MavEtJu's Distorted View of the World - Cisco

Monitoring disabled ports on a C3560
Cisco 7970 HTTP client code
Cisco ATA 186
Cisco 7970 broken DNS resolver
Cisco 7970

Back to index

Monitoring disabled ports on a C3560

Posted on 2007-09-19 13:00:00
Tags: Cisco, Networking, SNMP

When you try connecting strange little switches and hubs to a Cisco 3560 PoE switch, your port might end up in "err-disabled" state:

Gi0/41    **IP Phones & PCs* err-disabled 8          a-half   a-10 10/100/1000BaseTX

cisco#show interfaces gi0/41
GigabitEthernet0/41 is down, line protocol is down (err-disabled)
That port is unusable until the end of time, or until somebody manually shut and no-shut it.

Having experienced this once or two, it's a pain in the bottom and since I'm obsessed about monitoring, I tried to find out how to determine this remotely:

RFC1213-MIB::ifDescr.10141 = STRING: "GigabitEthernet0/41"
RFC1213-MIB::ifType.10141 = INTEGER: ethernet-csmacd(6)
RFC1213-MIB::ifMtu.10141 = INTEGER: 1500
RFC1213-MIB::ifSpeed.10141 = Gauge32: 10000000
RFC1213-MIB::ifPhysAddress.10141 = Hex-STRING: 00 16 46 B6 DC A9 
RFC1213-MIB::ifAdminStatus.10141 = INTEGER: up(1)
RFC1213-MIB::ifOperStatus.10141 = INTEGER: down(2)
RFC1213-MIB::ifLastChange.10141 = Timeticks: (3564555759) 412 days, 13:32:37.59
ifAdminStatus is up, but the "show interface" says it's down.

So nothing! There is no way to find an interface in the err-disabled state via SNMP!


No comments

Cisco 7970 HTTP client code

Posted on 2006-05-17 15:45:37, modified on 2006-05-17 15:54:45
Tags: Networking, Voice over IP, Cisco

The Cisco 7970 phones have a nifty feature: IP Phone Services. With it, you can access services on the internet (for example the stock value of CSCO). I have been asked to make some nifty features, but the phone has some funky HTTP client code.

This is how our services are configured in the Cisco Call Manager

Service URL: http://xml.barnet.com.au/echo.xml

And this it the HTTP request the phone sends

GET /echo.xml?demo=text HTTP/1.1.
Host: 202.83.176.80:80.
Connection: close.
User-Agent: Allegro-Software-WebClient/4.20.
Accept: x-CiscoIPPhone/*;version=3.0, text/*,image/png,*/*.
Accept-Language: en.
Accept-Charset: iso-8859-1.
Cookie: ASPSESSIONIDQQSCDATD=IIHNKHFBLCNEAGLMFDIEEIGN.

So despite that the service has the full hostname, the Host line in the HTTP request contains an IP address. It's HTTP/1.1, so the Host line is required. RFC2616 says this about it:

14.23 Host

   The Host request-header field specifies the Internet host and port
   number of the resource being requested, as obtained from the original
   URI given by the user or referring resource (generally an HTTP URL,
   as described in section 3.2.2). The Host field value MUST represent
   the naming authority of the origin server or gateway given by the
   original URL. This allows the origin server or gateway to
   differentiate between internally-ambiguous URLs, such as the root "/"
   URL of a server for multiple host names on a single IP address.

       Host = "Host" ":" host [ ":" port ] ; Section 3.2.2

   A "host" without any trailing port information implies the default
   port for the service requested (e.g., "80" for an HTTP URL). For
   example, a request on the origin server for
   <http://www.w3.org/pub/WWW/> would properly include:

       GET /pub/WWW/ HTTP/1.1
       Host: www.w3.org

   A client MUST include a Host header field in all HTTP/1.1 request
   messages . If the requested URI does not include an Internet host
   name for the service being requested, then the Host header field MUST
   be given with an empty value. An HTTP/1.1 proxy MUST ensure that any
   request message it forwards does contain an appropriate Host header
   field that identifies the service being requested by the proxy. All
   Internet-based HTTP/1.1 servers MUST respond with a 400 (Bad Request)
   status code to any HTTP/1.1 request message which lacks a Host header
   field.

Reading this, it looks like the IP address isn't even allowed there. But it should have been xml.barnet.com.au.


No comments

Cisco ATA 186

Posted on 2005-07-29 14:40:23, modified on 2006-01-09 16:29:23
Tags: Voice over IP, Cisco

A new day, a new toy... except this is one which doesn't want to buzz.

The ATA can be called, and it rings. That part works. The other way around, it conveniently forgets to send the dialed number in its SIP INVITEs:

INVITE sip:;user=phone SIP/2.0
Via: SIP/2.0/UDP 192.168.2.248:5060
From: sip:test5@192.168.2.248;tag=1606025951
To: <sip:;user=phone>
Call-ID: 4113433178@192.168.2.248
CSeq: 2 INVITE
Contact: <sip:test5@192.168.2.248:5060;transport=udp>
User-Agent: Cisco ATA 186  v3.1.0 atasip (040211A)
Expires: 300
Allow: ACK, BYE, CANCEL, INVITE, NOTIFY, OPTIONS, REFER, REGISTER
Content-Length: 248
Content-Type: application/sdp

I've asked for an upgrade to the 3.2(1) image, but I haven't heard anything yet. Annoying!


No comments

Cisco 7970 broken DNS resolver

Posted on 2005-03-12 22:53:41, modified on 2006-01-09 16:29:23
Tags: Voice over IP, Cisco, DNS

The Cisco 7970 phones have a nifty feature: IP Phone Services. With it, you can access services on the internet (for example the stock value of CSCO). I have been asked to make some nifty features, but up to now it's no luck for me! Read on...

An IP Phone Service is defined as an URL, which returns an XML file with the commands in it. All very simple stuff.

For example, http://1.2.3.4/test.xml would return an XML file. This works.

But, we're living in the 21st century and we use hostnames these days. So, I changed it to http://xml.example.org/test.xml. No fish. Not even an TCP session towards the webserver. Why?

15:43:25.727288 10.192.15.229.1177 > 10.192.0.2.53:  48+ Type1907 (Class 29802)?. (33) [tos 0x60]
0x0000   4560 003d 1186 0000 3e11 4564 0ac0 0fe5      E`.=....>.Ed....
0x0010   0ac0 0002 0499 0035 0029 0000 0030 0100      .......5.)...0..
0x0020   0001 0000 0000 0000 0007 7374 6a61 6d65      ..........stjame
0x0030   7303 6e65 7402 6175 0000 0100 01             s.net.au.....

This is why. Don't ask me why the phone asks for A record of stjames.net.au, but it is asking it wrong: At offset 0x0028, the value 00 is there by mistake, it shouldn't have been there in the first place.

My name server happily refuses the query, and the Cisco 7970 returns "Host not found". Let's hope that Cisco can do something about it :-/

Note: Please note that this problem has been fixed in version 6.0.3.


No comments

Cisco 7970

Posted on 2005-02-21 13:02:07, modified on 2006-01-09 16:29:23
Tags: Voice over IP, Cisco, tftp, DHCP

For a new project within BarNet, we're going to use the Cisco solution for Voice-over-IP. The central server will be the Cisco Call Manager (and friends), the phones will be Cisco 7970 phones.

DHCP-wise these devices aren't too demanding, it asks for the TFTP server and something like option 150 (which is unspecified as far as I can tell). The TFTP server option is a string with the hostname or IP address of the TFTP server. The option 150 is, after going through the documentation of the Cisco gear, *also* for specifying the TFTP server, but then only with the IP address.

So the DHCP configuration should be (for people using the ISC DHCP server):

option cisco-tftp code 150 = array of ip-address;
class "cisco7970" {
   match if substring (option vendor-class-identifier,0,37) = "Cisco Systems, Inc. IP Phone CP-7970G";
   option arp-cache-timeout 60;
   option cisco-tftp 192.168.1.1,192.168.1.2;
   option tftp-server-name "cisco-cm.mavetju.org";
}

Update

There is a draft for the option 150 available at: http://www.ietf.org/internet-drafts/draft-raj-dhc-tftp-addr-option-00.txt


No comments