01-30-2009 07:41 AM - edited 03-15-2019 03:52 PM
When I ping from local router to IP phone the situation is like this:
<font color=red>Sending 100, 100-byte ICMP Echos to 10.1xx.x.x, timeout is 2 seconds:
!!!!!.!!!!!!!.!!!!!.!!!!!!!.!!!!!.!!!!!!.!!!!!.!!!!!!!!.!!!!!.!!!!!!!!
!.!!!!!.!!!!!!!.!!!!!.!!!!!!!.
Success rate is 86 percent (86/100), round-trip min/avg/max = 1/2/4 ms
</font>
When I ping from other device or ping from local router -> workstation everything working good.
Also when I ping from remote router ->IP phone ping is OK too.
What is it, is it some feature or problem???
01-30-2009 08:07 AM
It is done by design to avoid DoS attacks. I can't find the document, but there is a document on it.
01-30-2009 08:11 AM
Here's the doc.
http://www.cisco.com/en/US/tech/tk1077/technologies_tech_note09186a008010edb8.shtml
Hope this helps.
Brandon
01-31-2011 05:59 AM
Hi I see the respone for this but that is one reponse for every two pings sent, and not the actual problem that there is one in 6 or more of the pings fail from a local router. Looking at this with a sniffer the IP phone does not actually respond to the missing pings has anyone got a better or more fitting explantion to this than the document listed, as that document is not actually the same as the "fault" we are seeing.
01-31-2011 04:40 PM
I would still agree that what you are seeing is the built in protection against DoS
.
the documentation on http://www.cisco.com/en/US/tech/tk1077/technologies_tech_note09186a008010edb8.shtml
is a bit ambigious on this front, it is titled "ip phones replies to one ping out of two", whereas further on in this document it states
"This is because the IP phones have been designed to only reply to an echo every 10ms" this could still be whith what you are seeing.
Maybe the only way of finding out is looking at your sniffer log timestamps and check how far apart these echo requests are.
Thanks
02-01-2011 12:26 AM
yep I have done and the phone just doesn;t resond to the 6th ping. but different phones do different things which is the annoying bit!!! Everyone has a rule of thumb to ignore these ping failures but this leads to the rule of thumb being extended and now I hear that it is ok for a server to behave the same way, which is just ridiculous and i really need a proper statement from Cisco around the behaviour, yes I'm that sad I have raised a TAC case on it.......
01-27-2012 07:44 AM
Communications Manager 8.5 and also Unity Connection 8.5 are doing the same thing. The phones take forever to register.. and after troubleshooting the pings I landed here. Did you find a resolution to this?
01-27-2012 08:03 AM
Nope I didnt really get anywhere with it, I was just told it was to prevent DoS attacks and then I gave up as it wasn't actually a fault that I was having just a moan sorry I can't be of any help
01-27-2012 08:07 AM
Make sure this is not a DNS issue, are your CUCM servers referenced by IP or hostname in configuration?
Chris
01-27-2012 08:28 AM
Good point from Chris (+5). Also ensure that the TFTP servers are running correctly on your CUCM servers. I've seen instances where phones will attempt to grab their config files via TFTP, timeout and fail (for whatever reason) and then register with CUCM using cached information.
Failing that, a wireshark trace of what the phone is doing almost always shows what is going wrong.
HTH. Barry
01-31-2012 06:37 AM
Sorry for hijacking the thread. My issue turned out to be a DNS problem after viewing the phone statistics. I hate that the CCM installation requires you to set a hostname, as we've been trained to leave DNS out of it. Not sure why, but the CCM ethernet port was running half duplex until I manually set it, which is why I posted..
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide