Cisco ASYNC NM-16A Console Management

Posted: 22nd November 2009 by Mark in Cisco
1

The following is an example of using a Cisco 2811 slotted with an NM-16A ASYNC module to manage other Cisco devices as if you were connected to them locally with a laptop and a serial connection. The ASYNC modules are available in different port densities. There is also an HWIC version.

router# show hardware

Cisco 2811 (revision 53.50) with 772096K/14336K bytes of memory.

Processor board ID FTX1124A3VQ
2 FastEthernet interfaces
15 Serial interfaces
4 Low-speed serial(sync/async) interfaces
16 terminal lines
2 Channelized/Clear E1/PRI ports
4 Channelized/Clear T1/PRI ports
1 Virtual Private Network (VPN) Module

!
line con 0
exec-timeout 0 0
privilege level 15
line aux 0
line 1/0 1/15
session-timeout 5
transport input all
autohangup
stopbits 1
line vty 0 4
login
!
router#show line

Tty Line Typ Tx/Rx A Modem Roty AccO AccI Uses Noise Overruns Int
0 0 CTY – – – – – 0 0 0/0 -
1 1 AUX 9600/9600 – – – – – 0 0 0/0 -
1/0 66 TTY 9600/9600 – – – – – 0 0 0/0 -
1/1 67 TTY 9600/9600 – – – – – 0 0 0/0 -
1/2 68 TTY 9600/9600 – – – – – 0 0 0/0 -
1/3 69 TTY 9600/9600 – – – – – 0 0 0/0 -
1/4 70 TTY 9600/9600 – – – – – 0 0 0/0 -
1/5 71 TTY 9600/9600 – – – – – 0 0 0/0 -
1/6 72 TTY 9600/9600 – – – – – 0 0 0/0 -
1/7 73 TTY 9600/9600 – – – – – 0 0 0/0 -
1/8 74 TTY 9600/9600 – – – – – 0 0 0/0 -
1/9 75 TTY 9600/9600 – – – – – 0 0 0/0 -
1/10 76 TTY 9600/9600 – – – – – 0 0 0/0 -
1/11 77 TTY 9600/9600 – – – – – 0 0 0/0 -
1/12 78 TTY 9600/9600 – – – – – 0 0 0/0 -
1/13 79 TTY 9600/9600 – – – – – 0 0 0/0 -
1/14 80 TTY 9600/9600 – – – – – 0 0 0/0 -
1/15 81 TTY 9600/9600 – – – – – 0 0 0/0 -

The ASYNC module is in slot 1 and there are 16 available ASYNC ports labeled 1/0 – 1/15.

router# show diag

Slot 1:
Async Port adapter, 16 ports
Port adapter is analyzed
Port adapter insertion time 00:15:02 ago
EEPROM contents at hardware discovery:
Hardware revision 0.1 Board revision B0
Serial number 15674198 Part number 800-02244-05
FRU Part Number NM-16A=

Configuration example

Best-practice is to create a loopback interface. They are never ‘down’ unless they are administratively shutdown.

router(config)# interface Loopback0
router(config-if)# ip address 177.1.254.254 255.255.255.255

Use the ‘ip host’ command to assign a hostname to your reverse telnet session. 20xx port number should match the intended physical connection from the rear of the NM-16A as seen in ‘show line’ output.

router(config)# ip host hq 2066 177.1.254.254
router(config)# ip host sw 2067 177.1.254.254
router(config)# ip host br1 2068 177.1.254.254
router(config)# ip host br2 2069 177.1.254.254

Breakdown

  • Router starts all reverse telnet ports with 20xx
  • The lowest xx value is 66 and the highest is 81 (review ‘show line’ output)
  • Possible assignable ranges are 2066 – 2081 (which correspond with Line 1/0 – 1/15)
  • Rear of NM-16A module uses two Octal cables labeled Port 0-7 and Port 8-15
  • Port/Cable 0 = Line 1/0; Line 1/0 = 2066
  • Port/Cable 1 = Line 1/1; Line 1/1 = 2067
  • Port/Cable 2 = Line 1/2; Line 1/2 = 2068
  • Port/Cable 15 = Line 1/15; Line 1/15 = 2081

To verify this configuration is working to br2 type the host name in enable mode

router# br2
Translating “br2″

Trying br2 (177.1.254.254, 2069)… Open

r3-br2#

Press and hold CTRL SHIFT 6 (in that order) then let go and press X to exit the console session and return back to the original router# acting as the Access Server.

CTRL+SHIFT+6 X does not permanently end the session, it only jumps the session back to the Access Server.  Knowing that the connection to br2 is still ‘open’ it is still possible to console to yet another device without ending the original session to br2.  If I want to connect to br1 from the router# I simply type br1. Pressing CTRL+SHIFT+6 X will escape the br1 session and return the session to the Access Server.

It is important to keep in mind the router still has two active console connections which include br2 (the original session) and br1. Entering ‘br2′ will not allow a connection to the br2 router because a session is already in open. Instead, enter ‘resume br2′ which uses the existing session to resume the console connection from the Access Server. When it is time to permanently end a console session enter ‘disconnect br2′ at the Access Server router prompt and the console session will end.

Cisco 7965 SCCP to SIP Firmware Upgrade

Posted: 17th November 2009 by Mark in Cisco, SIP
0

Recently I needed to change the firmware on some Cisco 7965 phones from SCCP to SIP. By far the simplest method is loading the COP file on UCM and letting the phone upgrade on its own.  In my case, this upgrade was being done without using UCM.  The Cisco read-me doc for the SIP firmware covers the COP upgrade procedure only.  It tells you that you may unzip the files on a TFTP server but there is no procedure which explains what else you must do to load the SIP firmware.

In this example I am upgrading Cisco 7965 phones to SIP firmware 8.5.  Once you have downloaded the zipped version of the SIP firmware from CCO place the unzipped files in your TFTP servers root directory.  Modify your XMLDefaults.cnf.xml file so the load information matches your firmware.

<loadInformation8 model=”Cisco 7965″>SIP45.8-5-3TH1</loadInformation8>

You should connect your IP phone to LAN where DHCP provides the IP, subnet, and TFTP server IP.  Make sure your phone has DHCP enabled = YES. Your DHCP server needs to support DHCP Options.  TFTP option 66 is required for Cisco phones running SIP.  Option 66 can be used to provide an IP address (recommended) but can also support a DNS names (assuming you are also providing at least one DNS server IP via DHCP).  Option 150 only supports IP addresses and is required for SCCP firmware.  You can safely configure your DHCP to issue both TFTP options.

Next pull the power from your phone and plug it back in.  Hold down # until the line keys start to blink and press 123456789*0# and your phone should reset.  Your phone should display “Upgrading” on the screen.  If you are using a Unix based tftp server you can execute tcpdump port 69 and you should see your phone requesting the files.  Your phone should display the progress of the SIP firmware upgrade and eventually reboot.  After it reboots you can press Settings > Model Information and scroll down until you see the Call Control Protocol = SIP.

If you performed a factory reset and did not have DHCP enabled then your phone is most likely stuck at the Upgrading screen. Pressing keys on the phone will not change the status. At this point you should pull the power, plug it back in, hold # and then enter the keys 3491672850*# to factory reset the phone.  This allows the phone to clear its flash and still download new firmware.  Your screen is going to be totally black and it will appear as if your phone is not functional, but the phone is really sending a DHCP request and waiting for an IP, subnet, and TFTP IP assignment before proceeding to download the firmware.  All of this is happening while the phone’s screen is black. If you want to read the official word on this, Cisco has a field notice on their web site.  Monitoring tcpdump on the TFTP server is useful in this case because you know the phone is doing something.  Also, you can view the DHCP bindings to verify your phone successfully acquired an IP address.

Unified Communications Manager 7.1(3) in VMWare

Posted: 10th November 2009 by Mark in Cisco
7

The latest media from Cisco is 7.1.3a for Unified Communications Manager and Unity Connection. CUPS is now 7.0.5.  There are some things to be aware of when trying to load Unified applications in VMWare.  Here are the specifications for a successful installation.

NOTE: When performing the installation choose  “skip” when first prompted to use the Wizard.  You will prompted further into the installation to use the Wizard and at that time  you should continue.  Also note that each phase of the installation has estimated completion times that certain install tasks need to complete.  If you try installing too many instances of Unified applications at the same time this slows down your hard drive and uses more CPU which can cause these tasks to exceed their time limit.  When this happens the particular Unified application will hault and the installation will fail.  Best practice is to install each server one at a time and wait for it to complete before proceeding to the next application.

Unified Communications Manager/Unity Connection

VMWare Compatability 6.5 – 7
Red Hat Enterprise Linux 4
1 CPU / 1 CORE
Memory 2048 MB
LSI SCSI Controller
80GB Hard Drive (Pre-allocated = better performance)

Cisco Unified Presence Server 7.02 or 7.05

VMWare Compatability 6.5 – 7
Red Hat Enterprise Linux 4
1 CPU / 1 CORE
Memory 2048 MB
IDE Controller
80GB Hard Drive (Pre-allocated = better performance)

CUPS 7.0(5) will display a warning every time you boot the VM telling you that VMWare is unsupported.  You must agree before the boot continues.  7.0(2) does not do this and as far as I can tell, there is no compelling resson to run CUPS 7.05 over 7.02 in a lab environment.

By default Cisco locks down the UC Linux appliances so no one can access its underlying Linux operating system and obtain root access.  There are known methods to bypass this.  If you have already found a way then you may configure the virtual machine such as CUPS 7.0(5) so it does not force you to Agree to using the software on an unsupported platform every time you reboot.  This normally is not an issue if you are sitting in front of the VM while it is loading, but if you are rebooting remotely and don’t have access to the console then this is a problem.  Luckily the workaround is simple.

vi /usr/local/bin/base_scripts/hardware_check.sh and change the following:

if [ "$hwmodel" = "vmware" ];

to

if [ "$hwmodel" = "appliance" ];


Resizing the Broadworks Datastore (DSN)

Posted: 19th October 2009 by Mark in BroadWorks, SIP, Unix
2

As the database grows on the Broadworks Application and Network servers there will be a need to change the memory allocation for the TimesTen datastore. The Maintenance Guide does not contain all the required steps. The rule of thumb is the allocated “perm” size should not exceed more than 25% of total system memory and the “temp” size should be equal to 25% of the perm size.

The following example assumes 8GB of memory on both AS1 and AS2.

1. SSH to AS1 as bwadmin
2. stopbw
3. repctl stop
4. su as root
5. cd /usr/local/broadworks/bw_base/bin
6. timesten.pl unload
7. ./resizeDSN (perm=2048; temp=512)
8. exit (return to bwadmin)
9. repctl start
10. startbw

– Wait 10 minutes for buffered replication changes from AS2 –

1. SSH to AS2 as bwadmin
2. stopbw
3. repctl stop
4. su as root
5. cd /usr/local/broadworks/bw_base/bin
6. timesten.pl unload
7. ./resizeDSN (perm=2047; temp=512)
8. exit (return to bwadmin)
9. importdb.pl AppServer as1 AppServer (replace as1 with your primary AS hostname or IP)
10. repctl start
11. startbw

If everything went smoothly you should be able to run sychcheck_basic.pl -a on AS2 and the database should show synchronized. If the importdb.pl command in step 9 was unable to import the database, you will need to manually perform the backup and restore procedure.

1. On AS1: bwBackup.pl AppServer dbBackup.db
2. scp the file to AS2: scp dbBackup.db bwadmin@as2:dbBackup.db
3. On AS2: stopbw
4. repctl stop
5. bwRestore.pl AppServer dbBackup.db
6. repctl start
7. startbw

On one other occasion AS1 would not start replication after resizing the DSN due to an error which stated AS2 was on a different patch version than AS1. The two nodes were patched identical, but the patch tool was not responding on AS2 and therefore AS1 could not verify appropriately thus reporting the error. The solution was as simple as restarting the patch tool. However, the Maintenance Guide does not explain how to do this so I spent more time trying to find the procedure than it actually took to execute the commands.

as2$ stoppt.pl
as2$ startpt.pl

Cisco IOS Archive Command

Posted: 10th October 2009 by Mark in Cisco
0

Something commonly overlooked is how to store incremental backups of your Cisco router configurations. Some people use Rancid or Kiwi Cat Tools and they are great, but what most people do not realize is IOS 12.3(4)T and higher has an archive command. Each time you perform a write mem or copy run start the router will save an archived version to the path you specify.

In this example, we chose to save the archive configuration files on the flash card in slot0; however, you can also store the configuration files remotely using such protocols as TFTP.

To create an archive of old configuration files, use the following set of commands:

Router1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router1(config)#archive
Router1(config-archive)#path slot0:/configs/$h
Router1(config-archive)#write-memory
Router1(config-archive)#time-period 1440
Router1(config-archive)#end
Router1#

Passed CCIE Written Exam

Posted: 9th October 2009 by Mark in Cisco
0

Today I passed the CCIE written exam. Now it is time to buckle down and prepare for the practical. Major work ahead.

Call Manager Express TAR Process

Posted: 28th September 2009 by Mark in Cisco, SIP
0

There are two ways to install CME on your router.  One is to log into CCO and navigate to the Voice software section and download the zip file.  Inside this zip file are several tar files which need to be extracted via TFTP in to the router’s flash.  This takes a while because there are several TAR files.  Another (easier) method is on the same page as the ZIP files is a link to the “individual” TAR files, but Cisco also provides the full set of files in a single TAR file.  Downloading and extracting this to your router is a one-step untar process as opposed to extracting several TAR files from the ZIP file.  The instructions provided below are from CCO.

Cisco Unified CallManager Express files can be copied individually, or copied in bulk using the archive IOS command. Follow these steps to extract contents of tar file to router Flash memory using archive command:

1. Download the cme-full-7.1.0.0.tar file. This TAR file includes all the phone loads (7906/11, 7921/25, 7931, 7937, 7941/61, 7942/62, 7945/65, 7970/71, 7975), as well as gui files, and ringtones. The gui files will be unarchived to the “gui” folder, while the ringtones and xml will be downloaded to the “ringtones” folder. Phone loads will be downloaded to the “phone” folder and B-ACD prompts
will also be stored in the folder “bacdprompts”.

All cme-full-x.x.x.x.tar files are posted on the CCO site below:

http://www.cisco.com/cgi-bin/tablebuild.pl/ip-iostsp

If there are additional phones you wish to support that are not included in this TAR package, please go the following link and download the “cme-124-22YB.zip” file. Then unzip the file and manually add additional phone loads for the phone types that you wish to use.

http://www.cisco.com/cgi-bin/tablebuild.pl/ip-key

2. Extract phone load files to your router flash. Copy the cme-full-x.x.x.x.tar to a TFTP server,
and enter archive command to extract contents of tar file to router Flash:

Router#archive tar /xtract tftp://ip-address-of-tftp-server/cme-full-7.1.0.0.tar flash:

For example, if your TFTP server address is 192.168.1.1, you would enter:
archive tar /xtract tftp://192.168.1.1/cme-full-7.1.0.0.tar flash:

3. Share the phone load, ringtone, and background files by issuing the command ‘tftp-server flash:xxxxxx’ for each file on the flash.

3. Share the phone load, ringtone, and background files by issuing the command ‘tftp-server flash:xxxxxx’ for
each file on the flash

Cisco Console Port Access on Mac

Posted: 22nd September 2009 by Mark in SIP
0

This is for the folks who feel lost because they switched from PC to Mac and do not know how to console into their Cisco router. The program you want to use in OS X is screen and it is already included in the OS X operating system.  I am using an IOGEAR GUC232A USB to Serial adapter to connect from a USB port on my Macbook Pro to my ISR.

mark-holloways-macbook-pro:~ mh$ ls -la /dev/tty.*
crw-rw-rw- 1 root wheel 18, 2 Sep 20 22:22 /dev/tty.Bluetooth-Modem
crw-rw-rw- 1 root wheel 18, 0 Sep 20 22:22 /dev/tty.Bluetooth-PDA-Sync
crw-rw-rw- 1 root wheel 18, 32 Sep 22 16:11 /dev/tty.PL2303-00002626

/dev/tty.PL2303-00002626 is the IOGEAR USB to Serial Adapter

mark-holloways-macbook-pro:~ mh$ screen /dev/tty.PL2303-00002626

Press RETURN to get started.

lab-2811>enable
Password:
lab-2811#show users
Line User Host(s) Idle Location
* 0 con 0 idle 00:00:00

Commands to know:

To end your session type CTRL-A then CTRL\

Really quit and kill all your windows [y/n] prompt appears at the bottom of Terminal

To issue a terminal break type CTRL-A then CTRL-B

Broadworks/Adtran: Call Forwarding to PSTN

Posted: 25th August 2009 by Mark in BroadWorks, SIP
0

I recently ran into an issue where a calling party from the PSTN was calling a Broadworks subscriber who is using a TDM PBX with a PRI connected to an Adtran TA900. The subscriber enabled call forwarding on their PBX to forward calls out to the PSTN. The issue is that Broadworks would tear down the original call before the second call leg to the PSTN could successfully setup. The immediate fix was to change the Broadworks Unreachable Destination timer from the default of 6 seconds to 8 seconds. This allowed enough time for the second call leg to setup.

Picture 1

The challenge is that by default, Broadworks gives the SIP endpoint 6 seconds to answer the call before tearing it down.  For PBX’s that forward calls to the PSTN and do not provide ring back on the original call leg, the setup time can take roughly 6.5 – 7 seconds – just enough time for Broadworks to tear down the call.

At the time I was looking at the Adtran TA900 debugs for the ISDN setup just prior to change the Unreachable Destination timer, I remembered the IAD always adds an additional 2+ second delay in the VoIP to PSTN direction. This is due to Waiting for Name Facility ISDN message.  Some PBX’s send the number and name in the ISDN setup towards the IAD.  The IAD doesn’t receive the name it will wait up to 5 seconds before before it times out and proceeds with the call towards the PSTN.

15:25:54 ISDN.EP     PRI  1  Incoming call :'17025551212' from '2095551212'.
15:25:54 ISDN.CC_MSG PRI  1  Host>>CC: 00 2c43 CALL_PROCEEDING_REQ
15:25:54 ISDN.EP     PRI  1  Call from 2095551212, wait for Name Facility msg
[OUTPUT OMITTED]
15:25:56 ISDN.EP     PRI  1  Call from 2095551212 - timeout waiting for Name Facility

You will notice there is a 2 second delay from the time the call began its setup and the timeout waiting for Name Facility.  2 seconds is a lot of “dead time” considering Broadworks only allows 6 seconds for the call to successfully setup.

Here is the Adtran command to reduce the amount of time dedicated to Name Facility.

interface pri 1
  description PRI to PBX
  isdn name-delivery setup
  calling-party name-facility-timeout 0
  connect t1 0/2 tdm-group 30
  digits-transferred 7
  role network b-channel-restarts enable
  no shutdown

You do not have to change the timer to 0.  The default is 2 which is only visible in the configuration if you issue the “show run verbose” command.  Setting it to any other value will make the command visible in the configuration.  After changing this command to something lower than 2 you should immediately notice lower post dial delay in your call setup.  In the case of PBX’s that forward calls without providing ring back, this should alleviate the problem.

Cisco IOS: Configuring PRI Trunk Groups

Posted: 16th August 2009 by Mark in Cisco, SIP
0

Someone recently asked me how to configure more than one PRI on a Cisco Router to support VoIP to PSTN calls. Their exact words were inquiring based on the premise “..in case a PRI fails” but in the configuration I am going to take it one step further. I am using a similar configuration in the real-world with Cisco AS5400′s trunked to Nortel DMS class 5 switches which carries Hosted PBX traffic from Broadworks to the PSTN (and vice versa).

Start my creating a name for each of your trunk groups and set the hunt-scheme. For this example I will create two fictitious trunks groups.

as5400# config t
as5400(config)# trunk group CAT1//PHXAZYJ80//Phoenix
as5400(config-trunk-group)# hunt-scheme sequential
as5400(config-trunk-group)# exit
as5400(config)# trunk group CAT4//PHXAZYJ80//LongDistance
as5400(config-trunk-group)# hunt-scheme sequential

You may select from various types of hunt-schemes but the method I use is sequential because I will start from the last PRI and work towards the first, where the Class 5 switch starts with the first and works towards the last. This helps prevent glare from occurring (when the switch and gateway try to cease the same channel).

Other hunt scheme options include least-idle, least-used, longest-idle, random, and round-robin.

Next I will assign four T1′s to a trunk group and two T1′s to another. Keep in mind my AS5400 has a channelized DS3 module which support a maximum of 28 T1′s.

interface Serial1/0:1:23
no ip address
trunk-group CAT1//PHXAZYJH80//PhoenixLocal
isdn switch-type primary-ni
isdn incoming-voice modem
priority-group 4
no cdp enable
!
interface Serial1/0:2:23
no ip address
trunk-group CAT1//PHXAZYJH80//PhoenixLocal
isdn switch-type primary-ni
isdn incoming-voice modem
priority-group 8
no cdp enable
!
interface Serial1/0:3:23
no ip address
trunk-group CAT1//PHXAZYJH80//PhoenixLocal
isdn switch-type primary-ni
priority-group 8
no cdp enable
!
interface Serial1/0:4:23
no ip address
trunk-group CAT1//PHXAZYJH80//PhoenixLocal
isdn switch-type primary-ni
priority-group 8
no cdp enable
!
interface Serial1/0:5:23
no ip address
trunk-group CAT4//PHXAZYJH80//LongDistance
isdn switch-type primary-ni
priority-group 4
no cdp enable
!
interface Serial1/0:6:23
no ip address
trunk-group CAT4//PHXAZYJH80//LongDistance
isdn switch-type primary-ni
priority-group 8
no cdp enable

The final step is to configure two POTS dial peers. Here is where most people get confused because they are used to assigning a single physical analog port or PRI to a POTS dial peer. In this case we assign a trunk group to the POTS dial peer and the AS5400 determines which PRI from group or PRI’s the call will egress.

dial-peer voice 90071 pots
trunkgroup CAT1//PHXAZYJH80//Phoenix480Local
description To DMS
translation-profile outgoing STRIP_1_FROM_CALLING
destination-pattern 0071
progress_ind setup enable 3
progress_ind progress enable 8
direct-inward-dial

dial-peer voice 9 pots
trunkgroup CAT4//PHXAZYJH80//LongDistance
translation-profile outgoing STRIP_1_FROM_CALLING
incoming called-number .T
destination-pattern 4444.T
progress_ind progress enable 8
translate-outgoing calling 1
direct-inward-dial
prefix 1

Referencing the trunk groups in the dial peers will associate the calls with the appropriate set of PRI’s. Remember the original question I received wanted to know how to support more than one PRI for failover. Although you could setup different preferences if you always wanted calls to use the same PRI, using trunk groups is a much more practical approach.

If you are curious and want to see the translation profiles and rules from the dial peers they are as follows.

voice translation-rule 1
rule 1 /^1/ // type unknown national plan unknown isdn
!
voice translation-rule 11
rule 1 /^1/ // type unknown national plan unknown isdn
!
voice translation-rule 1480
rule 1 /^4444480/ /0071480/
rule 8 /^4444\(8\)\([2-8]+\)/ /00711\1\2\3/
rule 9 /^4444\([589]\)\(00\)/ /00711\1\2/
rule 10 /^4444\([2-8]\)\(11\)/ /0071\1\2/
rule 11 /^44441411/ /00711411/
rule 12 /^4444101/ /0071101/
rule 14 /^4444011/ /011/
rule 15 /^44440/ /00110/
!
!
voice translation-profile 480
translate calling 1
translate called 1480
!
voice translation-profile STRIP_1_FROM_CALLING
translate calling 1
translate redirect-called 11

Older Entries
Newer Entries