Cisco Avaya dot1q trunk issue

Have a question or want to start a discussion? Post it! No Registration Necessary.  Now with pictures!

Threaded View
Hi,

I have several Cisco 3750's being trunked into an AVAYA P332 Core. Lab
tests go great and all 7 vlans are interconnected.

Configuration is a basic..

switchport trunk encapsulation dot1q
switchport mode trunk

Native vlan is 1.
Avaya is base dot1q - no leaky vlan configured

All etherchannels/hunt groups removed..   vlans matched for SAID's on
both sides. Place this onto the operaional network and boom! Network
down..  symptoms were intermittent pings to all devices and user
application failure site wide..


Remove 3750 and all is restored.  Interface counters on the 3750 for
couple minutes showed:-

     28700430 packets input, 1951804052 bytes, 0 no buffer
     Received 28699747 broadcasts (0 multicast)
     0 runts, 0 giants, 0 throttles
     326 input errors, 7 CRC, 0 frame, 0 overrun, 0 ignored
     0 watchdog, 28697164 multicast, 0 pause input
     0 input packets with dribble condition detected
     5451 packets output, 774332 bytes, 0 underruns
     0 output errors, 0 collisions, 2 interface resets



Back to the lab..

In the lab we then removed all STP (its not needed), DTP, VTP, CDP &
UDLD. This is now just a dot1q trunk..  nothing more!

Then it was noted that the Avaya is encapsulating its native vlan so
this has been matched on the Cisco with the global [vlan dot1q tag
native] command...

It is now at the stage of re-testing.. and I have only one shot at it
for an hour this weekend on the ops network..  have I missed anything?
Does anyone have any prior experience of Avaya/Cisco trunk issues? What
else could possibly be causing this trunking failure?


Re: Cisco Avaya dot1q trunk issue
There are no spanning tree BPDU's being sent into the network by the
mini-switch inside the avaya phone?  If so this could influence the root
bridge. What about the PC attached to the phone?  IS bridging enabled on
this PC?  IF so it willsend out BPDU's.

It is VERY bad practise to use a plain vanilla trunk to the IP phones.  By
doing this you are neating the whole point of putting the voice in a
sepearte VLAN since ALL vlans will be on the phone wire.  On Siemens IP
phones I do a:

switcport mode access
switchport access vlan 5
switchport voice vlan 10
spanning tree bpduguard
no cdp enable

Sure, switch will not talk CDP to the phone but this limits the VLAN's on
the trunk connection and allows you to put a port security maximum of MAC
addresses - an importanmt security consideration.

Forget VLAN 1 to the phones.  That's a no - no.  Use anothe rvlan for the
native, 5 in my example.

Steve


Quoted text here. Click to load it



Site Timeline