[cisco-voip] CallManager and PLM 11.5.1 ports (firewall issues)

Anthony Holloway avholloway+cisco-voip at gmail.com
Fri Dec 21 12:17:03 EST 2018 

To echo what Brian is saying with his question: 443 is a server listening
port (HTTPS), and therefore, the port on PLM talking to it, is an ephemeral
client port, or random port, and wouldn't be documented anywhere.

This is similar to the whole UAS/UAC discussion with SIP and 5060.

Take this Outbound call for example, where my CUBE (UAS) is talking SIP
with CUCM (UAC) (10.10.10.10) on CUCM's port 50124

PeerAddress=+16125551212
PeerId=2100
RemoteSignallingIPAddress=10.10.10.10
RemoteSignallingPort=50124
RemoteMediaIPAddress=10.20.20.20
RemoteMediaPort=28326
tx_DtmfRelay=rtp-nte
VAD = disabled
CoderTypeRate=g711ulaw

And then this Inbound call example, where my CUBE (UAC) is talking SIP with
CUCM (UAS) (10.10.10.10) on CUCM's port 5060

PeerAddress=+16215551212
PeerId=2200
RemoteSignallingIPAddress=10.10.10.10
RemoteSignallingPort=5060
RemoteMediaIPAddress=10.20.20.20
RemoteMediaPort=28524
tx_DtmfRelay=rtp-nte
VAD = disabled
CoderTypeRate=g711ulaw

*PS I get that output from the following command on CUBE: show call active
voice | in PeerAddr|PeerId|RemoteS|RemoteM|Dtmf|Coder|VAD*

Put that in an alias command, and you're a few short keystrokes away from
some sexy data.

Now, back to the TCP re-transmissions, this is most likely a lower layer
issue, and not a problem with PLM/CUCM.

A quick google search resulted in this article, which I found well written,
but does go deep, with links to other articles which take you even deeper:

https://www.netcraftsmen.com/application-analysis-using-tcp-retransmissions-part-1/

Since you have the same PLM talking to multiple CUCM clusters, and only a
problem with one cluster (or so it sounded like), I'd wager this problem is
not with the PLM side, but is probably on the network path where it begins
to be unique for this CUCM cluster in question, to include the CUCM cluster
(or more specifically, the Publisher) itself.

As for logs, I'd imagine it wont show you anything more valuable than your
packet capture; that's probably pretty telling.

Good luck.  I'm curious to see how this turns out.

On Fri, Dec 21, 2018 at 10:08 AM Brian Meade <bmeade90 at vt.edu> wrote:

> Are you sure the destination port is 56648 and it's not the source port in
> that handshake?
>
> On Fri, Dec 21, 2018 at 10:51 AM Jason Aarons (Americas) <
> jason.aarons at dimensiondata.com> wrote:
>
>>
>>
>> Have a centralized Prime License Manager (PLM) for several clusters.
>>  One cluster the Product Instance shows “Unknown error”.  We have firewalls
>> between PLM and clusters.
>>
>>
>>
>> I hit Test Connection in PLM and see traffic from source PLM coming in to
>> remote cluster on TCP/443 and then I see traffic back source TCP/443 to
>> destination TCP/56648 and then lots of TCP retransmissions.  The GUI in PLM
>> says “Test Connection Failed.The cause of the error is unknown. Check the
>> Cisco Prime License Manager log for details.”
>>
>>
>>
>> I can’t find in the Port Usage guide where TCP/56648 is documented?  What
>> log file do I look at via RTMT on PLM?
>>
>>
>>
>>
>>
>> Jason Aarons, CCIEx2 No. 38564
>>
>> Advanced Technology Consultant
>>
>> Dimension Data
>>
>> 904-338-3245
>>
>>
>>
>>
>> This email and all contents are subject to the following disclaimer:
>> "http://www.dimensiondata.com/emaildisclaimer"
>> <http://www.dimensiondata.com/Global/Policies/Pages/Email-Disclaimer.aspx>
>> _______________________________________________
>> cisco-voip mailing list
>> cisco-voip at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/cisco-voip
>>
> _______________________________________________
> cisco-voip mailing list
> cisco-voip at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-voip
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20181221/3f6fb9ae/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 97204 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20181221/3f6fb9ae/attachment.png>

More information about the cisco-voip mailing list