Michael McNamara

Juniper EX4400 Switch – LLDP missing

Michael McNamara — Thu, 19 Oct 2023 00:54:49 +0000

I recently stumbled into an interesting issue with the latest recommended release for the Juniper EX4400 switch running software release 22.2R3-S2.8. The LLDP table was missing the entries for the neighboring Juniper EX4650 switch that it was uplinked to.

Long story short it turns out that this is a known issue.

You need to add the following configuration statement to your adjacent switch, not the EX4400 itself but the switch on the “other” side of the connection

set protocols lldp tlv-filter cloud-connect-event

With that statement in the EX4650, the EX4400 would display the appropriate neighboring links in it’s LLDP table.

Cheers!

802.1Q VLAN Tagging on an Ethernet Routing Switch

Michael McNamara — Fri, 28 Jan 2011 01:41:05 +0000

In my previous post I laid out the basics of how to configure multiple VLANs and enable IP routing on a stackable Avaya Ethernet Routing Switch. In this post I’m going to expand that topic to include trunking (802.1q) those VLANs to a second Ethernet Routing Switch. In this example I’ll add an Ethernet Routing Switch 4548 to the Ethernet Routing Switch 5520 that I had previously configured and deployed. We’ll create a Multi-Link Trunk between the two switches to bridge multiple VLANs across the 802.1q compliant link. Here’s a diagram of what the network should look like when we’re done;

In order to test I’ll move two of the IP phones to the Ethernet Routing Switch 4548 and I’ll use an old laptop to help verify the bridging.

Ethernet Routing Switch 4548

Let’s start with the Ethernet Routing Switch 4548GT-PWR and add the necessary configuration there first;

enable
config t

We start by creating VLAN 100 and VLAN 200 on the Ethernet Routing Switch 4548;

vlan create 100 name "192-168-100-0/24" type port
vlan members remove 1 25,27,29,31,33,35
vlan members add 100 25,27,29,31,33,35
vlan port 25,27,29,31,33,35 pvid 100

vlan create 200 name "192-168-200-0/24" type port
vlan members remove 1 26,28,30,32,34,36
vlan members add 200 26,28,30,32,34,36
vlan port 26,28,30,32,34,36 pvid 200

I’m not going to create a Layer 3 IP interfaces on these VLANs since the Ethernet Routing Switch 5520 is already routing for us. We just want to bridge the frames between the two switches not route them (not in this post anyway). Now let’s configure the ports that will make up the Mulit-Link Trunk;

vlan port 47,48 tagging TagAll
vlan members add 1 47,48
vlan members add 100 47,48
vlan members add 200 47,48
vlan port 47,48 pvid 1

mlt 1 disable
mlt 1 name "MLT_to_ERS5520"
mlt 1 learning disable
mlt 1 member 47,48
mlt 1 enable

That’s pretty much it. We enabled tagging on the uplink/downlink ports, added the necessary VLANs to the ports and then created and enabled a MLT.

Ethernet Routing Switch 4548 – Show Configuration

That should be the configuration for the Ethernet Routing Switch 4548… let’s just have a quick look at the VLANs;

4548GT-PWR(config)#show vlan
Id  Name                 Type     Protocol         User PID Active IVL/SVL Mgmt
--- -------------------- -------- ---------------- -------- ------ ------- ----
1   VLAN #1              Port     None             0x0000   Yes    IVL     Yes
        Port Members: 1-24,47-48
2   VLAN #2              Port     None             0x0000   Yes    IVL     No
        Port Members: 37-46
100 192-168-100-0/24     Port     None             0x0000   Yes    IVL     No
        Port Members: 25,27,29,31,33,35,47-48
200 192-168-200-0/24     Port     None             0x0000   Yes    IVL     No
        Port Members: 26,28,30,32,34,36,47-48
Total VLANs: 4

Let’s just check the Multi-Link Trunk configuration… if that’s wrong we could end up with a loop in the network;

4548GT-PWR(config)#show mlt 1
Id Name                 Members                Bpdu   Mode           Status
-- -------------------- ---------------------- ------ -------------- -------
1  MLT_to_ERS5520       47-48                  All    Basic          Enabled

You can see from the commands above that the ports are configured with the appropriate VLANs and the MLT is enabled.

Ethernet Routing Switch 5520

Let’s add the necessary configuration to the Ethernet Routing Switch 5520-PWR. I’m not going to repeat all the commands I performed in the yesterday’s post, instead I’ll just build upon the previous configuration adding what we need for the 802.1q trunking and the Multi-Link Trunking;

enable
config t

vlan port 47,48 tagging TagAll
vlan members add 1 47,48
vlan members add 100 47,48
vlan members add 200 47,48
vlan port 47,48 pvid 1

mlt 1 disable
mlt 1 name "MLT_to_ERS4548"
mlt 1 learning disable
mlt 1 member 47,48
mlt 1 enable

Ethernet Routing Switch 5520 – Show Configuration

That should be the configuration for the Ethernet Routing Switch 5520… let’s just have a quick look at the VLANs;

5520-48T-PWR#show vlan
Id  Name                 Type     Protocol         PID      Active IVL/SVL Mgmt
--- -------------------- -------- ---------------- -------- ------ ------- ----
1   test                 Port     None             0x0000   Yes    IVL     Yes
        Port Members: 1-12,37-48
100 192-168-100-0/24     Port     None             0x0000   Yes    IVL     No
        Port Members: 13-24,47-48
101 10-101-20-0/24       Port     None             0x0000   Yes    IVL     No
        Port Members: 25-36
200 192-168-200-0/24     Port     None             0x0000   Yes    IVL     No
        Port Members: 47-48
Total VLANs: 4

Let’s just check the Multi-Link Trunk configuration… if that’s wrong we could end up with a loop in the network;

5520-48T-PWR#show mlt 1
Id Name             Members                Bpdu   Mode           Status  Type
-- ---------------- ---------------------- ------ -------------- ------- ------
1  MLT_to_ERS4548   47-48                  All    Basic          Enabled Trunk

Since all stackable Avaya Ethernet Routing Switches support Auto-MDIX I can just use two regular CAT5e patch cables to connect the switches together. If the switches didn’t support Auto-MDIX I would need to use two crossover cables between them.

Ethernet Routing Switch 4548 – Operational Status

With link up on ports 47 and 48 I can check the following information. The topology table will show me the physical connections between the two switches. The MAC/FDB table will show me that there are multiple MAC/FDB entries in VLANs 100 and 200 being learned across “Trunk 1”. The LLDP table will show me the Avaya IP phones that I’ve connected to ports 25 and 26.

4548GT-PWR#show autotopology nmm-table
LSlot                                                                     RSlot
LPort IP Addr          Seg ID  MAC Addr     Chassis Type     BT LS   CS   RPort
----- --------------- -------- ------------ ---------------- -- --- ----  -----
0/ 0 192.168.1.25    0x000000 001E7E7C2C01 4548GT-PWR       12 Yes HTBT    NA
1/47 192.168.1.50    0x000130 001F0ACEBC01 5520-48T-PWR     12 Yes HTBT   1/48
1/48 192.168.1.50    0x00012f 001F0ACEBC01 5520-48T-PWR     12 Yes HTBT   1/47

4548GT-PWR#show mac-address-table
Mac Address Table Aging Time: 300
Number of addresses: 20

   MAC Address    Vid  Source         MAC Address    Vid  Source
----------------- ---- -------     ----------------- ---- -------
00-02-B3-CB-77-A2    1 Port:19     00-04-61-9E-46-7E    1 Port:21
00-0C-29-64-33-F9    1 Port:19     00-0C-29-A5-CB-54    1 Port:19
00-18-01-EA-F4-45    1 Port: 1     00-1C-11-6B-DC-6B    1 Port: 1
00-1C-11-6D-15-27    1 Port: 1     00-1C-11-6D-15-DC    1 Port: 1
00-1E-7E-7C-2C-00    1             00-1E-7E-7C-2C-40    1
00-1F-0A-CE-BC-40    1 Trunk:1     00-1F-D0-D0-BE-2D    1 Port:17
00-23-EE-96-AA-21    1 Port: 1     00-24-B5-F6-94-02    1 Trunk:1
00-0A-E4-76-9C-C8    2 Port:45     00-1F-0A-CE-BC-01    2 Trunk:1
00-24-DC-DF-0D-08    2 Port:43     00-A0-F8-5E-CE-BC    2 Port:39
00-1F-0A-CE-BC-41  100 Trunk:1     00-24-7F-99-84-70  100 Port:25
00-24-7F-99-84-E9  100 Trunk:1     00-1E-CA-F3-1D-B4  200 Port:26

4548GT-PWR#show lldp neighbor
-------------------------------------------------------------------------------
                            lldp neighbor
-------------------------------------------------------------------------------
Port: 26    Index: 4                  Time: 13 days, 22:42:31
        ChassisId: Network address    IPv4  192.168.200.5
        PortId:    MAC address        00:1e:ca:f3:1d:b4
        SysCap:    TB / TB            (Supported/Enabled)
        PortDesc:  Avaya IP Phone
        SysDescr:  Avaya IP Telephone 1120E, Firmware:SIP1120e04.00.04.00

-------------------------------------------------------------------------------
Port: 25    Index: 6                  Time: 13 days, 22:43:48
        ChassisId: Network address    IPv4  192.168.100.98
        PortId:    MAC address        00:24:7f:99:84:70
        SysCap:    TB / TB            (Supported/Enabled)
        PortDesc:  Avaya IP Phone
        SysDescr:  Avaya IP Telephone 1220, Firmware:SIP12x004.00.04.00

-------------------------------------------------------------------------------
Sys capability: O-Other; R-Repeater; B-Bridge; W-WLAN accesspoint; r-Router;
T-Telephone; D-DOCSIS cable device; S-Station only.
Total neighbors: 2

Ethernet Routing Switch 5520 – Operational Status

I can check all the same information on the ERS5520.. The topology table will show me the physical connections between the two switches. The MAC/FDB table will show me that there are multiple MAC/FDB entries in VLANs 100 and 200 being learned across “Trunk 1”. The LLDP table will show me the Avaya IP phones that I’ve connected to ports 13 and 25.

5520-48T-PWR#show autotopology nmm-table
LSlot                                                                     RSlot
LPort IP Addr          Seg ID  MAC Addr     Chassis Type     BT LS   CS   RPort
----- --------------- -------- ------------ ---------------- -- --- ----  -----
 0/ 0 192.168.1.50    0x000000 001F0ACEBC01 5520-48T-PWR     12 Yes TPCH    NA
 1/47 192.168.1.25    0x00012f 001E7E7C2C01 4548GT-PWR       12 Yes TPCH   1/47
 1/48 192.168.1.25    0x000130 001E7E7C2C01 4548GT-PWR       12 Yes TPCH   1/48

5520-48T-PWR#show mac-address-table
Mac Address Table Aging Time: 300
Number of addresses: 16

   MAC Address    Vid  Source         MAC Address    Vid  Source
----------------- ---- -------     ----------------- ---- -------
00-02-B3-CB-77-A2    1 Trunk:1     00-04-61-9E-46-7E    1 Trunk:1
00-0C-29-64-33-F9    1 Trunk:1     00-0C-29-A5-CB-54    1 Trunk:1
00-18-01-EA-F4-45    1 Trunk:1     00-1C-11-6B-DC-6B    1 Trunk:1
00-1C-11-6D-15-27    1 Trunk:1     00-1C-11-6D-15-DC    1 Trunk:1
00-1E-7E-7C-2C-01    1 Trunk:1     00-1E-7E-7C-2C-40    1 Trunk:1
00-1F-0A-CE-BC-00    1             00-1F-0A-CE-BC-40    1
00-1F-D0-D0-BE-2D    1 Trunk:1     00-23-EE-96-AA-21    1 Trunk:1
00-24-B5-F6-94-02    1 Port: 9     00-1F-0A-CE-BC-41  100
00-24-7F-99-84-70  100 Trunk:1     00-24-7F-99-84-E9  100 Port:15
00-1E-CA-F3-1D-B4  200 Trunk:1

5520-48T-PWR#show lldp neighbor
-------------------------------------------------------------------------------
                            lldp neighbor
-------------------------------------------------------------------------------
Port: 13     Index: 5                  Time: 0 days, 00:02:00
        ChassisId: Network address    IPv4  192.168.100.4
        PortId:    MAC address        00:24:b5:f6:94:02
        SysCap:    TB / TB            (Supported/Enabled)
        PortDesc:  Avaya IP Phone
        SysDescr:  Avaya IP Telephone 1165E, Firmware:SIP1165e04.00.04.00

-------------------------------------------------------------------------------
Port: 25    Index: 6                  Time: 0 days, 00:02:19
        ChassisId: Network address    IPv4  192.168.200.99
        PortId:    MAC address        00:24:7f:99:84:e9
        SysCap:    TB / TB            (Supported/Enabled)
        PortDesc:  Avaya IP Phone
        SysDescr:  Avaya IP Telephone 1220, Firmware:SIP12x004.00.04.00

-------------------------------------------------------------------------------
Sys capability: O-Other; R-Repeater; B-Bridge; W-WLAN accesspoint; r-Router;
T-Telephone; D-DOCSIS cable device; S-Station only.
Total neighbors: 2

Would you be interested in seeing a screencast of this whole process?

Let me know if you have any questions or would like to point out corrections!

Cheers!

LLDP with Cisco 3750

Michael McNamara — Fri, 16 Jan 2009 20:00:02 +0000

Nortel has released a Technical Configuration Guide designed to assist technical users configuring Nortel IP Phones connected to Cisco switches. The document makes specific references to the Cisco 3750 switch but the commands will apply to any Cisco switch that supports that specific feature.

I applaud Nortel for for making these Technical Configuration Guides available to users. It helps to broaden Nortel’s product reach and it empowers Nortel users to understand the different configuration options. I’d like to see Nortel get these documents indexed by Google or even there own internal Knowledgebase search engine.

In short you can use LLDP (802.1ab) on a Cisco 3750 to configure the Voice VLAN much the same way as you might on a Nortel ERS5520 switch using ADAC/LLDP. For those Cisco shops that are using Nortel Succession for voice this should be a welcome capability.

As in the past I’m going to post the document on my website;

http://www.michaelfmcnamara.com/files/ClientsInteropCisco_L2_1.1.pdf

As I’ve commented in the past it’s quite possible that Nortel may object to my “copying” of these documents. The goal is to make them readily available to Nortel users and allow them to be indexed by Google. I believe there are now quite a few Nortel corporate folks and engineers reading this blog, please contact me if you have concerns about me posting these documents.

Cheers!

ERS 5520 Switch v5.1 Software

Michael McNamara — Tue, 20 Nov 2007 23:26:00 +0000

Nortel has just recently released v5.1 software for their Ethernet Routing Switch (ERS) 5500 Series.

There are some enhancements that affect how ADAC/LLDP function on the ERS 5520 switch. From the release notes;

IEEE 802.1ab and ADAC linkage
Nortel introduced the 802.1ab and Auto Detection Auto Configuration(ADAC) features to Release 5.0 to address converged applications. In Release 5.1, the functionality of 802.1ab and ADAC is combined: ADAC uses 802.1ab/LLDP as the detection mechanism to determine the identity of the attached device (that is, a Nortel IP phone that supports 802.1ab Media Endpoint Devices type, length, and value descriptions [MED TLV]). The Auto Configuration functionality of ADAC applies the configuration to the port.
Configurable using NNCLI, ACG, and Device Manager.

It looks like it will no longer be necessary to maintain the list of MAC prefixes for all Nortel Internet Telephones. If you recall from some of my previous posts I needed to manually update the list of MAC prefixes used by my ERS 5520 switches in order to get many of my i2002/i2004 Internet Telephones to be detected properly. The default list of MAC prefixes usually didn’t cover all the i2002/i2004/i2007/1140e Internet Telephones I had installed throughout my organization. In previous articles we enabled ADAC like so;

5520-48T-PWR (config)# adac voice-vlan 50
5520-48T-PWR (config)# adac op-mode tagged-frames
5520-48T-PWR (config)# adac uplink-port 48
5520-48T-PWR (config)# adac mac-range-table low-end 00:18:b0:00:00:00 high-end 00:18:b0:ff:ff:ff
5520-48T-PWR (config)# adac mac-range-table low-end 00:16:ca:00:00:00 high-end 00:16:ca:ff:ff:ff
5520-48T-PWR (config)# adac mac-range-table low-end 00:17:65:00:00:00 high-end 00:17:65:ff:ff:ff
5520-48T-PWR (config)# adac mac-range-table low-end 00:0a:e4:75:00:00 high-end 00:0a:e4:75:ff:ff
5520-48T-PWR (config)# adac mac-range-table low-end 00:14:c2:00:00:00 high-end 00:14:c2:ff:ff:ff
5520-48T-PWR (config)# adac mac-range-table low-end 00:19:69:00:00:00 high-end 00:19:69:ff:ff:ff
5520-48T-PWR (config)# adac mac-range-table low-end 00:19:e1:00:00:00 high-end 00:19:e1:ff:ff:ff
520-48T-PWR (config)# adac enable

I haven’t actually tested this myself yet but supposedly if LLDP detects an Internet Telephone it will pass that information to ADAC without the need of evaluating the device’s MAC address.

The 5.1 release also now supports the 1000Base-BX SFP;

BX SFP support
Many customers have high density gigabit requirements, but lack the fiber density to deploy. BX SFPs helps alleviate this issue by allowing a single strand of fiber to facilitate communication.
Nortel introduces support for 1000BaseBX10 module with release 5.1. The modules are single fiber, bidirectional SFP transceivers. Two types of modules are available:
• 1310nm (BX10-U) transceiver
• 1490nm (BX10-D) transceiver
The 1000BaseBX10-D device is always connected to a 1000BaseBX10-U device with a single strand of standard single-mode fiber. The operating transmission range is up to 10 km. The fiber uses a GBIC LC connector on each end.
If the 1000BaseBX10-U is not connected to the 1000BaseBX10-D device, the signals are not received properly and the Link LED does not illuminate. You can configure BX SFP Support through the NNCLI, ACG, or Device Manager.

The 1000BASE-BX bidirectional SFPs provide Gigabit Ethernet connectivity over a single fiber.

As shown in the figure, the transmit (Tx) and receive (Rx) paths share the same fiber by using two different wavelengths. One model transmits at 1310 nm and receives at 1490 nm, while the mating model transmits at 1490 nm and receives at 1310 nm. You can only connect a mating pair.

You can use 1000BASE-BX SFPs to double the number of your fiber links. For example, if you have 20 installed fiber pairs with 20 conventional ports connected, you can use 1000BASE-BX SFPs to expand to 40 ports, using the same fiber.

The long wavelength optical transceivers used in these models provide variable distance ranges using single mode fiber optic cabling.

Cheers!

Nortel ERS 5520 PwR Switch (Part 2)

Michael McNamara — Wed, 24 Oct 2007 01:19:00 +0000

[ad name=”ad-articlebodysq”]In my previous post I outlined all the commands that you would need to configure a Nortel Ethernet Routing Switch 5520 to support deploying Nortel’s i2002/i2004 Internet Telephones using LLDP-MED in conjunction with ADAC (Automatic Detection and Automatic Configuration). If you followed the steps your probably well on your way to getting things work. Unfortunately things can sometimes go wrong even with the best documentation and understanding of the product.

In this post I’m going to outline some of the basic commands you can use to troubleshoot any issues you might have between the ERS5520 and the i2002/i2004 phones.

Q. How can I check the log file?
A. show logging

ERS-5520# show logging
Type Time                    Idx  Src Message
---- ----------------------- ---- --- -------
S    00:00:00:00             1    NVR SNTP: Could not sync to NTP servers.
S    2007-04-05 17:18:08 GMT 2    NVR SNTP: Could not sync to NTP servers.
S    2007-04-05 17:22:07 GMT 3    NVR Audit data initialized - incorrect magic number: 0xffffffff
I    2007-04-19 01:21:03 GMT 4        Web server starts service on port 80.
I    2007-04-19 01:21:19 GMT 5        IGMP: Unknown Multicast Filter disabled
I    2007-04-19 01:21:19 GMT 6        PoE Port Detection Status:  Port 1 Status: Delivering Power
I    2007-04-19 01:21:22 GMT 7        PoE Port Detection Status:  Port 35 Status: Delivering Power
I    2007-04-19 01:21:49 GMT 8        Port 0/47 reenabled by VLACP
I    2007-04-19 01:21:49 GMT 9        Port 0/48 reenabled by VLACP
I    2007-04-19 01:23:05 GMT 10       SNTP: First synchronization successful.
I    2007-04-19 01:23:18 GMT 11       Warm Start Trap
I    2007-04-19 01:23:19 GMT 12       Link Up Trap Port: 1
I    2007-04-19 01:23:20 GMT 13       Trap:  pethPsePortOnOffNotification
I    2007-04-19 01:23:20 GMT 14       Trap:  bsAdacPortConfigNotification for Port: 47, Config: Applied

Q. How can I check the state of a port?
A. show interfaces

ERS-5520# show interfaces 47,48
Status                     Auto                      Flow
Port Trunk Admin   Oper Link LinkTrap Negotiation Speed    Duplex Control
---- ----- ------- ---- ---- -------- ----------- -------- ------ -------
47   1     Enable  Up   Up   Enabled  Enabled     1000Mbps Full   Asymm
48   1     Enable  Up   Up   Enabled  Enabled     1000Mbps Full   Asymm

Q. How can I check the VLACP state of a port?
A. show vlacp interface

ERS-5520# show vlacp interface 47,48
===============================================================================
VLACP Information
===============================================================================
PORT ADMIN   OPER    HAVE    FAST  SLOW  TIMEOUT TIMEOUT ETH  MAC
ENABLED ENABLED PARTNER TIME  TIME  TYPE    SCALE   TYPE ADDRESS
-------------------------------------------------------------------------------
0/47  true    true    yes    500   30000 short   3       8103 01:80:c2:00:11:00
0/48  true    true    yes    500   30000 short   3       8103 01:80:c2:00:11:00

Q. How can I check what FDB entries have been learned on a specific port?
A. show mac-address-table port

ERS-5520# show mac-address-table port 47
Mac Address Table Aging Time: 300
Number of addresses: 9

MAC Address      Source          MAC Address      Source
-----------------  --------      -----------------  --------
00-00-5E-00-01-01  Trunk: 1      00-15-40-45-68-00  Trunk: 1
00-17-D1-57-30-00  Trunk: 1      00-17-D1-57-30-10  Trunk: 1
00-17-D1-57-32-03  Trunk: 1      00-18-B0-CC-F0-00  Trunk: 1
00-18-B0-CC-F0-10  Trunk: 1      00-18-B0-CC-F2-01  Trunk: 1
00-1B-25-4C-74-00  Trunk: 1

Q. How can I check the FDB table for a specific MAC address?
A. show mac-address-table address

ERS-5520# show mac-address-table address 00:18:b0:cc:f0:10
Mac Address Table Aging Time: 300
Number of addresses: 1

MAC Address      Source          MAC Address      Source
-----------------  --------      -----------------  --------
00-18-B0-CC-F0-10  Trunk: 1

Q. How can I check to see if ADAC has been configured/enabled?
A. show adac

ERS-5520# show adac
ADAC Global Configuration
---------------------------------------
ADAC:  Enabled
Operating Mode:  Tagged Frames
Traps Control Status:  Enabled
Voice-VLAN ID:  12
Call Server Port:  None
Uplink Port:  48

Q. How can I check to see if ADAC has been applied to a specific port?
A. show adac interface

ERS-5520# show adac interface 20
Port  Auto-Detection  Auto-Configuration
----  --------------  ------------------
20       Enabled            Applied

Q. How can I check to see the LLDP information with a specific port?
A. show lldp port neighbor detail

ERS-5520# show lldp port 20 neighbor detail
-------------------------------------------------------------------------------
 lldp neighbor
-------------------------------------------------------------------------------
 Port: 20    Index: 5                  Time: 8 days, 13:47:49
 ChassisId: Network address    ipV4  192.168.100.101
 PortId:    MAC address        00:17:65:ff:e0:fc
 SysCap:    TB / TB            (Supported/Enabled)
 PortDesc:  Nortel IP Phone
 SysDescr:  Nortel IP Telephone 2002, Firmware:0604DAS

 PVID: 0                              PPVID Supported: not supported(0)
 VLAN Name List: none                 PPVID Enabled: none

 Dot3-MAC/PHY Auto-neg: supported/enabled       OperMAUtype:  100BaseTXFD
 PSE MDI power:         not supported/disabled  Port class:   PD
 PSE power pair:        signal/not controllable Power class:  2
 LinkAggr: not aggregatable/not aggregated      AggrPortID:   0
 MaxFrameSize: 1522
 PMD auto-neg:          10Base(T, TFD), 100Base(TX, TXFD)

 MED-Capabilities: CNLDI / CNDI       (Supported/Current)
 MED-Device type:  Endpoint Class 3
 MED-Application Type: Voice                    VLAN ID: 12
 L2 Priority: 6         DSCP Value: 46          Tagged Vlan, Policy defined
 Med-Power Type: PD Device            Power Source: Unknown
 Power Priority: High                 Power Value:    5.4 Watt
 HWRev:                               FWRev: 0604DAS
 SWRev:                               SerialNumber:
 ManufName: Nortel-01                 ModelName: IP Phone 2002
 AssetID:
-------------------------------------------------------------------------------
Port: 20    Index: 6                  Time: 8 days, 13:48:20
 ChassisId: Network address    ipV4  10.119.241.50
 PortId:    MAC address        00:17:65:ff:e0:fc
 SysCap:    TB / TB            (Supported/Enabled)
 PortDesc:  Nortel IP Phone
 SysDescr:  Nortel IP Telephone 2002, Firmware:0604DAS

 PVID: 0                              PPVID Supported: not supported(0)
 VLAN Name List: 12                   PPVID Enabled: none

 Dot3-MAC/PHY Auto-neg: supported/enabled       OperMAUtype:  100BaseTXFD
 PSE MDI power:         not supported/disabled  Port class:   PD
 PSE power pair:        signal/not controllable Power class:  2
 LinkAggr: not aggregatable/not aggregated      AggrPortID:   0
 MaxFrameSize: 1522
 PMD auto-neg:          10Base(T, TFD), 100Base(TX, TXFD)

 MED-Capabilities: CNLDI / CNDI       (Supported/Current)
 MED-Device type:  Endpoint Class 3
 MED-Application Type: Voice                    VLAN ID: 12
 L2 Priority: 6         DSCP Value: 46          Tagged Vlan, Policy defined
 Med-Power Type: PD Device            Power Source: Unknown
 Power Priority: High                 Power Value:    5.4 Watt
 HWRev:                               FWRev: 0604DAS
 SWRev:                               SerialNumber:
 ManufName: Nortel-01                 ModelName: IP Phone 2002
 AssetID:
-------------------------------------------------------------------------------
Sys capability: O-Other; R-Repeater; B-Bridge; W-WLAN accesspoint; r-Router;
T-Telephone; D-DOCSIS cable device; S-Station only.
Med Capabilities-C: N-Network Policy; L-Location Identification; I-Inventory;
S-Extended Power via MDI - PSE; D-Extended Power via MDI - PD.

Those are some of the commands that you might have to execute if you needed to perform troubleshooting between an ERS5520 and a i2002/i2004 phone.

Your DHCP server logs will be your friend during your troubleshooting. If you don’t see the phone making a DHCP request (or a request in the proper VLAN) then you should check that ADAC was applied to the switch port. ADAC is the component that will automatically add the switch port (the switch port the phone is connected to) into the Voice VLAN. If ADAC is not applied (or enabled) on the port then you’ll be able to see that the switch port in question is only a member of the Data VLAN. You need to remember that ADAC works on MAC address ranges. You need to check that the MAC address of your phone is in the ADAC MAC address table.

5520-48T-PWR# show adac mac-range-table
Lowest MAC Address          Highest MAC Address
------------------------    -------------------------
00-0A-E4-01-10-20            00-0A-E4-01-23-A7
00-0A-E4-01-70-EC            00-0A-E4-01-84-73
00-0A-E4-01-A1-C8            00-0A-E4-01-AD-7F
00-0A-E4-01-DA-4E            00-0A-E4-01-ED-D5
00-0A-E4-02-1E-D4            00-0A-E4-02-32-5B
00-0A-E4-02-5D-22            00-0A-E4-02-70-A9
00-0A-E4-02-D8-AE            00-0A-E4-02-FF-BD
00-0A-E4-03-87-E4            00-0A-E4-03-89-0F
00-0A-E4-03-90-E0            00-0A-E4-03-B7-EF
00-0A-E4-04-1A-56            00-0A-E4-04-41-65
00-0A-E4-04-80-E8            00-0A-E4-04-A7-F7
00-0A-E4-04-D2-FC            00-0A-E4-05-48-2B
00-0A-E4-05-B7-DF            00-0A-E4-06-05-FE
00-0A-E4-06-55-EC            00-0A-E4-07-19-3B
00-0A-E4-08-0A-02            00-0A-E4-08-7F-31
00-0A-E4-08-B2-89            00-0A-E4-09-75-D8
00-0A-E4-09-BB-9D            00-0A-E4-09-CF-24
00-0A-E4-09-FC-2B            00-0A-E4-0A-71-5A
00-0A-E4-0A-9D-DA            00-0A-E4-0B-61-29
00-0A-E4-0B-BB-FC            00-0A-E4-0B-BC-0F
00-0A-E4-0B-D9-BE            00-0A-E4-0C-9D-0D

Total Ranges: 21

If the MAC address of your i2002/i2004 phone does not match any of the MAC address ranges in the switch you’ll need to add a range to include those MAC addresses. If the MAC address of your i2002 phone was 00:18:b0:11:22:33 you could use the following commands;

5520-48T-PWR> enable
5520-48T-PWR# config terminal
5520-48T-PWR (config)# adac mac-range-table low-end 00:18:b0:00:00:00 high-end 00:18:b0:ff:ff:ff

You might think you could configure a port mirror and run a quick packet capture to understand what’s going on… unfortunately you cannot configure any port with port mirroring that has ADAC enabled.

Thats all for now.

The last step is the DHCP server so stay tuned.

Nortel ERS 5520 PwR Switch

Michael McNamara — Tue, 23 Oct 2007 23:49:00 +0000

[ad name=”ad-articlebodysq”]Update: July 30, 2009
I’ve added a command to disable the User Interface Button (UI Button) “no ui-button enable”.

Update: February 7, 2009
It was time to update this article with some additional information and settings that I’m now using in all my switch deployments. The big change is the updated ADAC MAC address table. Please also note the VLACP time-out scale change and I’ve updated the year field for the Daylight Saving Time change.

Update: August 13, 2008
This was one of the first articles I wrote back in October 2007 and it is by far the most popular article out of all 110 articles that I currently have published. With that said I decided to come back and spruce up this post with some additional “tweaks” that I’ve added over the past 10 months. I’m also going to attack a link to a text file so folks can just download the file of commands, tweak the specific individual settings such as IP address and VLAN information, and then cut and paste into the CLI interface of the Nortel Ethernet Routing Switch 5520. It will hopefully save folks from having to cut and paste each section.

Note: just a quick warning about cutting and pasting into the CLI interface, I’ve often found that the buffer will overflow if I try to paste an entire configuration at once. I usually need to break it into at least two or three sections and cut and paste those section one at a time.

In this post I’ll try to outline how you can configure the Nortel Ethernet Routing Switch 5520 in a VoIP environment using Nortel i2002/i2004 Internet Telephones (this procedure will also work the same with the i2007/1120E/1140E phones).

You’ll obviously need a ERS 5520 switch and you’ll need SW 5.0.6.22 or later and FW 5.0.0.3 or later (there are known issues with earlier software versions that create inconsistent results using LLDP with the i2002/i2004 phones). I would strongly advise that you start with a default configuration. From the CLI issue the following commands to reset the switch to factory defaults;

5520-48T-PWR> enable
5520-48T-PWR# boot default

The switch should reboot with a default configuration. Let’s proceed with the configuration;

5520-48T-PWR> enable
5520-48T-PWR# configure terminal

Let’s set the local read-only and read-write passwords;

5520-48T-PWR (config)#cli password read-only readpass
5520-48T-PWR (config)#cli password read-write writepass
5520-48T-PWR (config)#cli password serial local
5520-48T-PWR (config)#cli password telnet local

Let’s disable the user interface button (UI button);

5520-48T-PWR (config)# no ui-button enable

Enable AUTOPVID;

5520-48T-PWR (config)# vlan configcontrol autopvid

We’ll be up linking this switch using a MultiLink trunk on ports 47 and 48 so we’ll enable tagging on the fiber uplinks;

5520-48T-PWR (config)# vlan ports 47,48 tagging enable

Let’s create the data VLAN (VID 100) and management VLAN (VID 200) on the switch;

5520-48T-PWR (config)# vlan members remove 1 ALL
5520-48T-PWR (config)# vlan create 200 name "10-1-200-0/24" type port
5520-48T-PWR (config)# vlan members add 200 47,48
5520-48T-PWR (config)# vlan create 100 name "10-1-100-0/24" type port
5520-48T-PWR (config)# vlan members add 100 1-48
5520-48T-PWR (config)# vlan port 1-46 pvid 100
5520-48T-PWR (config)# vlan port 47,48 pvid 200

Let’s make VLAN 200 the management VLAN and assign the IP address;

5520-48T-PWR (config)# vlan mgmt 200
5520-48T-PWR (config)# ip address switch 10.1.200.10 netmask 255.255.255.0 default-gateway 10.1.200.1

Let’s setup Simple Network Management Protocol (SNMP);

5520-48T-PWR (config)# snmp-server authentication-trap disable
5520-48T-PWR (config)# snmp-server community  ro
5520-48T-PWR (config)# snmp-server community  rw
5520-48T-PWR (config)# snmp-server host

Let’s configure the logging so it will overwrite the oldest events;

5520-48T-PWR (config)# logging volatile overwrite
5520-48T-PWR (config)# logging enable

Let’s setup Simple Network Time Protocol (SNTP);

5520-48T-PWR (config)# sntp server primary address
5520-48T-PWR (config)# sntp server secondary address
5520-48T-PWR (config)# sntp enable

Depending on the version of switch software your running you may be able to configure Daylight Saving Time;

5520-48T-PWR (config)#clock time-zone EST -5
5520-48T-PWR (config)#clock summer-time EDT date 9 Mar 2009 2:00 2 Nov 2009 2:00 +60

Let’s setup the MultiLink trunk that will connect the switch back to the backbone;

5520-48T-PWR (config)# mlt 1 disable
5520-48T-PWR (config)# mlt 1 name "MLT-8600"
5520-48T-PWR (config)# mlt 1 learning disable
5520-48T-PWR (config)# mlt 1 member 47,48
5520-48T-PWR (config)# mlt 1 enable

Let’s setup ADAC (Automatic Detection and Automatic Configuration) for our i2002/i2004 phones. We’ll using VLAN 50 as our voice VLAN and we’ll use port 48 as our uplink (the switch will add 47 automatically because of the MLT configuration). There is a new command to clear the ADAC MAC address table that may be missing from earlier versions, “no adac mac-range-table”. I’ve also updated the list of entries that I use.

5520-48T-PWR (config)# adac voice-vlan 50
5520-48T-PWR (config)# adac op-mode tagged-frames
5520-48T-PWR (config)# adac uplink-port 48
5520-48T-PWR (config)# no adac mac-range-table
5520-48T-PWR (config)# adac mac-range-table low-end 00:0a:e4:75:00:00 high-end 00:0a:e4:75:ff:ff
5520-48T-PWR (config)# adac mac-range-table low-end 00:13:65:00:00:00 high-end 00:13:65:ff:ff:ff
5520-48T-PWR (config)# adac mac-range-table low-end 00:14:c2:00:00:00 high-end 00:14:c2:ff:ff:ff
5520-48T-PWR (config)# adac mac-range-table low-end 00:16:ca:00:00:00 high-end 00:16:ca:ff:ff:ff
5520-48T-PWR (config)# adac mac-range-table low-end 00:17:65:00:00:00 high-end 00:17:65:ff:ff:ff
5520-48T-PWR (config)# adac mac-range-table low-end 00:18:b0:00:00:00 high-end 00:18:b0:ff:ff:ff
5520-48T-PWR (config)# adac mac-range-table low-end 00:19:69:00:00:00 high-end 00:19:69:ff:ff:ff
5520-48T-PWR (config)# adac mac-range-table low-end 00:19:e1:00:00:00 high-end 00:19:e1:ff:ff:ff
5520-48T-PWR (config)# adac mac-range-table low-end 00:1b:ba:00:00:00 high-end 00:1b:ba:ff:ff:ff
5520-48T-PWR (config)# adac mac-range-table low-end 00:1e:ca:00:00:00 high-end 00:1e:ca:ff:ff:ff
5520-48T-PWR (config)# adac mac-range-table low-end 00:22:67:00:00:00 high-end 00:22:67:ff:ff:ff
5520-48T-PWR (config)# adac enable

We need to strip the 802.1q tag from any packets in the PVID VLAN from going to the phone. In this design we’re expecting to connect IP phones to ports 1 – 46.

5520-48T-PWR (config)# vlan port 1-46 tagging untagpvidOnly

Let’s configure LLDP for the ports we expect to connect IP phones (1 – 46);

5520-48T-PWR (config)# interface fastEthernet 1-46
5520-48T-PWR (config-if)# vlan ports 1-46 filter-unregistered-frames disable
5520-48T-PWR (config-if)# lldp tx-tlv port-desc sys-cap sys-desc sys-name
5520-48T-PWR (config-if)# lldp status txAndRx config-notification
5520-48T-PWR (config-if)# lldp tx-tlv med extendedPSE med-capabilities network-policy
5520-48T-PWR (config-if)# poe poe-priority high
5520-48T-PWR (config-if)# spanning-tree learning fast
5520-48T-PWR (config-if)# adac enable
5520-48T-PWR (config-if)# exit

The option in RED above was added after an issue was discovered when trying to upgrade the firmware on the IP phones. The filter-unregistered-frames is enabled by default and should be disabled to avoid and issues with upgrading the firmware on the IP phones. We are attempting to investigate further with Nortel and our voice vendor Shared Technologies.

Let’s disable the two remaining ports that share the GBIC interfaces incase we need those in the future;

5520-48T-PWR (config)# interface fastEthernet 45-46
5520-48T-PWR (config-if)# shutdown
5520-48T-PWR (config-if)# exit

Let’s setup a QoS interface group to trust all traffic that will ingress on the fiber uplinks. By default the ERS 5520 switch will strip all QoS tags on all ports. Thankfully ADAC will take care of the QoS settings for all VoIP traffic.

5520-48T-PWR (config)# qos if-group name allUpLinks class trusted
5520-48T-PWR (config)# interface fastEthernet 47,48
5520-48T-PWR (config)# qos if-assign port 47,48 name allUpLinks
5520-48T-PWR (config)# exit

Let’s set the SNMP information;

5520-48T-PWR (config)# snmp-server name "sw-icr1-1east.sub.domain.org"
5520-48T-PWR (config)# snmp-server location "Acme Internet Phone Company (ICR1)"
5520-48T-PWR (config)# snmp-server contact "Network Infrastructure Team"

Let’s enable rate limiting for all broadcast and multicast traffic to 10% of the link;

5520-48T-PWR (config)# interface fastEthernet ALL
5520-48T-PWR (config-if)# rate-limit both 5
5520-48T-PWR (config-if)# exit

Let’s setup VLACP (Virtual Link Aggregation Protocol) on the uplinks to the core;

5520-48T-PWR (config)# interface fastEthernet 47,48
5520-48T-PWR (config-if)# vlacp port 47,48 timeout short
5520-48T-PWR (config-if)# vlacp port 47,48 timeout-scale 5
5520-48T-PWR (config-if)# vlacp port 47,48 enable
5520-48T-PWR (config-if)# exit
5520-48T-PWR (config)# vlacp enable

That’s it your done! Well hopefully your done.

In my next post I’ll tell you what DHCP options you’ll need to configure on your DHCP server in order for the phones to boot properly and connect to the Nortel Call Server.

Cheers!