Solved

Network looping Issue, VOIP Phone Deployment

Posted on 2013-11-01
11
987 Views
Last Modified: 2013-11-14
Hello Experts!

My company has hired an outside contractor to install and deploy VOIP phones in our office. We've been having some issues with the deployment. I have some networking knowledge but I'm limited in being able to explain and understand the problem fully. Our contractor is giving us the run around; I need a detailed technical explanation of why their installation caused our network to crash completely.

Here is the scenario. When our contractor installed the new VOIP phones our entire network was taken offline. I was able to isolate the issue by identifying which ports on our distribution switches had unusually high traffic. I disabled those ports and the network came back online. Prior to me disabling those interfaces we have 99% CPU utilization on our distribution and core switches.

I believe our contractor introduced a switching loop into our network. I need confirmation and more details before I make this accusation.

The contractor is deploying Grandstream GXP2100 phones. I identified two different "loop?" inducing scenarios (by checking what was connected to the switch ports with unusual traffic). The GXP2100 phones have two ethernet connections, one for PC and one for LAN.  I understand the live network feed should connect to the LAN port and the PC port can then be used to connect a PC to the phone. In some rooms, I noticed that our contracted connected two live network feeds to the phone. Both the LAN and the Internet port had live network feeds to the distribution switch. I'm not sure what the switching capability of the phone is, or if it has one MAC or two? Would this potentially cause a network loop and can you please provide details?

Another scenario I encountered in a few other rooms was this. In some rooms we have two phones. They were each connected to the network via the "LAN" port. Then, both phones were connected to each other via their internet ports/jacks. This seems like an obvious misconfiguration to me. Can you please provide details on what would happen in this scenario?

I was unable to perform a packet capture as we require 24.7 up time and as soon as I re-connected the phones the network would crash within a few minutes. I understand that would have been helpful here.

Finally, the contractor is deploying 8-port non-managed switched that do not support VLANs. These switches connect to our distribution switch, and the phones are connected to the 8-Port switch. Will we run into trouble in this scenario (are the phones themselves considered "switches")?

Experts, your thoughts and analysis will be VERY MUCH appreciated. Thank you all and enjoy the weekend!
0
Comment
Question by:grindmygears
  • 4
  • 4
  • 2
  • +1
11 Comments
 
LVL 26

Expert Comment

by:Soulja
ID: 39616958
I don't know who your contractor is, but they should be fired. Every sample you just described would cause loops on your network. It almost seems like they did this purposely?
0
 
LVL 26

Expert Comment

by:Soulja
ID: 39616959
Honestly, I would not let them deploy anything else and run them out of the building.
0
 
LVL 26

Expert Comment

by:Soulja
ID: 39616968
If the phones are connected the switches with both ports that will cause a loop.
If the phone are each connected to the switch and then to each other that will cause a loop.

If your contractor connected more than one port of those unmanaged switches to your distribution switch, that will cause a loop.
0
 

Author Comment

by:grindmygears
ID: 39617057
Can you please provide just a bit more information so that I can take this to our higher ups?
0
 
LVL 35

Accepted Solution

by:
Ernie Beek earned 500 total points
ID: 39617095
Couldn't agree more with Soulja. These *nasty word* should be banned for life.
Can't imagine what they were thinking when making these connections.

Normally you can indeed connect a PC to the PC port of the phone and connect to your network through the phone. The phone is connected to the switch through the LAN port. The ports on the switch should normally be configured with two VLANs: one access VLAN (for the PC connection through the phone) and one voice VLAN (for the phone connection to the PBX).
The phone should be configured so it 'knows' what the VLAN is that will be used if there's a PC connected.
That way you keep your two data streams (VOIP and PC data) seperated. Wondering if they did that.

So you can figure that the scenarios you have are the same like when you take a patch cable and put it in two random ports on your switch. And doing that several times.

So get rid of those interconnections. If there's only a phone, it should only be connected to the switch through the LAN port on the phone. If there's a PC with it, that should only and solely be connected to the PC port on the phone (assuming the switch and phones are configured correctly).
Nothing more, nothing less.

Did I already mention they should be fired?
0
What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

 
LVL 12

Expert Comment

by:Infamus
ID: 39617111
Soulja is right.

It is like connecting two ports on a switch with single ethernet cable which cause a loop.

Basically the two ports on the phone is like two ports on a switch.
0
 
LVL 35

Expert Comment

by:Ernie Beek
ID: 39617116
Oh, b.t.w.

I think an unmanaged switch in between shouldn't mess up thing. But then the switchport on the distribution switch should be configured as an access port in the voice VLAN (and not like I stated before).
But if there are enough ports on the distribution switch I would personally directly connect the phones to the switch.
0
 
LVL 12

Expert Comment

by:Infamus
ID: 39617117
Please disregard my post, as erniebeek explained all well.

I was a few minutes late......
0
 
LVL 35

Expert Comment

by:Ernie Beek
ID: 39617124
@Infamus: Happens to me as well every now and then ;)
0
 
LVL 26

Expert Comment

by:Soulja
ID: 39617132
Thanks Ernie for explaining. I am a man of few words. ;-)
0
 
LVL 35

Expert Comment

by:Ernie Beek
ID: 39617141
No probs Soulja :)
I'm as well, but trying not to be. Though it might be completely clear to us, it's not always the same for others. And hey, that's what we're coming here for ;)
0

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

Outsource Your Fax Infrastructure to the Cloud (And come out looking like an IT Hero!) Relative to the many demands on today’s IT teams, spending capital, time and resources to maintain physical fax servers and infrastructure is not a high priority.
David Varnum recently wrote up his impressions of PRTG, based on a presentation by my colleague Christian at Tech Field Day at VMworld in Barcelona. Thanks David, for your detailed and honest evaluation!
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now