cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
526
Views
0
Helpful
23
Replies

Topology Discovery

pmoore
Beginner
Beginner

Hi All,

Just some comments around Topology Discovery, I am currently running the OnPlus probe from behind a SRW switch with a majority of my devices connected via this switch, the router is a SRP521 and has some wireless connections, at this stage OnPlus does not seem capable of accurately displaying the network Topology or identifying the Voice VLAN form the SRP, from my example all network elements are show as connected via the SRP521 , it also does not detect the VoiceVlan connected devices  ,

here is the example, this is what the router currently seeing so has a mixture of VLAN1 and VLAN100

ScreenHunter_68 Jun. 07 12.32.gif

However this is what OnPlus sees, missing the Voice VLAN100 and the devices are not behind their correct network element, The uc320 sits behind the switch as well as VLAN100 device on IP 192.168.100.101, The PC connected on 192.168.15.69 and IP Phone on 192.168.15.105 are also sitting behind the switch, yet network topology does not show this.

51913_3935_onplusbeta_com_topology.png

ScreenHunter_66 Jun. 07 12.28.gif

I am guessing that possibly related to firmware versions running on network elements have the capabilities of working with OnPlus,  Firmware currently running on the major elements are,

SRP521           1.01.20 (009) May  2 2011

SRW2024P      1.1.0.66

UC320              2.0.9 (3)

Regards

Phil Moore

23 Replies 23

Michael Holloway
Cisco Employee
Cisco Employee

Hi Phil,

We tried to take a look from the OnPlus agent's perspective, but couldn't establish a tunnel to the device. Could you please check the security configuration on your network (firewall?) and check that port 11400 TCP is open for outbound flows? Here's a specific list of all the ports that need to allow outbound traffic in order for the agent to fully function with the portal:

53 UDP (DNS, if local servers aren't being used)

443 TCP (HTTPS)

11300 TCP (Portal/Agent Heartbeat)

11400 TCP (Tunnel)

14931 UDP (WAN Network Performance monitor)

Let us know what you find and we'll take another look.

-mike

Hi Mike,

Just took a look all appears fine with no firewall in the way, this is just sitting behind the SRP521, packet traces shows a connection when launching from the onplus portal, TCP connection from TCP port 11400 to 41737 OnPlus also shows the tunnel connected

Regards

Phil

Just kept the packet capture running for TCP port 11400, i see some attempts where there is no response to the incoming , I just launched the connection again and it worked fine, could this possibly be a probe issue ?,

Possibly explain some of the other issues I have seen maybe ?

Phil,

pmoore@wxc.co.nz wrote:

Just kept the packet capture running for TCP port 11400, i see some attempts where there is no response to the incoming ,

Did you see outgoing 11400 TCP traffic from the OnPlus agent, but saw no return data from the WAN?

I just launched the connection again and it worked fine,

The tunnel worked the second time you tried?

could this possibly be a probe issue ?,

Possibly explain some of the other issues I have seen maybe ?

What were you thinking might be happening here with the network discovery (probes) that might prevent the tunnel traffic from working? I'm interested in hearing any theories if you or anyone else in the community has information about probe traffic causing other WAN traffic to become blocked for the OnPlus agent (or any other device on the network).

-mike

Hi Mike ,

Will send the capture file, would prefer to send it directly as to leaving it in the public forum , was taking the trace from the WAN interface on the SRP521, will now also set up an internal capture on the probe.

Yes when I launch a connection from the onplus portal the connect seems to establish , but I did see other attempts where thre is no response you will see that in the trace , so not sure yet untill I look at the probe if it's replying to the incoming requests at all.

have no real theory as yet untill I look at the probe,

Once I set up the captures I will get you to ty again if you wish and capture both side

Phil,

I was told this morning by another engineer on the team (Andy) that tunnels have been observed to be extremely slow to come up when the destination (New Zealand?) has high latency from the beta portal (located in Dallas, Texas), but that this issue may have already been addressed in new code that we'll be releasing to beta soon.

With the code currently on the beta portal and when there is high latency between the portal and the OnPlus agent, it could take over a minute for the tunnel to set up. We need to wait for the new code to make it out to the beta and see if the problem disappears for you. We're hopeful that this will be happening within the next week.

-mike

Argh okay Mike,

Interesting though that there is no response to the incoming TCP connection, I would not have though that was a latency issue , I have set up the trace on the inside as well now , did you want to try whilst I have the the trace up or just revist after the new code ?

Regards

Phil

Hi Mike,

I guess the changes have been made  ,

I see now that the Toplogy is looking better and the devices are now sitting behind the correct devices, switch SRP521 etc,

One thing that is missing however is Voice VLAN detection it looks like, I have 2 devices connected to the test network one via the Switch on the VoiceVlan and one via the wireless voice VLAN on the SRP521, neither of these devices show up in network discovery

Also I notice that I am seeing a lot of apparent reboots from the probe ?, my test network is up and down quite often but I do see a loss of connection to the probe mutiple times that don't coincide with the lab network down times.

Regards

Phil

Hi Phil,

I haven't heard about any changes being made to the beta portal yet. To my knowledge it's still running the code version was first made available. I heard in a meeting this morning that we have another beta code drop in testing and that this one may make it out to the portal, but I haven't heard a timeframe.

-mike

Update, new code has been pushed to the beta portal! I'll now let the experts answer the SRP/VLAN question.

There was a brief outage today as the new code was pushed out to the portal, this is the probable explanation for the additional down events that you saw Phil. The update wasn't announced, but was deemed necessary to support failover and redundancy testing that the operations team is conducting tomorrow. We could have done a better job communicating with partners and also internally about the upgrade and outage to the beta site, but it will help us build a better process for how we handle these type of operational events in the future.

-mike

Thanks Mike,

Will keep an eye on this,

Anyone else want to comment on the Voice VLAN detection ?

Regards

Phil

Did find something this morning, when I repowered my VoiceVlan devices they have now suddenly appeared, so it looks like it's loses the discovery for the Voice VLAN and a power cycle force the rediscovery ?

Hi Phil,

Is this still an open issue for you? Are you seeing the devices behind your Voice VLAN? I will get engineering engaged to figure out what could have caused this problem in the first place../

Thanks,

-Tushar

Hi Tushar,

Yes it is afew funnies still going on, John Penman is looking at this I believe

Regards

Phil Moore