× NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Orbi WiFi 7 RBE973
Reply

Voice VLAN command - LLDP seems to stop working

Voice VLAN command - LLDP seems to stop working

I have a strange issue with the voice vlan command that I'm trying to isolate between our switches and Shoretel phones, but it seems there's no debug options for LLDP on this switch.

 

We use the following config on our access switchports:

 

vlan 10,20

vlan name 10 "Voice"

vlan name 20 "LAN"

voice vlan

!

!

interface x/0/x

voice vlan 10

switchport mode access

switchport access vlan 20

 

And for the most part, this config works great! The phones automatically tag themselves for VLAN 10, request DHCP from the voice subnet, receive the necessary DHCP option 156 (see here) on VLAN 10, download their config, and we're off. No problem.

 

However, after the switch has been up for a significant period of time, LLDP seems to just...stop working. When a phone is connected, or reset, the phone fails to move to VLAN 10, and instead DHCPs to VLAN 20 (the LAN), which breaks everything unless I start adding firewall exceptions for the LAN to the voice subnet, which - for what I presume are obvious reasons - I do not like doing.

 

A factory reset of the phone does not alleviate the issue, nor does bouncing the switchport (or just disabling POE to reset the phone). The logs show that LLDP topology changes are being detected from the phone switchport when the phone is reset, but the phones still refuse to jump to the correct VLAN.

 

The only thing that seems to fix the issue is a complete reboot of the switch, which I have to do after hours (usually after midnight).

 

The switches are currently running v12.0.2.20 - I'm going to update them to 12.0.7.10 since that firmware fixes a couple of other issues I've been having, but is anyone aware of this issue? I've been trying to replicate the problem in our lab but of course everything works flawlessly when I'm watching it. 🙂

Model: GSM4352PA | M4300-52G-PoE+48x1G PoE+ Stackable Managed Switch with 2x10GBASE-T and 2xSFP+ (550W PSU)
Message 1 of 13

Accepted Solutions
tubesfarmer
Initiate

Re: Voice VLAN command - LLDP seems to stop working

FWIW this issue seems to be fixed. Originally the config was 

 

interface 1/0/1

voice vlan 10

switchport mode access

switchport access vlan 20

 

But the switch would randomly stop passing the tagged VLAN traffic. I changed the config to:

 

interface 1/0/1

voice vlan 10

switchport mode trunk

switchport trunk native vlan 20

switchport trunk allowed vlan 10,20

 

I haven't had a single DHCP failure/VLAN tag drop since moving to this config.

 

This behavior seems to only occur on the M4300 series - the M4100 actually rejects switchport mode access as a valid option when using voice VLAN (I have those access ports configured in general mode but I'll be updating them later for the sake of consistency). Maybe it would be nice in future updates to prompt users to use a trunk config when enabling voice VLAN on switchports so they don't spend their time flailing about like I did (this problem lasted for like, seven or eight months!). 🙂

 

To be clear, it wasn't LLDP failing to maintain the voice VLAN tag, it was the switch refusing to pass tagged traffic and the phone dropping the VLAN tag after DHCP repeatedly failed (which is normal Mitel/Shoretel behavior).

 

If anyone else googles this problem hopefully they find this post. 🙂 Woman Very Happy

View solution in original post

Message 11 of 13

All Replies
DaneA
NETGEAR Employee Retired

Re: Voice VLAN command - LLDP seems to stop working

Hi @technotechnotec,

 

Were you able to update the firmware of the M4300-52G-PoE+ switch to v12.0.7.10?  If yes, what are your observations?

 

Let me share the link and it might help:

 

Auto-VoIP and LLDP-MED Guide

 

 

Regards,

 

DaneA

NETGEAR Community Team

Message 2 of 13

Re: Voice VLAN command - LLDP seems to stop working

Hi @DaneA !

 

The guide you posted is a little confusing to me.

 

I remember reading somewhere that auto-voip and the voice vlan command don't work together - it has to be one or the other. I have both options in production in separate environments and I've done a LOT of testing with it, so I feel confident stating the following:

 

auto-voip

 

- Moves the phones to a defined VLAN based on OUI and passes traffic UNTAGGED. The switchport has to be configured in general mode for this to work.

 

- Here's my production config:

 

auto-voip vlan 10
auto-voip oui 00:10:49 [OUI for Shoretel] oui-desc "Phones"

!

interface x/0/x
auto-voip oui-based
description 'PC|Phone'
vlan pvid 20
vlan participation exclude 1
vlan participation include 20
exit

 

In this case, option 156 in DHCP only gives the location of the config server for the phone and no VLAN information is passed to the phones. The phones pass their traffic untagged over VLAN 10.

 

This config works fine, but the biggest issue I have with auto-voip is that it "locks" the configured voice VLAN so that no references to it can be removed from the switch. In practice, this also means it automatically tags itself in switchport trunks (which I don't want it to do) and I find the config somewhat crufty, as reliable as it's been.

 

voice vlan

 

- Tags the phone to a specific VLAN based on LLDP. The phones DHCP on the voice VLAN, download their config via FTP, and all is well. 

 

- My config:

 

voice vlan

!

interface x/0/x

voice vlan 10

switchport mode access

switchport access vlan 20

 

It's my understanding that these two methods are mutually exclusive - when I was still figuring out these switches a couple of years ago, running both options on the switch simultaneously led to some somewhat buggy and unpredictable behavior (at least, it did on 12.0.4.8). "auto-voip" seems Netgear proprietary and does not involve LLDP so far as I can tell, instead moving traffic to VLAN 10 based on OUI alone; the "voice vlan" command works more like "switchport voice vlan" (Cisco) or adding the "voice" command to a VLAN (HP/Aruba) and functions via LLDP, dynamically forcing the phone to tag itself to the correct VLAN.

 

Where we are now, "voice vlan" (global) and "voice vlan 10" are the commands we use, and by and large it works fine...until it doesn't. To answer your question, I've updated the switch code, rebooted, and the phones DHCP'd to VLAN 10 without issue. For now. I'll keep an eye on the DHCP server and see if they stop renewing their leases and update this thread if/when that happens.

 

Thanks!

Message 3 of 13

Re: Voice VLAN command - LLDP seems to stop working

To follow up on this, the issue is happening again. It's actually happening on two separate switches.

The normal sequence of events I expect to happen:

 

Phone receives POE, and boots:

<13> Mar 1 10:36:07 M4300-52-POE+ TRAPMGR[PoE Req]: traputil.c(795) 403575 %% PoE: 3/0/20 power down

<13> Mar 1 10:36:10 M4300-52-POE+ TRAPMGR[PoE Req]: traputil.c(795) 403577 %% PoE: 3/0/20 power up

Link comes up:

<13> Mar 1 10:41:17 M4300-52-POE+ TRAPMGR[trapTask]: traputil.c(753) 403660 %% Link Down: 3/0/20

<13> Mar 1 10:41:22 M4300-52-POE+ TRAPMGR[trapTask]: traputil.c(753) 403665 %% Link Up: 3/0/20

<13> Mar 1 10:41:42 M4300-52-POE+ TRAPMGR[lldpTask]: traputil.c(795) 403671 %% LLDP-MED Topology Change Detected: ChassisIDSubtype: 5, ChassisID: 0.0.0.0, DeviceClass: 3, Interface: 3/0/20

<13> Mar 1 10:42:15 M4300-52-POE+ TRAPMGR[lldpTask]: traputil.c(795) 403671 %% LLDP-MED Topology Change Detected: ChassisIDSubtype: 5, ChassisID: [Phone receives IP from DHCP], DeviceClass: 3, Interface: 3/0/20

And I can see the output:

(M4300-52G-POE+) #show lldp remote-device all | include 3/0/20
3/0/20 283 [Phone IP] 00:10:49:xx:xx:xx Serial Number: ...

 

That isn't happening in this case. The POE and link come up fine, but no LLDP information is exchanged between the phone and the switch. The fact that a reboot fixes this, and that this only happens with our M4300s, leads me to think it might be an issue with a) the switch firmware itself, or b) stacking the switches somehow contributes to this issue (I have yet to see the issue manifest in a non-stacked switch, like in our lab).

If there are any other log entries or outputs I can pull to help narrow down the issue, I'd appreciate it. I am running out of ideas and, quite frankly, this is a pretty disruptive problem to have.

Message 4 of 13
DaneA
NETGEAR Employee Retired

Re: Voice VLAN command - LLDP seems to stop working

Hi @technotechnotec,

 

Thank you for the update.  It would be best that you open a chat or online support ticket with NETGEAR Support at anytime. Be sure to attach the tech support file from your M4300-52G-PoE+ switch and indicate what port number the the issue has occurred and this might be possibly escalated to our engineering team for investigation.  

 

 

Regards,

 

DaneA

NETGEAR Community Team

Message 5 of 13
IT-Adm1n
Aspirant

Re: Voice VLAN command - LLDP seems to stop working

Just wanted to report that we are experiencing the same exact issue, but with two independant GS752TPv2 switches located in two different office sections, interconnected by a single up-link, both with the latest available firmware v6.0.0.45.

 

We have a combinasion of mostly Yealink VoIP phones and a few GrandStream units.

 

Everything worked fine for a few day, but the problem reoccurs after less than a week.

 

I can confirm the observations that the OUI based Auto-VoIP still sets the VLAN, but *untagged*, which breaks the configuration until said port is temporarilly set to untagged. Temporarilly untagged meaning until the next switch reboot that is as, when it works, LLPD indeed seems to consistently properly configure the phones to set and activate their VLAN tagging.

 

Rebooting a switch definitely cannot be done during business hours so this quite a hassle, especially the time required to insure that all phones indeed came back onoine properly afterwards.

 

One of the switch has fewer devices connected to it so I could troubleshoot during normal hours after confirming everyone were out to lunch and right after the switch reboot it started to properly communicate the LLPD configuration changes:

*Mar 04 2019 09:16:48: VLAN-6-VOICE_MBR_LLDP_ADD: Interface GigabitEthernet23 added to voice VLAN 5 by LLDP
*Mar 04 2019 09:16:48: VLAN-6-VOICE_MBR_LLDP_DEL: Interface GigabitEthernet23 removed from voice VLAN 5 by LLDP

 

When the issue is present all of those LLDP events stop happening, only the link up/down events and related blocking/forwarding entries appear.

 

I would be fine with just issuing a restart command to the LLDP service/daemon, but I understand that this level of access may not be possible with the lower class model we have.

 

Hopefully there is a fix in the works and/or soon(ish).

 

If I need to open a support case I will, but no need if this is now a known problem etc.

 

 

 

Message 6 of 13

Re: Voice VLAN command - LLDP seems to stop working

That's essentially what I've had to do. This issue is completely random and unfixable without a reboot. Oh well, here's hoping that engineering "may" help. 🙂

Message 7 of 13
omarchand
Aspirant

Re: Voice VLAN command - LLDP seems to stop working

Hi, 

 

Same here, using a GS752TPv2 (Image ver, 6.0.0.45), with ShoreTel phones.  Voice vlan is randomly removed from trunk ports facing ShoreTel phones.  If we manually add the voice vlan as a member of the trunk port facing the phone, the user is back in service within few seconds.  Untaged "data" vlan is not impacted, PCs connected behind the phones are still working fine while the phone is not working.

 

Is there a magic command to disable that process ?

Thanks.

Model: GS752TPv2|48-Port Gigabit Ethernet PoE+ Smart Managed Pro Switch with 4 SFP Ports (380W)
Message 8 of 13
pesos
Aspirant

Re: Voice VLAN command - LLDP seems to stop working

We have a stack of six s3300 switches and I think we may be seeing the same thing.  Have been using voice vlan for a couple years now and it's worked fine with polycom cx600s.  All of a sudden today our data dhcp scope filled up and we noticed a lot of the polycoms are on the data vlan.  Anyone heard any more on this?  We are going to scheduled a reboot for after-hours.

Message 9 of 13
omarchand
Aspirant

Re: Voice VLAN command - LLDP seems to stop working

Hi,

We experienced that issue on a single location.  On a 2nd location, we never had that problem.

 

-  On the problematic location, we used the default voice vlan, vlan #2.

- On the other location, we used a different voice vlan number than the default one.

- Exported and compared both config file.

- On the problematic location, found some LLDP network-policy configuration that was not part of our 2nd location switch.  (lldp med network-policy 1 app voice mode vlan-id val 2 cos enable auth enable dscp 46)

- Removed these extra lines from the problematic switch config file

- Reload that modified config file into the switch

 

No new occurrence since...

 

Message 10 of 13
tubesfarmer
Initiate

Re: Voice VLAN command - LLDP seems to stop working

FWIW this issue seems to be fixed. Originally the config was 

 

interface 1/0/1

voice vlan 10

switchport mode access

switchport access vlan 20

 

But the switch would randomly stop passing the tagged VLAN traffic. I changed the config to:

 

interface 1/0/1

voice vlan 10

switchport mode trunk

switchport trunk native vlan 20

switchport trunk allowed vlan 10,20

 

I haven't had a single DHCP failure/VLAN tag drop since moving to this config.

 

This behavior seems to only occur on the M4300 series - the M4100 actually rejects switchport mode access as a valid option when using voice VLAN (I have those access ports configured in general mode but I'll be updating them later for the sake of consistency). Maybe it would be nice in future updates to prompt users to use a trunk config when enabling voice VLAN on switchports so they don't spend their time flailing about like I did (this problem lasted for like, seven or eight months!). 🙂

 

To be clear, it wasn't LLDP failing to maintain the voice VLAN tag, it was the switch refusing to pass tagged traffic and the phone dropping the VLAN tag after DHCP repeatedly failed (which is normal Mitel/Shoretel behavior).

 

If anyone else googles this problem hopefully they find this post. 🙂 Woman Very Happy

Message 11 of 13
tw-cms
Aspirant

Re: Voice VLAN command - LLDP seems to stop working

I'm seeing pretty much this same exact issue on an S3300-52x-PoE+ switch, but there's no CLI on SmartSwitch models for me to configure your solution. Anybody have any ideas for this one? I've got OUI-based Auto-VoIP enabled for the ports, and under "Voice VLAN Configuration", I have the ports setup with "Interface Mode" as "VLAN ID 2".

Model: S3300-52X-PoE+ (GS752TXP)|ProSafe 48 ports stackable smart switches with PoE+
Message 12 of 13
omarchand
Aspirant

Re: Voice VLAN command - LLDP seems to stop working

Export your config, edit the config file off-line, and then reload the new config file in the switch.

Message 13 of 13
Top Contributors
Discussion stats
  • 12 replies
  • 8595 views
  • 1 kudo
  • 7 in conversation
Announcements