VCS Starter pack 7.2 - Weird behavior with static routes
We wanted to share our experience in our first VCS Starter Pack deployment, where some routing problems arose.
The scenario is the following:
- LAN1 is directly connected to Internet, with a public IP configured. This is intended for external connections.
- LAN2 is connected to LAN. This is intended for internal connections.
We configured the default gateway towards WAN (LAN1), and added a few static routes pointing to LAN2 so that the VCS could reach the corporate remote sites via VPN , next hop being a VPN router located in LAN2 network.
The routes were added via CLI using the command "xconf ip route ...", we verified they were inserted in the routing table correctly.
Jabber video and SX20 worked ok in LAN. We then tested with a Jabber Video client on a remote site, verified ping and DNS worked ok against the internal IP of the VCS, but the client didn´t register. The error was "Could not provision on time", but the VCS log did show the user as provisioned OK. Additional troubleshooting (sniffers) showed that the VCS was not routing all the traffic correctly through LAN2 on VCS, the initial request was responded ok but the second packet was never going out through LAN2 interface. It was like the static route was not being used 100% of the time on VCS.
We then changed the gateway configured and pointed it to the VPN router, via LAN2. After a reboot, the remote site Jabber registered without a problem. We rolled back and placed the original WAN gateway again, leaving the static routes for the VPN sites. We rebooted again, and still the remote Jabber registered OK.
Customer is now concerned whether this internal routing problem may appear again after a reboot. We can´t reproduce it in production, it would be great to know is anyone has experienced such routing issues, or perhaps a caveat is identified.
in general I would recommend using the 'xCommand RouteAdd' and 'xCommand RouteDelete' commands to add and remove static routes on the VCS, rather than inserting them in the configuration directly via the xConfiguration commands.
Apart from that, the best way to troubleshoot an issue like the one you describe would be to capture a diagnostics log (Network log level = DEBUG) and a tcpdump (with parameters '-i any -s0') on the VCS while reproducing the issue.
I'd recommend you capture these logs and raise a TAC case should the issue arise again.
Local Zone: This is a collection of all devices that are registered with Cisco Expressway. The local zone is divided to subzones. These subzones include the automatically crated default subzone and up to 1000 manually configured subzones. In additio...
Datacenter virtualization is the process of employing virtual hardware for designing, developing, and implementing the datacenters. It is often used as an umbrella term that entails different categories like application virtualization, server virtua...
Hiện nay trên thế giới có rất nhiều hãng sản xuất máy lọc nước ion kiềm đến từ Hàn Quốc, Nhật Bản, Đài Loan, Hoa Kỳ. Các thương hiệu với nhiều chủng loại với nhiều tính năng cũng như giá cả khác nhau không khỏi khiến người tiêu dùng đắn đo lựa chọn.Bài vi...
When talking about Dial Plan and Digit Manipulation Cisco Unified Communication Manager, three components play an important roles to perform the transformation of the calling and called parties.The Translation Pattern, Transformation Pattern and Rou...
ICE, STUN, and TURN are used to establish a MEDIA connection between two devices on different networks separated by firewalls and NAT servers. They do not apply to signaling between devices which means that if you cannot establish a signaling connec...