov 2009 2:00 +60
Let’s setup the MultiLink trunk that will connect the switch back to the backbone;
5520-48T-PWR (config)# mlt 1 disable 5520-48T-PWR (config)# mlt 1 name "MLT-8600" 5520-48T-PWR (config)# mlt 1 learning disable 5520-48T-PWR (config)# mlt 1 member 47,48 5520-48T-PWR (config)# mlt 1 enable
Let’s setup ADAC (Automatic Detection and Automatic Configuration) for our i2002/i2004 phones. We’ll using VLAN 50 as our voice VLAN and we’ll use port 48 as our uplink (the switch will add 47 automatically because of the MLT configuration). There is a new command to clear the ADAC MAC address table that may be missing from earlier versions, “no adac mac-range-table”. I’ve also updated the list of entries that I use.
5520-48T-PWR (config)# adac voice-vlan 50 5520-48T-PWR (config)# adac op-mode tagged-frames 5520-48T-PWR (config)# adac uplink-port 48 5520-48T-PWR (config)# no adac mac-range-table 5520-48T-PWR (config)# adac mac-range-table low-end 00:0a:e4:75:00:00 high-end 00:0a:e4:75:ff:ff 5520-48T-PWR (config)# adac mac-range-table low-end 00:13:65:00:00:00 high-end 00:13:65:ff:ff:ff 5520-48T-PWR (config)# adac mac-range-table low-end 00:14:c2:00:00:00 high-end 00:14:c2:ff:ff:ff 5520-48T-PWR (config)# adac mac-range-table low-end 00:16:ca:00:00:00 high-end 00:16:ca:ff:ff:ff 5520-48T-PWR (config)# adac mac-range-table low-end 00:17:65:00:00:00 high-end 00:17:65:ff:ff:ff 5520-48T-PWR (config)# adac mac-range-table low-end 00:18:b0:00:00:00 high-end 00:18:b0:ff:ff:ff 5520-48T-PWR (config)# adac mac-range-table low-end 00:19:69:00:00:00 high-end 00:19:69:ff:ff:ff 5520-48T-PWR (config)# adac mac-range-table low-end 00:19:e1:00:00:00 high-end 00:19:e1:ff:ff:ff 5520-48T-PWR (config)# adac mac-range-table low-end 00:1b:ba:00:00:00 high-end 00:1b:ba:ff:ff:ff 5520-48T-PWR (config)# adac mac-range-table low-end 00:1e:ca:00:00:00 high-end 00:1e:ca:ff:ff:ff 5520-48T-PWR (config)# adac mac-range-table low-end 00:22:67:00:00:00 high-end 00:22:67:ff:ff:ff 5520-48T-PWR (config)# adac enable
We need to strip the 802.1q tag from any packets in the PVID VLAN from going to the phone. In this design we’re expecting to connect IP phones to ports 1 – 46.
5520-48T-PWR (config)# vlan port 1-46 tagging untagpvidOnly
Let’s configure LLDP for the ports we expect to connect IP phones (1 – 46);
5520-48T-PWR (config)# interface fastEthernet 1-46
5520-48T-PWR (config-if)# vlan ports 1-46 filter-unregistered-frames disable
5520-48T-PWR (config-if)# lldp tx-tlv port-desc sys-cap sys-desc sys-name
5520-48T-PWR (config-if)# lldp status txAndRx config-notification
5520-48T-PWR (config-if)# lldp tx-tlv med extendedPSE med-capabilities network-policy
5520-48T-PWR (config-if)# poe poe-priority high
5520-48T-PWR (config-if)# spanning-tree learning fast
5520-48T-PWR (config-if)# adac enable
5520-48T-PWR (config-if)# exit
The option in RED above was added after an issue was discovered when trying to upgrade the firmware on the IP phones. The filter-unregistered-frames is enabled by default and should be disabled to avoid and issues with upgrading the firmware on the IP phones. We are attempting to investigate further with Nortel and our voice vendor Shared Technologies.
Let’s disable the two remaining ports that share the GBIC interfaces incase we need those in the future;
5520-48T-PWR (config)# interface fastEthernet 45-46 5520-48T-PWR (config-if)# shutdown 5520-48T-PWR (config-if)# exit
Let’s setup a QoS interface group to trust all traffic that will ingress on the fiber uplinks. By default the ERS 5520 switch will strip all QoS tags on all ports. Thankfully ADAC will take care of the QoS settings for all VoIP traffic.
5520-48T-PWR (config)# qos if-group name allUpLinks class trusted 5520-48T-PWR (config)# interface fastEthernet 47,48 5520-48T-PWR (config)# qos if-assign port 47,48 name allUpLinks 5520-48T-PWR (config)# exit
Let’s set the SNMP information;
5520-48T-PWR (config)# snmp-server name "sw-icr1-1east.sub.domain.org" 5520-48T-PWR (config)# snmp-server location "Acme Internet Phone Company (ICR1)" 5520-48T-PWR (config)# snmp-server contact "Network Infrastructure Team"
Let’s enable rate limiting for all broadcast and multicast traffic to 10% of the link;
5520-48T-PWR (config)# interface fastEthernet ALL 5520-48T-PWR (config-if)# rate-limit both 5 5520-48T-PWR (config-if)# exit
Let’s setup VLACP (Virtual Link Aggregation Protocol) on the uplinks to the core;
5520-48T-PWR (config)# interface fastEthernet 47,48 5520-48T-PWR (config-if)# vlacp port 47,48 timeout short 5520-48T-PWR (config-if)# vlacp port 47,48 timeout-scale 5 5520-48T-PWR (config-if)# vlacp port 47,48 enable 5520-48T-PWR (config-if)# exit 5520-48T-PWR (config)# vlacp enable
That’s it your done! Well hopefully your done.
In my next post I’ll tell you what DHCP options you’ll need to configure on your DHCP server in order for the phones to boot properly and connect to the Nortel Call Server.
Cheers!
Loading ...
RECENT COMMENTS