Announcement

Collapse
No announcement yet.
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • DHCP Confusion

    Hello all,

    We are in the process of installing the ShoreTel phone system and I'm confused about how to setup DHCP. Currently our PC's, servers, devices, etc. are connected to the network via Cisco 3650/3750 switches. Our plan is to connect the VOIP phones where the PC's are now connected and then daisy chain the network connection from the phone to the PC. The plan is to have the PC's in one VLAN (VLAN 1, network 192.168.1.x) and the phones in another VLAN (VLAN 100, network 10.100.100.0). We are working with an outside company who is helping us configure the Cisco routers and switches. They've done many VOIP installs, and I'm confident they have the switch ports configured correctly, with trunking, VLAN's, etc.

    However, I am having trouble understanding how DHCP works in the scenario that I have described. We are using a Linux ISC DHCP server, which is currently working fine for giving out addresses for the PC's. Here is the current configuration for our PC address scheme:
    Code:
    subnet 192.168.1.0 netmask 255.255.255.0 {
            range 192.168.1.10 192.168.1.255;
            option broadcast-address 192.168.1.255;
            option routers 192.168.1.1;
    }
    I found some information on these forums on how to setup the ISC DHCP server for the ShoreTel phone system, and I was planning on adding another subnet section to the DHCP configuration as follows:
    Code:
    subnet 10.100.100.0 netmask 255.255.255.0 {
           range 10.100.100.10 10.100.100.255
           option ....
           option ...
           option shoretel-server code 156 = string;
           option shoretel-server "ftpserver=10.100.10.1, country=1, language=1, layer2tagging=1, vlanid=100";
    }
    Maybe this is where I am going off track, but I can't figure out how we can have two devices basically sharing the same physical connection and switch port; and one device (PC) gets an address in one subnet, and the other device (phone) gets an address in the other subnet.
    What am I missing here? Am I just totally off on my thinking on how to setup the DHCP server?

    Any information would be greatly appreciated.
    TIA,
    John

  • #2
    Answer to your question

    For starters, review the document titled: "Best Practice Recommendations for Implementing VLANs in a ShoreTel VoIP Environment with IP Phones." Here is a link below to a public web site that has the doc without requiring registration (if you don't have a Shoretel support login.)

    http://www.baysidemedia.com/ShoreTel...tices_vlan.pdf

    Next, for your config, you need to publish the option 156 on your regular VLAN with the 192 address in addition to voice VLAN. The boot process of the phone goes like this...

    1) Phone boots and gets a DHCP address from the native VLAN of the port (in your case, I'm assuming the 192.168.1.x address is your native VLAN.) It also receives the 156 set of options telling it where to go for the ftp server, and also (here's the key) what the VLAN is that it should switch to.

    2) After booting enough to do some work, it will issue a DHCP release on the native VLAN, and immediately try to acquire a DHCP IP address on the voice VLAN using the VLAN ID that it learned from the option 156 (in your case, VLAN 100).

    3) The Layer 3 DHCP ip-helper on your 3750 switch will route the DHCP request to your Linux DHCP server on behalf of the phone.

    4) Your DHCP server will hand out a 10.100.100.x address back to the 3750 switch, which will pass it back to your phone, along with the Option 156 stuff.

    5) Your phone will now have a 10.100.100.x address and still know the IP address of the FTP server, etc. and will then continue to boot normally within the VLAN 100.

    Hope this helps!

    Comment


    • #3
      Thanks! This helps a lot. I wasn't grasping the fact that the phone pulls an address from the regular subnet first, and then, using the code 156 info, reboots and picks up another address in the voice VLAN.

      Thanks for the link as well.

      John

      Comment


      • #4
        I read the Shoretel best practices vlan guide. It says VLAN and QOS are not absolutely necessary because Shoretel VOIP "has one of the best voice sampling, audio digitizing and packetization processing in the VoIP industry ...
        It is common to deploy several hundred ShoreTel IP phones intermixed with several hundred general-use workstations in the same campus LAN environment and have no need to deploy VLANs or implement QoS on the LAN"

        Is this real? I have 2 offices each with about 15 phones and the Shoretel VOIP sound quality for calls between the two offices is so bad that we are using Skype now. We don't have QOS or VLAN.



        Originally posted by Rob Bush View Post
        For starters, review the document titled: "Best Practice Recommendations for Implementing VLANs in a ShoreTel VoIP Environment with IP Phones." Here is a link below to a public web site that has the doc without requiring registration (if you don't have a Shoretel support login.)

        http://www.baysidemedia.com/ShoreTel...tices_vlan.pdf


        Hope this helps!

        Comment


        • #5
          Qos

          The arcticle says there are many times that QOS on the LAN is not needed. A Surplus of bandwidth hides a multitude of sins.

          Your problems come from a lack of QOS on the WAN.......

          If your calls are crappy inside the office, then you need QOS on the LAN. If they are crappy site to site, you need QOS on the WAN.....

          Comment


          • #6
            Originally posted by johnny View Post
            I read the Shoretel best practices vlan guide. It says VLAN and QOS are not absolutely necessary because Shoretel VOIP "has one of the best voice sampling, audio digitizing and packetization processing in the VoIP industry ...
            It is common to deploy several hundred ShoreTel IP phones intermixed with several hundred general-use workstations in the same campus LAN environment and have no need to deploy VLANs or implement QoS on the LAN"

            Is this real? I have 2 offices each with about 15 phones and the Shoretel VOIP sound quality for calls between the two offices is so bad that we are using Skype now. We don't have QOS or VLAN.
            When installing VoIP you want QoS and a separate VLAN. It is just the best practice. Yes the shoretel is good, but not good enough to create extra bandwidth :gunsmilie:

            Comment


            • #7
              I'll 2nd the need for QoS. The VLAN portion is slightly optional to help protect your VoIP network and provide more and easier QoS control. At our remote location of less than 10 phones, we don't setup VLAN. At HQ with lots of phones, it's all on a separate VLAN. In your case, you ABSOLUTELY need QoS on the WAN interfaces to fix your issues. This being said, configuring QoS on the WAN edge routers is only part of the battle. For it to truly be successful, you need a carrier that performs QoS on their circuits between your two sites. In my case, I worked with Qwest on our MPLS network and chose a QoS template from the options they gave me, and then matched my QoS rules on our Cisco routers to match the template they put on the MPLS network.

              With what we have configured now, I can have a T1 to a remote location FULLY utilized with data traffic (say a massive download, etc.), and you can start up a call and talk without ANY audio problems at all, no clue the T1 is pegged with data traffic.

              Comment


              • #8
                Here is a post regarding an ISC DHCP server:

                ISC DHCP Server serving a ShoreTel phone system | Read, Deploy, Enjoy!

                Comment


                • #9
                  I am using Active Directory DHCP

                  How can I make it work with Active Directory's DHCP? I do not know if I need to create another scope.

                  I currently have a scope of 172.30.0.0 for my computers on VLAN1 (in my Dell switch)
                  I am gearing my network to have 172.30.1.0 for all IP phones and devices like my FTP. This is associated with VLAN2

                  I set up option 155 for my FTP server 172.30.1.6 and option 156 ftpservers=172.30.1.6, country=1, language=1,layer2tagging=1,vlanid=2
                  Last edited by neeper67; 07-01-2009, 08:24 AM.

                  Comment


                  • #10
                    based on your ip scheme, I assume your netmask for each vlan is a /24 (255.255.255.0)
                    You will need two seperate scopes defined in DHCPMGMT, each with seperate gateways, and you need the 155/156 options in both also. the phone will boot and dhcp on the untagged vlan, which should be the 172.30.0.0 and pull its 156 option from that scope, it then sees the vlanid=2 so it turns on tagging and reboots, now broadcasting its dhcp request on the 172.30.1.0 network.

                    something to look out for - your first scope will have leases from the first boot of the phones. i ran into the situation before where not enough leases were available for all the segments nodes so some phones could not get the vlan tag information. make sure you have enough ips in your untagged vlan to accomidate your phones running through the vlan jump.

                    Comment


                    • #11
                      Do I need option 155 since option 156 states the ShoreTel server?

                      Also, if I am creating these option 155 & 156 in my data scope (172.30.0.0 255.255.255.0) then do I need option 4 which is the time server? Which scope should it belong in if I need it?


                      Here is where I am at so far:


                      Data scope (172.30.0.0 255.255.255.0)

                      Option 156 = (ftpservers=172.30.1.6, country=1, language=1,layer2tagging=1,vlanid=2)
                      Option 155 = (172.30.1.6) on our untagged (data scope)


                      Vlan Scope (172.30.1.0 255.255.255.0)

                      Option 4 = 172.30.0.4 (AD server on data network)

                      Comment


                      • #12
                        If I am running 2 different scopes, will my computers pick up on the IP Phone scope since they are both in DHCP?

                        Sorry. I am getting a little confused.

                        Comment


                        • #13
                          All you have to do is setup two different scopes with option 156 and the string info in both. The phones will first hit the data scope grab a data address and the string info. Now the phone has the TAG and now is forced to reboot and grab an address from the voice V-lan. If you have computers plugged into the phone's switch port the computer will hit the data scope and get an address. Since the computer CAN NOT be tagged the computer will not look anywhere else for an address and will reside on the data network.
                          Yes, put option 4 in both scopes; the phone needs a time address.

                          Comment


                          • #14
                            I have added option 156 and 4 under both scopes (172.30.0.0 and 172.30.1.0) of Microsoft DHCP. When I connect the phone to the network, it finds the FTP server (172.30.1.6) but it is assigned and ip address from 172.30.0.0.

                            Here is a copy of my switch config, which I sent over and over trying to see if anything was missing, but I really do not think that is the issues, b/c the phone is able to see 172.30.1.0 and 172.30.0.0 and it is getting a DHCP address from my Microsoft server on my 172.30.0.0 network.





                            BTX 6248P#
                            BTX 6248P#show run
                            !Current Configuration:
                            !System Description "PowerConnect 6248P, 2.2.0.3, VxWorks5.5.1"
                            !System Software Version 2.2.0.3
                            !
                            configure
                            vlan database
                            vlan 2,1000
                            exit
                            hostname "BTX 6248P"
                            sntp broadcast client enable
                            sntp server 192.168.1.12
                            clock timezone -5 minutes 0 zone "EST"
                            stack
                            member 1 5
                            member 2 5
                            exit
                            ip address 192.168.250.250 255.255.255.0
                            ip default-gateway 192.168.250.1
                            ip address vlan 1000
                            ip domain-name BTX.COM
                            ip name-server 192.168.1.8


                            ip routing
                            ip route 0.0.0.0 0.0.0.0 172.30.0.1
                            bootpdhcprelay enable
                            bootpdhcprelay serverip 172.30.0.4
                            interface vlan 1
                            routing
                            ip address 172.30.0.2 255.255.255.0
                            exit
                            interface vlan 2
                            name "BTX VOIP"
                            routing
                            ip address 172.30.1.1 255.255.255.0
                            no ip proxy-arp
                            exit
                            username "admin" password 3747b30024da9263fe2d5134c635d759 level 15 encrypted
                            username "durwin" password 5858ea228cc2edf88721699b2c8638e5 level 0 encrypted
                            line telnet
                            exec-timeout 45
                            exit
                            !
                            interface ethernet 1/g1


                            switchport mode general
                            no switchport general acceptable-frame-type tagged-only
                            switchport general allowed vlan add 2
                            exit
                            !
                            interface ethernet 1/g2
                            switchport mode general
                            no switchport general acceptable-frame-type tagged-only
                            exit
                            !
                            interface ethernet 1/g3
                            classofservice trust ip-dscp
                            switchport mode general
                            no switchport general acceptable-frame-type tagged-only
                            switchport general allowed vlan add 2 tagged
                            exit
                            !
                            interface ethernet 1/g4
                            classofservice trust ip-dscp
                            switchport mode general
                            no switchport general acceptable-frame-type tagged-only

                            Comment


                            • #15
                              Any thoughts of why I would still be getting a 172.30.0.0 address and not a 172.30.1.0 after I have made the additions to each scope option?

                              Comment

                              Working...
                              X