Wednesday, June 25, 2014

Dark-Fiber issue and Resolved

Client Issue:
The link of dark-fibre down for 5 months. Few weeks ago, got their error message-- BIOS (send to RAM)
As clients received the replaced SW 3850 from cisco, we went to client site to fix the issue.

Dark Fibre is a fibre-optic point to point connectivity solution that provides customer full control of their network and also allow clients to enjoy security and reliability of their network.



Notes from work:
Dark-Fibre usually designed for critical sites, there are below several tasks need to reach
1. Error diable auto-discovery: 
    udld autorecovery: 
              UDLD is an mechanism to avoid fiber link loops. Fibre Tx is physical separated from Rx, such as SC, ST, LC, FC and so on. There are possibility of loop by mis-plug.
         
 UDLD in a mechanism to detect TX, and RX to detect if any loops in network.

There are two type of udld mechanism as loops caused:
 1. UDLD aggressive, that will "error-diable" interface
 2. UDLD enable, that will send "error message" to admin.



In Global config, existing "usls aggressive", an admin is better to config "errdisable recovery cause udld"  in Error diable auto-discovery parts to avoid any future unexpected interface down.

2. How to verify Fiber interface work operationally:  
   "show interface transceiver detail" to verify the interface the receive and transmit signal. The deep explanation below:

XXXX#sh int transceiver detail 
mA: milliamperes, dBm: decibels (milliwatts), NA or N/A: not applicable.
++ : high alarm, +  : high warning, -  : low warning, -- : low alarm.
A2D readouts (if they differ), are reported in parentheses.
The threshold values are calibrated.

                              High Alarm  High Warn  Low Warn   Low Alarm
          Temperature         Threshold   Threshold  Threshold  Threshold
Port       (Celsius)          (Celsius)   (Celsius)  (Celsius)  (Celsius)
--------- ------------------  ----------  ---------  ---------  ---------
Te1/1/1     32.6                75.0        70.0         0.0       -5.0

                              High Alarm  High Warn  Low Warn   Low Alarm
           Voltage            Threshold   Threshold  Threshold  Threshold
Port       (Volts)            (Volts)     (Volts)    (Volts)    (Volts)
---------  ---------------    ----------  ---------  ---------  ---------
Te1/1/1    3.27                  3.63        3.46        3.13       2.97

           Optical            High Alarm  High Warn  Low Warn   Low Alarm
           Transmit Power     Threshold   Threshold  Threshold  Threshold
Port       (dBm)              (dBm)       (dBm)      (dBm)      (dBm)
---------  -----------------  ----------  ---------  ---------  ---------
Te1/1/1      0.1                 7.0         4.0        -4.7       -8.6

           Optical            High Alarm  High Warn  Low Warn   Low Alarm
           Receive Power      Threshold   Threshold  Threshold  Threshold
Port       (dBm)              (dBm)       (dBm)      (dBm)      (dBm)
-------    -----------------  ----------  ---------  ---------  ---------
Te1/1/1     -4.2                 2.0        -1.0       -15.8      -19.7
  

According to this link, 10G ER must fulfil this requirement:
TX:  4.0 dBm ~ -4.0 dBm   ( we got 0.1 dBm )
RX: -1 dBm ~ -15.8 dBm   ( we got  -4.2 dBm )

http://www.cisco.com/c/en/us/products/collateral/interfaces-modules/transceiver-modules/data_sheet_c78-455693.pdf


Notes for Understanding Dark-Fiber benefits
1. Freedom : the clients will enjoy full control of network by have a freedom to select the transmission technology of clients' choice to deploy over a Point-to-point connection. This Priorate WAN connection runs Gigabit /TenGigabit Ethernet, ATM, or any adopted protocol.

2. Reliability: Reliability is required all the time in WANs, and Dark-Fibre allows the clients to specify the point-to-point route that they need to connect their WANs, resulting in a direct circuit to get from point A to Point B. Due to only clients' traffic operating over Dark Fibre, it will reach a Carrier-Grade SLA that easily makes the service very reliable.

3. Security: Point-to-point Dark Fibre networks provide clients  a very secure way to connect business mission between critical sites.

4. Performance: Almost unlimited bandwidth potential of optical fibre, and it is with nearly no intervening electronics of any kind the service.


Posted by at No comments:

SFP in 3750/3750E/3750X


Client Requirement :
     1. an additional Fibre connect point to a switch
     2. within 2km

Analyse Step:
   1. Check the Switch Type  -----standard 3750
   2. Double check the distance among sites ----2km

Solution:

Client's SW is a standard 3750, within 2 km
Therefore, LX/LH SFP is our solution


SFP (Small Fibre Pluggable ) background Knowledge:
    Multi-Mode-LED :50 u/62.5u
    Sigle-Mode- Laser: 9 u













Each SW3750 type and requirement module for SFP

3750X , network module: C3KX-NM-1G
GLC -SX/LX





















My notes:
Terms:10 G Fiber
X2/XFP/SFP+/Xenpack  -------for 10 G


10G SR(short reachable)
        LR(Long )
        ER(extended)


Posted by at No comments:

Monday, June 23, 2014

Part_3 Lab3:SIP/SCCP configuration. Telephony System integrated Mobile Jabber.

Topology for Telephony system







Telephony system configuration on CME 

  1. Voice Service trusted list
  2. CUE
  3. Jabber: SIP
  4. IPPhone: SCCP
  5. E1 controller

Voice Service Trusted List
 voice service voip 
   ip address trusted list
     ipv4 192.168.3.0 255.255.255.0     #this site subnets in trusted
   allow-connections h323 to h323       #for signal protocol trans-code
   allow-connections h323 to sip 
   allow-connections sip to h323
   allow-connections sip to h323
   allow-connections sip to sip
   fax protocol t38 version 0 ls-redundancy 0      #for FAX 
  sip   
   bind control source-interface GigabitEthernet0/0   #sip: jabber in this subnet connected to WAN port
   bind media source-interface GigabitEthernet0/0    #sip: jabber in this subnet connected to WAN port
   registrar server
   
CUE
interface Integrated-Service-Engine0/0     #this module born in the CME router
 description Loopback interface used to manage
 integrated application module
 ip unnumbered Vlan90  #no ip add, but associate with vlan 90
 service-module ip address 192.168.90.1 255.255.255.0   #CUE address
 service-module ip default-gateway 192.168.90.254

interface GigabitEthernet0/1/3
 description Interface used to Communicate with integrated service  #router interface associate with CUE 
 switchport access vlan 90     #associate with vlan 90 by access
 no ip address
 service-module ip address 192.168.90.1 255.255.255.0    #same as Integrated-Service-Engine0/0
 service-module ip default-gateway 192.168.90.254      #same as Integrated-Service-Engine0/0

http:192.168.90.1












SIP
   voice register global
      mode cme
      source-address  192.168.3.132 port 5060    #CME WAN port g0/0 ip, 5060 SIP port number
      max-dn 100
      max-pool 20    # =sccp:  max-ephone 20 
      authenticate register    #required to authentication for each user jabber app  
      authenticate realm  xxxx.com.au
      timezone 10 
      tftp-path falsh:   #must to config, sccp have tpth by default file in flash: .its 
      file text            #must config, save in text files
      create profile 

   voice register dn 1
     number 0415111111      #one jabber number 
     name XXX1
     Label XXX1.COM-XXX


   voice register dn 2

     number 0415222222      #second jabber number 
     name XXX2
     Label XXX2.COM-XXX




  voice register dn 3

     number 0415333333     #second jabber number 
     name XXX3
     Label XXX3.COM-XXX

  Jabber: (3 jabber smart phones)

   voice register pool 1      #=   sccp : ephoen 1
       registration-timer max 720 min 660    #fix value
       ip mac XXXX.XXXX.XXXX        #mobile smart device mac, could check from current  AP 
      session-transport tcp 
       type CiscoMobile-iOS        #config for iPhone, could change type for Android 
       number 1 dn 1         #=  sccp: button  1 1 
       dtmf-replay rtp-nte
       username XXX1 password 12345


   voice register pool 2      #=   sccp : ephoen 2
       registration-timer max 720 min 660    #fix value
       ip mac XXXX.XXXX.XXXX        #mobile smart device mac, could check from current  AP 
      session-transport tcp 
       type CiscoMobile-iOS        #config for iPhone, could change type for Android 
       number 1 dn 2         #=  sccp: button  1 2
       dtmf-replay rtp-nte
       username XXX2 password 12345



   voice register pool 3     #=   sccp : ephoen 1
       registration-timer max 720 min 660    #fix value
       ip mac XXXX.XXXX.XXXX        #mobile smart device mac, could check from current  AP 
      session-transport tcp 
       type CiscoMobile-iOS        #config for iPhone, could change type for Android 
       number 1 dn 3          #=  sccp: button  1 3 
       dtmf-replay rtp-nte
       username XXX3 password 12345


SCCP 


   telephony-service
   mac-ephone 10 
   mac-dn 600
   ip source-address 192.168.3.132 port 2000    #sccp port number
   web admin system name xxx password 12345   #web GUI, http://X.X.X.X/ccme.html
   create cnf-files

  
   ephone-dn 1
      number 02636311111
      label XXX office
      name XXX

   ephone 1
      mac-address XXXX.XXXX.XXXX
      type 504G      #old 504G need to config typr 
      button 1:1

interface GigabitEthernet0/1/0
  description connect to ipphone
  switchport voice vlan 100    #interface access voice vlan 100
  spanning-tree portfast 


GUI Wed
    ip http server 
    ip http authentication local    #use the local config for user / password 
    ip http path flash:gui     #CME gui file saved in flash 

E1
isdn switch-type primary-net5    #E1 type is net5
  controller E1 0/3/0
  clock source internal    #clock must config
  pri-group timeslots 1-10,16

interface Serial0/3/0:15
  encapsulation hdlc
  isdn switch-type primary-net5
  isdn protocol-emulate network   #  only on PSTN, other isdn protocol-emulate user





  

Posted by at No comments:

Sunday, June 22, 2014

Part_2 : Lab1.Basic Configuration. Telephony System integrated Mobile Jabber.

Topology






































Step 1: Check the versions
Router IOS Version:
ROM: System Bootstrap, Version 15.0(1r)XA3, RELEASE SOFTWARE (fc1)

CME version:
PSTN#sh telephony-service
CONFIG (Version=8.6)
=====================
Version 8.6

Step 2: Basic config:

  1. Clock 
  2. T1/E1 card type
  3. HDCP
  4. Vlan Plan : Vlan 90 server: for CUE;  Vlan 100 voice vlan for IPPhone; Vlan 200 data for AP 
  5. IP address: AP : 192.168.3.131;  GW(TFTP): 192.168.3.132; Service-Engine: 192.168.90.1,  Vlan 90 :192.168.90.254; Vlan 100 192.168.100.254 255.255.255.0; Vlan 200: 192.168.200.254
  6. NAT 
  7. Routing : RIPv2 + default route
  8. Note: Japper only in SIP, IPPhone config in SCCP 
Clock : 
clock timezone SYD 10 0
network-clock-participate wic 3    # T1/E1 wic port is 0/3 must participate in clock network 

T1/E1 card type

sh diag
        HWIC Slot 3:
        VWIC2-1MFT-T1/E1 - 1-Port RJ-48 Multiflex Trunk - T1/E1
        Hardware Revision        : 0.0
        Top Assy. Part Number    : 800-22628-05
        Board Revision           : E0
        Deviation Number         : 0
        Fab Version              : 04
        PCB Serial Number        : FOC15326WP9
        RMA Test History         : 00
        RMA Number               : 0-0-0-0
        RMA History              : 00
        Product (FRU) Number     : VWIC2-1MFT-T1/E1

card type e1 0 3

DHCP 
ip dhcp pool voip 
  network 192.168.100.0 255.255.255.0
  default-router 192.168.100.254
  option 150 ip 192.168.3.132       #tftp, should be the same as telephone service 

ip dhcp pool data
  network 192.168.200.0 255.255.255.0
  default-router 192.168.200.254
  dns-server 8.8.8.8

#no dhcp pool for Vlan 90 of CUE, only one ip for CUE  and no other device will in Vlan 90

Vlan 
interface Vlan90
ip add 192.168.90.254 255.255.255.0

interface Vlan100
ip add 192.168.100.254 255.255.255.0


interface Vlan200
ip add 192.168.200.254 255.255.255.0

NAT
access-list 101 deny ip any 172.168.0.0 0.0.255.255   #HQ subnets, internal networks no need NAT
access-list 101 deny ip any 192.168.0.0 0.0.255.255   #branch subnets, internal networks no need NAT
access-list 101 permit ip any any #except internal subnets, NAT translates subnet 

ip nat inside source list 101 interface GigabitEthernet 0/0 overload

interface Vlan90
ip nat inside
interface Vlan100
ip nat inside
interface Vlan200
ip nat inside

Routing : RIP+ default route
router rip
 network 192.168.3.0
 network 192.168.90.0
 network 192.168.100.0
 network 192.168.200.0
ip route 0.0.0.0 0.0.0.0 192.168.3.1 


Install Jabber in smartphone 







Posted by at No comments:

Part 1: Analysis requirement .Telephony Ststem integrated Mobile Jabber

Senario:
Several branches require to implement VoIP and also integrates with current traditional analogy phones in branch office and with  HQ office telephony system. Each branch are located  around 10-20 ppl and expects employees' mobile devices able to connect into internal telephony system for businesses and cost efficient purpose.

Our solution:
1. CME560 for each client branch site for cost-efficiently without extra modules to integrate telephony with client current WiFi and LANnetwork.
2. Cisco Jabber for each employee mobile device
3. Simple use current AP the connected to CME

 
Note: Deep Understanding of CME 560 
http://www.cisco.com/c/en/us/products/collateral/unified-communications/unity-express/reference_guide_c07-566560.html


  •  An affordable unified communications appliance that provides voice and data communications, voicemail, automated attendant, video, security, and wireless capabilities while integrating with existing desktop applications such as calendar, email, and customer relationship management (CRM) programs.
  •  This easy-to-manage platform supports up to 138 phones and 125 voice mailboxes and provides flexible deployment options based on your needs
Other specification details check with the link 


Configuration in simulated Lab in Part 2



Posted by at No comments:

Tuesday, June 17, 2014

Cisco Cost-Efficient solution for 802.11ac +4G

Client Requirement:
1. Wireless implement for all company environment (gigabit- ethernet)
2. Only Cisco solution
4. All mobile device connect to (specified 4G), 3G won't accept

Scenario :  If it is about the SLT meeting, I’ll get a debrief from the CEO office first. Our most basic requirement was to allow users to connect in a meeting space to a wi-fi device(s) or services for up to 40 concurrent users. We will connect laptops or mobile devices to this wireless device. Can you suggest some options fir
st, pending further discussions and any more detail? (gigabit wifi, and 4 )

Cisco solution, all 800 series,( integrate service routers ) can't support both 4G, and WiFi

Solution:
1. C1941-HW/K9:  Cisco 1941 Hardware Only Bundle
2. Modules:
     EHWIC-4G-LTE-G:  4G LTE EHWIC for Global, 800/900/1800/2100/2600 MHz
     EHWIC-4ESG-P : Four port 10/100/1000 Ethernet switch interface card w/PoE 
     ISM-SRE-300-K9 :Services Ready Engine 300 (512MB MEM, 4GB Flash, 1C CPU)-WLC
3. AP:
    AIR-CAP2702I-A-K9 : 802.11ac CAP w/CleanAir; 3x4:3SS; Int Ant; A Reg Domain




Posted by at No comments:
Subscribe to: Posts (Atom)