Lafflin
asked on
Cisco switches flooding unicast traffic asynchronous routing perhaps?
Hello,
I have just inherited a network which is running Cisco phones, a stack of 3750's, a Sonicwall router for data, and a Cisco router managed by our hosted voice provider. I was told that unicast traffic is being flooded on our voice vlan (5). I saw this via wireshark myself as well. I've been looking into this and have some clues.
First, our data traffic goes through a Sonicwall, the vlan IP for that traffic is 10.201.0.241/16. The gateway for those hosts are 10.201.0.1....
The voice traffic is on a seperate vlan, however there is no IP address associated with that VLAN....I guess the voice providers router handles it???? I don't know if that's configured correctly, that would be part one of this question.
Also, there seems to be no route between the routers. I can't even ping one of these pones from my data network, that doesn't seem right.
Also, now hold onto your boots, these ports are mostly all configured as trunk ports. The reason being that people need to be able to plug a PC or a phone into them without having to piggyback off of a phone.
Performance seems to be ok, but I need to figure this out.
I have ruled out STP as the issue as well as my mac table being too full. I believe the issue might have to do with asynchronous routing perhaps, but really I'm just a CCNA who's never had to troubleshoot anything like this before.
I would be so very grateful for someone's help on this. I've just walked into a new job and have this situation owning me.
I have just inherited a network which is running Cisco phones, a stack of 3750's, a Sonicwall router for data, and a Cisco router managed by our hosted voice provider. I was told that unicast traffic is being flooded on our voice vlan (5). I saw this via wireshark myself as well. I've been looking into this and have some clues.
First, our data traffic goes through a Sonicwall, the vlan IP for that traffic is 10.201.0.241/16. The gateway for those hosts are 10.201.0.1....
The voice traffic is on a seperate vlan, however there is no IP address associated with that VLAN....I guess the voice providers router handles it???? I don't know if that's configured correctly, that would be part one of this question.
Also, there seems to be no route between the routers. I can't even ping one of these pones from my data network, that doesn't seem right.
Also, now hold onto your boots, these ports are mostly all configured as trunk ports. The reason being that people need to be able to plug a PC or a phone into them without having to piggyback off of a phone.
Performance seems to be ok, but I need to figure this out.
I have ruled out STP as the issue as well as my mac table being too full. I believe the issue might have to do with asynchronous routing perhaps, but really I'm just a CCNA who's never had to troubleshoot anything like this before.
I would be so very grateful for someone's help on this. I've just walked into a new job and have this situation owning me.
>I was told that unicast traffic is being flooded on our voice vlan (5).
What's the source and destination of this traffic?
>The voice traffic is on a seperate vlan, however there is no IP address associated with that VLAN
When you had wireshark running, did you see any voice traffic? If so, what was the source address? And what VLAN is the data traffic on?
>Also, there seems to be no route between the routers
Routers? What routers? Can you provide a topology diagram?
>I can't even ping one of these pones from my data network
I thought there are non IP addresses associated with the voice VLAN?
>these ports are mostly all configured as trunk ports. The reason being that people need to be able to plug a PC or a phone into them without having to piggyback off of a phone.
That's not a huge issue. As long as the native VLAN is the data VLAN and the phones are configured correctly.
What's the source and destination of this traffic?
>The voice traffic is on a seperate vlan, however there is no IP address associated with that VLAN
When you had wireshark running, did you see any voice traffic? If so, what was the source address? And what VLAN is the data traffic on?
>Also, there seems to be no route between the routers
Routers? What routers? Can you provide a topology diagram?
>I can't even ping one of these pones from my data network
I thought there are non IP addresses associated with the voice VLAN?
>these ports are mostly all configured as trunk ports. The reason being that people need to be able to plug a PC or a phone into them without having to piggyback off of a phone.
That's not a huge issue. As long as the native VLAN is the data VLAN and the phones are configured correctly.
ASKER
Data is on the native vlan, the vlan itself has an up address. The voice vlan itself does not have an ip address assigned. Meaning "show ip int vlan 5" won't return an ip.
A diagram I do not have at this time. But I can tell you that there is 2 routers connected to this stack (one logical switch) . One router is the gateway for vlan 1 (data) the other is the gateway for our phones. There's no route between the two of them. When I had wireshark running I was on the voice vlan only (switchport mode access) and o saw only voice traffic...but for other ports over 200 of them. I will get more details today.
A diagram I do not have at this time. But I can tell you that there is 2 routers connected to this stack (one logical switch) . One router is the gateway for vlan 1 (data) the other is the gateway for our phones. There's no route between the two of them. When I had wireshark running I was on the voice vlan only (switchport mode access) and o saw only voice traffic...but for other ports over 200 of them. I will get more details today.
>One router is the gateway for vlan 1 (data) the other is the gateway for our phones. There's no route between the two of them.
Nor should there be if they do not share a common network.
>When I had wireshark running I was on the voice vlan only (switchport mode access) and o saw only voice traffic
So what's the problem again?
Nor should there be if they do not share a common network.
>When I had wireshark running I was on the voice vlan only (switchport mode access) and o saw only voice traffic
So what's the problem again?
ASKER
As it turns out, laying out my problem clearly (in my own mind) and having someone just ask a few simple questions was enough for me to take a step back and look at the situation and make some sense of it.
As it turns out, there is no flooding going on.....
There was at the time the packet capture was originally taken, but no longer. I think the issue was likely due to an unstable link between my swtiches and the VOIP provider.
As it turns out, there is no flooding going on.....
There was at the time the packet capture was originally taken, but no longer. I think the issue was likely due to an unstable link between my swtiches and the VOIP provider.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER