cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
13405
Views
10
Helpful
18
Replies

2900 no reply to ARP FOR TFTP server

markmanogamo
Level 1
Level 1

2921 has 9-port HWIC FE switch module.  IP phones send ARP  broadcast for TFTOP SERVER, but router is either not forwarding the ARP, or the CUCM PUB TFTP server is not reciving the ARP  request, so phones cannot find  TFTP SERVER.

 

WIRESHARK SHOWS phones sending ARP for TFTP SERVER, but not getting a reply.

what am I missing ?

 

phones on Fast Eth port set as access port with voice vlan.  the def GW  is the other end of the Gig0/2 that goes out to the CUCM VM MACHINE WHERE TFTP is enabled, CUCM TFTP  traces show no attempts to get  config files from phones.

 

interface FastEthernet0/3/5
description 9951 SIP PHONE
switchport access vlan 100
switchport voice vlan 10
no ip address
spanning-tree portfast

 

static route to get to all  CUCM servers on the DL620  server where the VM are running.

ip route 192.168.15.0 255.255.255.0 GigabitEthernet0/2

 

how do i get the CUCM TFTP  to reply to the ARP requests from the phones, so they dont get TFTP timeout ?

 

 

2 Accepted Solutions

Accepted Solutions

I Made some changes on your   config. try the below  and I hope your issue will be resolved. 

 

No ip dhcp excluded-address 192.168.1.1 192.168.1.12

 ip dhcp excluded-address 192.168.15.0 192.168.15.50

 ip dhcp excluded-address 192.168.15.200 192.168.15.254

!

No ip dhcp pool DATA_SCOPE – FOR OLD CME CONFIG, NOT USED NOW

 network 172.16.2.0 255.255.255.0

 default-router 192.168.1.1

 dns-server 8.8.8.8

 domain-name mark.com

!

No ip dhcp pool VOICE_SCOPE - FOR OLD CME CONFIG, NOT USED NOW

 network 172.16.1.0 255.255.255.0

 default-router 192.168.1.1

 option 150 ip 192.168.15.31

!

UCM PUB WITH TFTP RUNNING ON ESXI SERVER ***

No ip dhcp pool LAB

 network 192.168.1.0 255.255.255.0

 default-router 192.168.1.1

 option 150 ip 192.168.15.31 

 

ip dhcp pool LAB

 network 192.168.15.0 255.255.255.0

 default-router 192.168.15.254

 option 150 ip 192.168.15.31 

 

 

interface FastEthernet0/3/0

 description 9951 SIP PHONE

 switchport access vlan 1

 switchport voice vlan 10

 no ip address

 spanning-tree portfast

!

interface FastEthernet0/3/1

 switchport access vlan 1

 switchport voice vlan 10

 no ip address

 spanning-tree portfast

!

interface FastEthernet0/3/2

 description 9951 SIP PHONE

 switchport access vlan 1

 switchport voice vlan 10

 no ip address

 spanning-tree portfast

!

interface FastEthernet0/3/3

 description 7962

 switchport access vlan 1

 switchport voice vlan 10

 no ip address

 spanning-tree portfast

!

interface FastEthernet0/3/4

 description laptop

 switchport access vlan 1

 no ip address

!

interface GigabitEthernet0/2

 description ***  UPLINK to VMware server DL620 *** >>>>>>> Remove the dell server from this port and connect to the witch port >>>>>>>

 No ip address 192.168.15.254 255.255.255.0

 

 duplex auto

 speed auto

 

interface FastEthernet0/3/5

 description 9951 SIP PHONE

 switchport access vlan 1

 switchport voice vlan 10

 no ip address

 spanning-tree portfast

!

interface FastEthernet0/3/6

 description 7962 SCCP PHONE

 switchport access vlan 1

 switchport voice vlan 10

 no ip address

 spanning-tree portfast

!interface SM1/1

 no ip address

!

 

interface FastEthernet0/3/7

description ***  UPLINK to VMware server DL620

switchport access vlan 10

 

No interface Vlan1

 no ip address

 shutdown

!

No interface Vlan10

 description VOICE VLAN

 ip address dhcp

 

interface Vlan10

 description VOICE VLAN

 ip address 192.168.15.254 255.255.255.0

ip helper-address 192.168.15.254

 

No interface Vlan100

 description DATA ACCESS VLAN

 ip address dhcp

 



Response Signature


View solution in original post

markmanogamo
Level 1
Level 1

I read that solution late last night, and had a chuckle at how simple and elegant the fix was, I was confident it would work.

Today i made those few changes, and the phones loaded the ITL, GOT TFTP CONFIG, AND phone default sip-load, and registered with a 10 digit DN,  since I had pre-staged them to register.
**** -->> FANTASTIC <<----- !!!!!  it  all resolved within 12 mins, and the loading took most of the time, over a Fast E connection, somewhat odd. 

It still is complaining of no DNS  server but  luckily found the CUCM cluster via TCPIP addr. 

which is good, it uses IP, NOT DNS.

 

**** -->   Last question:

  add a DNS  server for my local cluster, instead of using the public internet DNS  provided by my ISP (( dns-server 209.18.47.63) .  it works for public, but seems not for internal DNS resolve.   Do i need to install a DNS  server on my ESXi host ?, on a WIN 2008 VM machine on my ESXI host ? or on the CUCM  server itself ?
NOTE: The ITL shows server DNS names, so does it mean the DNS is already loaded in my CUCM cluster, the ISO was built by a 3rd party, so i dont know if DNS is loaded internally.
If I usde a public DNS from my ISP, will that be safe and useful to use for MRA later on ?

NOTE :: I know not to use DNS  for internal CUCM cluster comms,  rather for other web apps, phone GUI HTTP USER apps, Jabber apps, , and Expway MRA later on. 

View solution in original post

18 Replies 18

markmanogamo
Level 1
Level 1

interface GigabitEthernet0/0

 description UPLINK  to NETGEAR NIGHTHAWK - INTERNET ACCESS DEF GATE3WAY 192.168.1.1

 ip address 192.168.1.55 255.255.255.0

 no ip proxy-arp

 duplex auto

 speed auto

!

interface GigabitEthernet0/1

 description ***  UPLINK to VMware server DL620 maintenance link ***

 ip address 192.168.6.254 255.255.255.0

 duplex auto

 speed auto

!

interface GigabitEthernet0/2

 description ***  UPLINK to VMware server DL620 ***

 ip address 192.168.15.254 255.255.255.0

 duplex auto

Hi,

 

What is the IP subnet of voice VLAN 10? Do you have DHCP enabled on that VLAN for your phones?

Does the DHCP service have TFTP Option 150 configured within your DHCP scope? Your Option 150 IP should be your CUCM server.

Where is your DHCP service for your phones configured? On the 2900 or on one of the other devices? E.g. Netgear?

Any status messages from the phone itself which might indicate what the problem is?

 

I would consider making the 2900 your default gateway for the phones, instead of what's on the other end of Gi0/2.

You should remove your static route because it looks like 192.168.15.0/24 is a directly connected subnet.

Sadav Ansari
VIP Alumni
VIP Alumni

What’s is your exact issue ?

 

Is phones not getting tftp server IP address or  anything else ?

 

Did you configure option 150 on your DHCP pool, is phone getting IP address and tftp server IP address ?

 

Pls rate if its “Helpful”. If this answered your question pls click “Accept as Solution”.

5the exact issue is the phones , 3 9951 SIP  phones do not puyll their load from TFTP,  they get TFTP timeout, , no ITL installed.  which is fine, they should pull a new ITL FILE.

its all on a 2921 router , no DHCP at this point, hard coded phones.   the trick is, this router is connected to my ISP  netgear router , so it may be interfering, not sure how, but the phones have option 150, and hard set IP, but they never get their TFTP download from the PUB server.   I see on sniff trace the phones send ARP, but never get a reply, so hence, TFTP timeout.

 

i will show the sniff trace, and topology.   but what is needed to get the  TFTP  SERVER TO REPLY AND PROVIDE THE PHONE load ?

 

PHONE 1 ---- SIP ----   L2 port access port( V-VLAN10)  2921---- gig E 2/0 -------  DL62 server with VMs- (192.168.15.x)

                                                                                               \----- gig 0/0 ---------  ISP home router ( 192.168.1.1)  --> static route on ISP router to point all traffic on 192.168.15.x / 24   back towards my lab 2921, instead of internet..

 

points entire subnet back into the LAB router(2921   192.168.15.0 --->  points to 2921..  all addresses ping.. TFTP server sees nothing

 

TFTP timeout, phones never get a load, never register...  

no DHCP ( IT FAILS ALSO)    all hard coded for now.

 

If these phones where registered with another cluster  there could be some old ITL/CTL files installed. If there is already another ITL installed on the phone, they wont pull the new one from you CUCM server. In such case do a factory reset or reset security settings to remove the old ITL/CTl.

 

Try to do a factory reset on 9971 phone and try..

 

 

 

 

 



Response Signature


no, it says no ITL FILE INSTALLED. NO ITL files there, all empty.. its ready and waiting for its new config file, but cant talk to TFTP TO get it.

i reset ALL settings already..but it still has old SIP code in it.

 

the question really is, why is there no reply to the phone to ARP and ask who is 192.168.15.31  ( muy PUB, TFTP server )   it should get a reply , and then move on to try and download.    i suspect the broadcast is not getting forwaded to the TFTP  server on the gig 0/2 link, so why not ?  what is missing to forward the ARP  request ?

 

 

Does the phone try to reach to correct IP tftp address in your case its your CUCM IP ? IS the phone configured with correct TFTP address ?

 

 

 



Response Signature


NO, it never reaches the TFTP server on 192.168.15.31   . yes the phone is hard coded for IP, GW and TFTP server now. it never gets an answer.

 

 

Are you able to reach the ip 192.168.15.31  from your lan ? What happens when other devices (not an IP phone)  try to reach CUCM IP ?

 

 

 

 



Response Signature


the client pc, the 2921 LAN  router can reach all the hosts on 192.168.15.0 / 24 , the CUCM on .31

I have changed the dhcp scope to 192.168.15.0  ( the same subnet as the ESXI hypervisor where the CUCM hosts live.

I changed the data and voice VLAN TO BE  IP ADDRESS DHCP,  and i see a phone  SENDING DISCOVER, but router replies with a DHCO OFFER.  

 

 

So after DHCP Offer is phone requesting for IP Address ?

 

Phone getting correct tftp server IP address which is your cm ip and tftp services is ready on your call manager ?

 

If phone getting IP address are you able to access phone web page if yes please share the phone status message snapshot and your network configuration snapshot from phone web page.

 

Pls rate if its “Helpful”. If this answered your question pls click “Accept as Solution”.

I have a similar setup at my home, i have a 2911 router  which is connected to the home router using an extender. the home router network is 192.169.240.1 

 

Router second interface is router on stick setup  as I have many lab networks inside. My UCS 220 192.168.8.0/24  connected to my 3560 switch on vlan 10. and phones connected to my 3560 on vlan 40. 192.168.30.0/24.

 

I have DHCP running on my 3560 switch for phones and test PC's. 

 

Default router on 2921 points to home router and  I have static routes for all my lab network on home TP link router. 

 

 

 

If you share your exact setup I can help you.  



Response Signature


Your setup is like mine, except you have a dot1Q trunk to the L2 3560  running the DHCP, as a router on a stick, whereas I am using a 2921 with a etherswitch POE module builtin, no external 3560  switch, so that is where I am getting hosed up, since there is no dot1q trunk from router to switch, but rather L3 VLAN  interfaces on 2921 itself.  I do not know if the def GWY for phones should be the 2921 interface points to esxi host . There is a last resort route to my Netgear wifi ISP  router on gig 0/0 tha maybe messing up my routes to the ESXI server where the TFTP server is.   NO DHCP REPLY, TFTP timeourt, no ITL file gets installed. ;hones do not register.

 

 

I don’t think that you should use DHCP address assignment on your VLAN interfaces. Set a static IP for these and define a IP forward for the DHCP requests to reach the DHCP server. Based on your picture I have a doubt that your DHCP scope for the phones is correct, it seems to have the wrong IP network that it provides IPs for.



Response Signature


Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: