Posted on 2007-09-19 13:00:00
Tags: Cisco, Networking, SNMP
When you try connecting strange little switches and hubs to a Cisco 3560 PoE switch, your port might end up in "err-disabled" state:
That port is unusable until the end of time, or until somebody manually shut and no-shut it.Gi0/41 **IP Phones & PCs* err-disabled 8 a-half a-10 10/100/1000BaseTX cisco#show interfaces gi0/41 GigabitEthernet0/41 is down, line protocol is down (err-disabled)
Having experienced this once or two, it's a pain in the bottom and since I'm obsessed about monitoring, I tried to find out how to determine this remotely:
ifAdminStatus is up, but the "show interface" says it's down.RFC1213-MIB::ifDescr.10141 = STRING: "GigabitEthernet0/41" RFC1213-MIB::ifType.10141 = INTEGER: ethernet-csmacd(6) RFC1213-MIB::ifMtu.10141 = INTEGER: 1500 RFC1213-MIB::ifSpeed.10141 = Gauge32: 10000000 RFC1213-MIB::ifPhysAddress.10141 = Hex-STRING: 00 16 46 B6 DC A9 RFC1213-MIB::ifAdminStatus.10141 = INTEGER: up(1) RFC1213-MIB::ifOperStatus.10141 = INTEGER: down(2) RFC1213-MIB::ifLastChange.10141 = Timeticks: (3564555759) 412 days, 13:32:37.59
So nothing! There is no way to find an interface in the err-disabled state via SNMP!
Posted on 2006-05-17 15:45:37, modified on 2006-05-17 15:54:45
Tags: Networking, Voice over IP, Cisco
The Cisco 7970 phones have a nifty feature: IP Phone Services. With it, you can access services on the internet (for example the stock value of CSCO). I have been asked to make some nifty features, but the phone has some funky HTTP client code.
This is how our services are configured in the Cisco Call Manager
Service URL: http://xml.barnet.com.au/echo.xml
And this it the HTTP request the phone sends
GET /echo.xml?demo=text HTTP/1.1. Host: 202.83.176.80:80. Connection: close. User-Agent: Allegro-Software-WebClient/4.20. Accept: x-CiscoIPPhone/*;version=3.0, text/*,image/png,*/*. Accept-Language: en. Accept-Charset: iso-8859-1. Cookie: ASPSESSIONIDQQSCDATD=IIHNKHFBLCNEAGLMFDIEEIGN.
So despite that the service has the full hostname, the Host line in the HTTP request contains an IP address. It's HTTP/1.1, so the Host line is required. RFC2616 says this about it:
14.23 Host
The Host request-header field specifies the Internet host and port
number of the resource being requested, as obtained from the original
URI given by the user or referring resource (generally an HTTP URL,
as described in section 3.2.2). The Host field value MUST represent
the naming authority of the origin server or gateway given by the
original URL. This allows the origin server or gateway to
differentiate between internally-ambiguous URLs, such as the root "/"
URL of a server for multiple host names on a single IP address.
Host = "Host" ":" host [ ":" port ] ; Section 3.2.2
A "host" without any trailing port information implies the default
port for the service requested (e.g., "80" for an HTTP URL). For
example, a request on the origin server for
<http://www.w3.org/pub/WWW/> would properly include:
GET /pub/WWW/ HTTP/1.1
Host: www.w3.org
A client MUST include a Host header field in all HTTP/1.1 request
messages . If the requested URI does not include an Internet host
name for the service being requested, then the Host header field MUST
be given with an empty value. An HTTP/1.1 proxy MUST ensure that any
request message it forwards does contain an appropriate Host header
field that identifies the service being requested by the proxy. All
Internet-based HTTP/1.1 servers MUST respond with a 400 (Bad Request)
status code to any HTTP/1.1 request message which lacks a Host header
field.
Reading this, it looks like the IP address isn't even allowed there. But it should have been xml.barnet.com.au.
Posted on 2005-07-29 14:40:23, modified on 2006-01-09 16:29:23
Tags: Voice over IP, Cisco
A new day, a new toy... except this is one which doesn't want to buzz.
The ATA can be called, and it rings. That part works. The other way around, it conveniently forgets to send the dialed number in its SIP INVITEs:
INVITE sip:;user=phone SIP/2.0 Via: SIP/2.0/UDP 192.168.2.248:5060 From: sip:test5@192.168.2.248;tag=1606025951 To: <sip:;user=phone> Call-ID: 4113433178@192.168.2.248 CSeq: 2 INVITE Contact: <sip:test5@192.168.2.248:5060;transport=udp> User-Agent: Cisco ATA 186 v3.1.0 atasip (040211A) Expires: 300 Allow: ACK, BYE, CANCEL, INVITE, NOTIFY, OPTIONS, REFER, REGISTER Content-Length: 248 Content-Type: application/sdp
I've asked for an upgrade to the 3.2(1) image, but I haven't heard anything yet. Annoying!
Posted on 2005-03-12 22:53:41, modified on 2006-01-09 16:29:23
Tags: Voice over IP, Cisco, DNS
The Cisco 7970 phones have a nifty feature: IP Phone Services. With it, you can access services on the internet (for example the stock value of CSCO). I have been asked to make some nifty features, but up to now it's no luck for me! Read on...
An IP Phone Service is defined as an URL, which returns an XML file with the commands in it. All very simple stuff.
For example, http://1.2.3.4/test.xml would return an XML file. This works.
But, we're living in the 21st century and we use hostnames these days. So, I changed it to http://xml.example.org/test.xml. No fish. Not even an TCP session towards the webserver. Why?
15:43:25.727288 10.192.15.229.1177 > 10.192.0.2.53: 48+ Type1907 (Class 29802)?. (33) [tos 0x60] 0x0000 4560 003d 1186 0000 3e11 4564 0ac0 0fe5 E`.=....>.Ed.... 0x0010 0ac0 0002 0499 0035 0029 0000 0030 0100 .......5.)...0.. 0x0020 0001 0000 0000 0000 0007 7374 6a61 6d65 ..........stjame 0x0030 7303 6e65 7402 6175 0000 0100 01 s.net.au.....
This is why. Don't ask me why the phone asks for A record of stjames.net.au, but it is asking it wrong: At offset 0x0028, the value 00 is there by mistake, it shouldn't have been there in the first place.
My name server happily refuses the query, and the Cisco 7970 returns "Host not found". Let's hope that Cisco can do something about it :-/
Note: Please note that this problem has been fixed in version 6.0.3.
Posted on 2005-02-21 13:02:07, modified on 2006-01-09 16:29:23
Tags: Voice over IP, Cisco, tftp, DHCP
For a new project within BarNet, we're going to use the Cisco solution for Voice-over-IP. The central server will be the Cisco Call Manager (and friends), the phones will be Cisco 7970 phones.
DHCP-wise these devices aren't too demanding, it asks for the TFTP server and something like option 150 (which is unspecified as far as I can tell). The TFTP server option is a string with the hostname or IP address of the TFTP server. The option 150 is, after going through the documentation of the Cisco gear, *also* for specifying the TFTP server, but then only with the IP address.
So the DHCP configuration should be (for people using the ISC DHCP server):
option cisco-tftp code 150 = array of ip-address;
class "cisco7970" {
match if substring (option vendor-class-identifier,0,37) = "Cisco Systems, Inc. IP Phone CP-7970G";
option arp-cache-timeout 60;
option cisco-tftp 192.168.1.1,192.168.1.2;
option tftp-server-name "cisco-cm.mavetju.org";
}
Update
There is a draft for the option 150 available at: http://www.ietf.org/internet-drafts/draft-raj-dhc-tftp-addr-option-00.txt