[cisco-voip] Troubleshooting Resources?

Scott Voll svoll.voip at gmail.com
Thu Mar 27 11:45:18 EDT 2008 

ACL 2015 is VPN access..... Right?
ACL 2016 is FTP Access...... Right?
ACL 2014 is Voice?

I "think" h323 control is TCP port 1720 and media is dynamic over udp ports
1024 - 65535.  if this is true. you may not be classifying all the traffic
correctly.

Scott

On Thu, Mar 27, 2008 at 8:17 AM, Todd Simons <tsimons at delphi-tech.com>
wrote:

>  Below is my show ACL. Why would the FE be involved? The channelized voice
> comes in via T1/PRI gets converted, goes into a loopback interface, then
> leaves the default route of the router, the Multilink1
>
>
>
> Extended IP access list 2014
>
> 10 permit udp any any range 3248 16384 (1510481 matches)
>
> 20 permit tcp any any eq 1790 (2783 matches)
>
> Extended IP access list 2015
>
> 10 permit tcp any any eq 443 (18140152 matches)
>
> 20 permit udp any any eq isakmp (84692 matches)
>
> 30 permit udp any any eq 768
>
> 40 permit esp any any (513489946 matches)
>
> Extended IP access list 2016
>
> 10 permit tcp any any eq ftp-data (391310 matches)
>
> 20 permit tcp any any eq ftp (91751 matches)
>
> 30 permit tcp any any eq 2456 (8396 matches)
>
>
>
>
>
> *From:* Scott Voll [mailto:svoll.voip at gmail.com]
> *Sent:* Thursday, March 27, 2008 11:08 AM
> *To:* Todd Simons
> *Cc:* Paul; cisco-voip at puck-nether.net
>
> *Subject:* Re: [cisco-voip] Troubleshooting Resources?
>
>
>
> Someone can correct me if I'm wrong, but it looks like you are not
> matching the right traffic.  I believe H323 control is ports 1720 and 1719,
> and I seem to think the RTP is different they you match in your ACL.
>
>
>
> With that said, maybe you can match traffic of the FE interface as the
> only thing that should be coming directly from that port would be your Voice
> traffic or management traffic.
>
>
>
> Just an idea.
>
>
>
> Scott
>
> On Thu, Mar 27, 2008 at 6:35 AM, Todd Simons <tsimons at delphi-tech.com>
> wrote:
>
> Information removed to protect the innocent, Sprint has the same CoS
> setting on their side of the MultilinkPPP
>
> !<generic information cut>
> version 12.4
> service timestamps debug datetime msec
> service timestamps log datetime localtime show-timezone
> service password-encryption
> !
> hostname <REMOVED>
> !
> boot-start-marker
> boot system flash c2801-ipvoicek9-mz.124-18.bin
> boot-end-marker
> !
> card type t1 0 2
> card type t1 0 3
> !
> no aaa new-model
> clock timezone EST -5
> clock summer-time est recurring
> network-clock-participate wic 2
> network-clock-participate wic 3
> network-clock-select 9 T1 0/3/1
> network-clock-select 10 T1 0/2/1
> ip cef
> !
> isdn switch-type primary-4ess
> isdn logging
> !
> voice-card 0
> !
> !
> !
> controller T1 0/2/0
>  framing esf
>  linecode b8zs
>  cablelength long 0db
>  channel-group 0 timeslots 1-24
>  description SprintLink Circuit 1
> !
> controller T1 0/2/1
>  framing esf
>  linecode b8zs
>  cablelength long 0db
>  ds0-group 1 timeslots 1-4 type e&m-wink-start
>  description PBX - Nortel T1
> !
> controller T1 0/3/0
>  framing esf
>  linecode b8zs
>  cablelength long 0db
>  channel-group 0 timeslots 1-24
>  description SprintLink Circuit 2
> !
> controller T1 0/3/1
>  framing esf
>  linecode b8zs
>  cablelength long 0db
>  pri-group timeslots 1-9,24
>  description PBX - Nortel PRI
> !
> class-map match-any delphiCOS-Platinum
>  match access-group 2014
> class-map match-any delphiCOS-Silver
>  match access-group 2016
> class-map match-any delphiCOS-Gold
>  match access-group 2015
> !
> !
> policy-map ipcos-delphiCOS
>  class delphiCOS-Platinum
>   police rate percent 17
>     conform-action transmit
>  priority percent 17
>  class delphiCOS-Silver
>  bandwidth percent 25
>  class delphiCOS-Gold
>  bandwidth percent 33
> !
> !
> !
> !
> interface Loopback0
>  description dtiNJ-VoIP
>  ip address <removed-addr1>
>  h323-gateway voip bind srcaddr <removed-addr1>
> !
> interface Loopback1
>  no ip address
> !
> interface Multilink1
>  description Sprintlink
>  ip address <removed-addr2>
>  no ip route-cache cef
>  no ip route-cache
>  no ip mroute-cache
>  load-interval 30
>  no peer neighbor-route
>  no cdp enable
>  ppp multilink
>  ppp multilink group 1
>  service-policy output ipcos-delphiCOS
> !
> interface FastEthernet0/0
>  ip address <removed-addr3>
>  speed 100
>  full-duplex
> !
> interface FastEthernet0/1
>  shutdown
> !
> interface Serial0/2/0:0
>  description Sprint Circuit 1
>  bandwidth 1536
>  ip unnumbered Multilink1
>  encapsulation ppp
>  no fair-queue
>  ppp multilink
>  ppp multilink group 1
> !
> interface Serial0/3/0:0
>  description Sprint Circuit 2
>  bandwidth 1536
>  ip unnumbered Multilink1
>  encapsulation ppp
>  no fair-queue
>  ppp multilink
>  ppp multilink group 1
> !
> interface Serial0/3/1:23
>  description NJ Nortel PBX Client Side DCH 4ESS, requires Clock
>  no ip address
>  encapsulation hdlc
>  logging event subif-link-status
>  isdn switch-type primary-4ess
>  isdn protocol-emulate network
>  isdn incoming-voice voice
>  isdn supp-service name calling
>  isdn ie oli 28
>  no cdp enable
> !
> access-list 2014 permit udp any any range 3248 16384
> access-list 2014 permit tcp any any eq 1790
> access-list 2015 permit tcp any any eq 443
> access-list 2015 permit udp any any eq isakmp
> access-list 2015 permit udp any any eq 768
> access-list 2015 permit esp any any
> access-list 2016 permit tcp any any eq ftp-data
> access-list 2016 permit tcp any any eq ftp
> access-list 2016 permit tcp any any eq 2456
> !
> !
> !
> control-plane
> !
> disable-eadi
> !
> !
> voice-port 0/0/0
>  station-id name FXS 0/0/0
>  station-id number 3000
>  caller-id format e911
> !
> voice-port 0/0/1
>  station-id name FXS 0/0/1
>  station-id number 3001
>  caller-id enable
> !
> voice-port 0/2/1:1
>  station-id name NJPBX VoIP T1
>  station-id number 732xxxxxxx
> !
> voice-port 0/3/1:23
> !
> !
> !
> !
> !
> dial-peer voice 195 voip
>  destination-pattern 5...
>  session target dns:dtiSH-VoIP
> !
> dial-peer voice 190 pots
>  description NJPBX Tie Line
>  preference 1
>  destination-pattern [3-4][1-9]..
>  direct-inward-dial
>  port 0/3/1:23
>  forward-digits all
> !
> dial-peer voice 193 voip
>  preference 1
>  destination-pattern [1,2]...
>  session target dns:dtiMA-VoIP
> !
> !
> gateway
>  timer receive-rtp 1200
> !
> telephony-service
>  max-conferences 4 gain -6
>
>
>
> -----Original Message-----
> From: Paul [mailto:asobihoudai at yahoo.com]
> Sent: Wednesday, March 26, 2008 8:15 PM
> To: Todd Simons; Jorge L. Rodriguez Aguila; cisco-voip at puck-nether.net
> Subject: Re: [cisco-voip] Troubleshooting Resources?
>
> Let's see your router's configuration.
>
> --- Todd Simons <tsimons at delphi-tech.com> wrote:
>
> > Yes, the "internet" traffic remains on the
> > SprintLink backbone between their NYC NOC and their
> > Springfield, MA NOC, which are 5~6 hops apart and
> > not much more than 10ms latency
> >
> >
> >
> > From: Jorge L. Rodriguez Aguila
> > [mailto:jorge.rodriguez at netxar.com]
> > Sent: Wednesday, March 26, 2008 6:56 PM
> > To: Todd Simons; cisco-voip at puck-nether.net
> > Subject: RE: [cisco-voip] Troubleshooting Resources?
> >
> >
> >
> > Do you mean you are running Voice via the internet?
> >
> >
> >
> > Jorge
> >
> >
> >
> > From: Todd Simons [mailto:tsimons at delphi-tech.com]
> > Sent: Wednesday, March 26, 2008 5:28 PM
> > To: Jorge L. Rodriguez Aguila;
> > cisco-voip at puck-nether.net
> > Subject: RE: [cisco-voip] Troubleshooting Resources?
> >
> >
> >
> > I'm new to this.
> >
> >
> >
> > I have PRI's to our non-VoIP PBXs, to Cisco 2801
> > routers (our data internet routers), and then
> > dialpeers (pots/voip) defined from there, very
> > basic.
> >
> >
> >
> > From: Jorge L. Rodriguez Aguila
> > [mailto:jorge.rodriguez at netxar.com]
> > Sent: Wednesday, March 26, 2008 4:56 PM
> > To: Todd Simons; cisco-voip at puck-nether.net
> > Subject: RE: [cisco-voip] Troubleshooting Resources?
> >
> >
> >
> > Are you doing CAC? Can you give some more info on
> > Codecs, Bandwidth on LLQ for voice, etc.
> >
> >
> >
> >
> >
> > Jorge Rodríguez Aguila
> >
> > CCNA,CCVP
> >
> > Senior Voice/Data Network Consultant
> >
> > Netxar Technologies
> >
> > jorge.rodriguez at netxar.com
> >
> > Office 787-765-0058
> >
> > PCS 787-688-8530
> >
> >
> >
> >
> >
> >
> >
> >
> >
> > From: cisco-voip-bounces at puck.nether.net
> > [mailto:cisco-voip-bounces at puck.nether.net] On
> > Behalf Of Todd Simons
> > Sent: Wednesday, March 26, 2008 4:50 PM
> > To: cisco-voip at puck-nether.net
> > Subject: [cisco-voip] Troubleshooting Resources?
> >
> >
> >
> > Hello All
> >
> >
> >
> > Does anyone have any links for troubleshooting
> > procedures?  We have everything from reduced call
> > quality to voice dropping off.
> >
> >
> >
> > We are running on Sprint's internet backbone with
> > CoS assigned, 6 hops between the routers and about
> > 10ms latency, both sides have multilink ppp
> > connections (2xT1)
> >
> >
> >
> > ~Todd
>
>
>
>
>
>  ____________________________________________________________________________________
> Looking for last minute shopping deals?
> Find them fast with Yahoo! Search.
> http://tools.search.yahoo.com/newsearch/category.php?category=shopping
>
> ## Scanned by Delphi Technology, Inc. ##
>
> _______________________________________________
> cisco-voip mailing list
>
> cisco-voip at puck.nether.net
>
> https://puck.nether.net/mailman/listinfo/cisco-voip
>
>
>
> ## Scanned by Delphi Technology, Inc. ##
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://puck.nether.net/pipermail/cisco-voip/attachments/20080327/e73d17a5/attachment-0001.html

More information about the cisco-voip mailing list