Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Help configuring VOIP VLANS on LAN & WAN  Using HP Layer 3 Switches, Avaya S8500 & S8300 on MPLS network

Posted on 2008-10-25
13
Medium Priority
?
1,413 Views
Last Modified: 2012-05-05
I have 2 sites one in NJ and the other in CA that are connected via AT&T MPLS network with AT&T managed Cisco Routers.  Dual T1s in HSRP configuration both sites.  AT&T States that DSCP=48 is set.

NJ site has an HP 5308XL core switch and Avaya S8500 with 9620 IP phones.  2 VLANS: VLAN 1 for data (10.68.36.0/22); VLAN 10 for voice (192.168.2.0/24).   Working great for almost a year. OSPF is not being used (yet).

CA site has dual T1 in HSRP configuration with an HP 5406ZL core switch and will be installing an Avaya G530 gateway with S8300.  3 VLANS: VLAN 1 for data (10.222.82.0/24); VLAN 10 for voice (10.222.83.0/24); VLAN 20 (10.224. for transfer network.  Premium Edge License is installed for OSPF.  All VLAN seems to be working fine.  Phones are booting up into VLAN 20 and getting the proper address from the proper DHCP scope (10.222.82.0).



Situations:

I plug the G350 that is preconfigured with address 10.222.83.2 & 3/25 gw 10.222.83.1 into a VLAN 10 port with a crossover cable and cannot see it.  The switch shows link on Port C20.  No entry in ARP table.

I plug a PC with address 10.222.83.220/24 gw 10.222.83.1 into PORT C19 same thing.


I need to setup a pc in both NJ & CA to to VOIP network analysis.

I need to get the two VLAN 10s talking over the WAN.
0
Comment
Question by:paul_rigano
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 6
13 Comments
 
LVL 10

Expert Comment

by:kyleb84
ID: 22804154
Stupid question but are you sure the port's untagged?

config
vlan 10
  ip address 10.222.83.1/25
  untagged C19-C20

----------------

"VLAN 10 for voice (10.222.83.0/24); VLAN 20 (10.224. for transfer network."

"Phones are booting up into VLAN 20"

You mean 10?

------------------

"I need to get the two VLAN 10s talking over the WAN."

Since they're in different networks 10.222.83 + 10.222.82 you'll have to route.

HP config:
ip routing
router ospf
 area 0.0.0.0
 redistribute connected
vlan 10
 ip ospf area 0.0.0.0

You'll have to get the routers to match the OSPF config in your HP (and vice versa) or they won't talk.

0
 

Author Comment

by:paul_rigano
ID: 22804213
I meant they are booting into VLAN 10 :)

Here is my CA Switch config:


Running configuration:

; J8697A Configuration Editor; Created on release #K.13.25

hostname "NW42273PAT0001"
snmp-server contact "HelpDesk"
snmp-server location "PATterson"
module 1 type J8702A
module 2 type J8702A
module 3 type J8705A
module 4 type J8702A
interface B15
   name "SV42273PAT0210"
exit
interface A1
   name "USDEMTPCQCA03R"
   speed-duplex 100-full
   no power-over-ethernet
exit
interface A2
   name "USDEMTPCQCA04R"
   speed-duplex 100-full
   no power-over-ethernet
exit
interface C19
   name "PC42273PAT3220"
exit
interface C20
   name "Avaya G350"
   speed-duplex 100-full
exit
interface D24
   name "Dlink Access Point"
exit
ip routing
snmp-server community "public" Unrestricted
vlan 1
   name "DEFAULT_VLAN"
   untagged A3-A24,B1-B24,C1-C24,D1-D24
   ip address 10.222.82.1 255.255.255.0
   no untagged A1-A2
   exit
vlan 20
   name "Transfer-Network"
   untagged A1-A2
   ip address 10.224.15.114 255.255.255.240
   exit
vlan 10
   name "VoIP-Network"
   qos dscp 101110
   ip helper-address 10.222.82.210
   ip address 10.222.83.1 255.255.255.0
   tagged C1-C20
   voice
   exit
fault-finder bad-driver sensitivity high
fault-finder bad-transceiver sensitivity high
fault-finder bad-cable sensitivity high
fault-finder too-long-cable sensitivity high
fault-finder over-bandwidth sensitivity high
fault-finder broadcast-storm sensitivity high
fault-finder loss-of-link sensitivity high
fault-finder duplex-mismatch-HDx sensitivity high
fault-finder duplex-mismatch-FDx sensitivity high
no ip ssh
ip route 0.0.0.0 0.0.0.0 10.224.15.113
router ospf
   area 0.0.0.1
   no rfc1583-compatibility
   exit
spanning-tree
vlan 20
   ip ospf 10.224.15.114 area 0.0.0.1
   exit
0
 
LVL 10

Accepted Solution

by:
kyleb84 earned 2000 total points
ID: 22804232
vlan 10
   name "VoIP-Network"
   qos dscp 101110
   ip helper-address 10.222.82.210
   ip address 10.222.83.1 255.255.255.0
   tagged C1-C20

Your tagging ports C19 and C20.

enter these commands:

config
vlan 10
 untagged C19-C20
end

Plug your PC in and the G350, try ping.

if it works, leave it.

If it doesn't try these commands:

config
vlan 10
 tagged C20
end

This will tag the G350 port, try pinging again.


One of those solutions should work for the PC -> G350 part, next is routing the whole thing :P
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
LVL 10

Expert Comment

by:kyleb84
ID: 22804235
Make sure you use the C19 port for the PC, and C20 for the G350
0
 

Author Comment

by:paul_rigano
ID: 22804377
No problem with using the proper ports, Im doing this all remotely from NJ!

OK So now I have untagged C19-C20

vlan 1
   name "DEFAULT_VLAN"
   untagged A3-A24,B1-B24,C1-C18,C21-C24,D1-D24
   ip address 10.222.82.1 255.255.255.0
   no untagged A1-A2,C19-C20
   exit
vlan 20
   name "Transfer-Network"
   untagged A1-A2
   ip address 10.224.15.114 255.255.255.240
   exit
vlan 10
   name "VoIP-Network"
   untagged C19-C20
   qos dscp 101110
   ip helper-address 10.222.82.210
   ip address 10.222.83.1 255.255.255.0
   tagged C1-C18
   voice
   exit

I can now remote desktop to the PC, which I could not do before.
   I can ping all around the network and the 83.1 thru 83.3

I do ping from the router and get:  Cant ping 10.222.83.220, yet it seems to work!

NW42273PAT0001# ping 10.222.83.1
10.222.83.1 is alive, time = 1 ms
NW42273PAT0001# ping 10.222.83.2
10.222.83.2 is alive, time = 1 ms
NW42273PAT0001# ping 10.222.83.3
10.222.83.3 is alive, time = 1 ms
NW42273PAT0001# ping 10.222.83.220
Request timed out.

From my PC here at home (VPN connection to network)  I get:

Microsoft Windows [Version 6.0.6001]
Copyright (c) 2006 Microsoft Corporation.  All rights reser

C:\Users\Paul>ping 10.222.83.1

Pinging 10.222.83.1 with 32 bytes of data:
Reply from 10.222.83.1: bytes=32 time=151ms TTL=60
Pinging 10.222.83.2 with 32 bytes of data:
Reply from 10.222.83.2: bytes=32 time=168ms TTL=59
Pinging 10.222.83.3 with 32 bytes of data:
Reply from 10.222.83.3: bytes=32 time=152ms TTL=59
Pinging 10.222.83.220 with 32 bytes of data:
Request timed out.
0
 
LVL 10

Expert Comment

by:kyleb84
ID: 22806096
"I can now remote desktop to the PC, which I could not do before."
"I do ping from the router and get:  Cant ping 10.222.83.220, yet it seems to work!"

Looks like your PC is blocking pings, maybe remote desktop to it and disable the firewall.

OK, so now we establish routing between the two site for VLAN 10, since you can't touch the Leased Cisco Routers we'll just add static routes....

For CA's HP add:

ip route 192.168.2.0 255.255.255.0 [IP ADDRESS OF THE LOCAL CISCO]

For NJ's HP add:

ip route 10.222.83.0 255.255.255.0 [IP ADDRESS OF THE LOCAL CISCO]


=HOPEFULLY= the Cisco's know about the other end's networks. If you can ping from switch to switch, your done. If not, you'll probably have to request for those routes to be added to the Cisco's as well.

0
 

Author Comment

by:paul_rigano
ID: 22807035
Hey man,

The routes are already there.

I can do a show ip route from the CA Switch since OSPF is enabled there
 192.168.2.0/24     10.224.15.115   20   ospf      External1  101        110
I cant from NJ because OSPF is not going there.

There is nothing else that needs to be done on the NJ Switch?
I think I read that OSPF must be going on the NJ side as well.  I need to make sure that the DSCP=46 thing is working.
0
 
LVL 10

Expert Comment

by:kyleb84
ID: 22807071
OSPF needs to be used on both switches...

Is there VLAN 10 connectivity yet? can you ping the VLAN 10 ip of one switch from the alternate switch?
0
 

Author Comment

by:paul_rigano
ID: 22807310
Yes I can ping each other.

from CA:
NW42273PAT0001# ping 192.168.2.1
192.168.2.1 is alive, time = 150 ms
NW42273PAT0001#

From NJ:
NW42273NVL0020# ping 10.222.83.1
10.222.83.1 is alive, time = 75 ms
NW42273NVL0020#
0
 
LVL 10

Expert Comment

by:kyleb84
ID: 22809194
So what's next? You want to confirm QoS?
0
 

Author Comment

by:paul_rigano
ID: 22809423
yeah, but I dont think that OSPF is setup in Jersey yet.  After I confirm what should I do?
0
 
LVL 10

Expert Comment

by:kyleb84
ID: 22809467
"After I confirm what should I do?"

Is there anything that's not working now?
0
 

Author Comment

by:paul_rigano
ID: 22809486
Dont know the AVAYA G350 is not configured yet.  I am concerned about the DSCP=46 working.  I asked AT&T to put in COS2.  I will set up two PCs on my Monday morning to commence the VOIP testing between the sites.  Hang tight while I gather more information, OK?

0

Featured Post

Will your db performance match your db growth?

In Percona’s white paper “Performance at Scale: Keeping Your Database on Its Toes,” we take a high-level approach to what you need to think about when planning for database scalability.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Outsource Your Fax Infrastructure to the Cloud (And come out looking like an IT Hero!) Relative to the many demands on today’s IT teams, spending capital, time and resources to maintain physical fax servers and infrastructure is not a high priority.
Arrow Electronics was searching for a KVM  (Keyboard/Video/Mouse) switch that could display on one single monitor the current status of all units being tested on the rack.
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

722 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question