Announcement

Collapse
No announcement yet.
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Ideal WAN configurations for Shoretel

    We've been having issues with our Shoretel system whenever changes are made on one of our firewalls. I'd like to propose some network/WAN changes for our Shoretel set up, so I wanted to ask those who have set Shoretel up more than a few times, what WAN configurations provide the most resilient/reliable architecture for Shoretel? MPLS?

    I'm most interested in hearing (feel free to brag in this thread :yes: ) about the configurations that you've used that resulted in the best scalability/reliability while minimizing forseeable downtime and user complaints.

  • #2
    I am not sure if I am the poster child for this thread, but we are using an MPLS circuit that has routers using QoS managed by our ISP (in our case XO communications). We have firewalls between our LAN's and their routers and implement a variety of bandwidth rules and policies to make sure the voice traffic gets enough bandwidth. That being said, I had been fighting voice quality issues, but the changes that seem to have resolved them were actually related to the spanning tree protocol on the LAN.

    D.

    Comment


    • #3
      Thanks for your reply! Glad to hear the Spanning-Tree trick worked!

      Comment


      • #4
        What spanning tree trick are you taking about, I would like to hear this? Spanning tree and voice don't work well together. For the simple reason that it takes to long (30sec) to learn new routes if a link were to go down. I would suggest that routing be used for all networks with ShoreTel installed. You will see a ton of TMS drops using spanning tree.

        Comment


        • #5
          I wouldn't go as far as calling it a trick. Several docs had indicated that turning off spanning tree on all ports that have ST switches connected to them, this did not solve our problems. What we ended up doing is turning off spanning tree for a particular VLAN (in our case a voice VLAN), but leaving spanning tree enabled on the ports that had the phones as we are tagging our traffic.

          Hope that makes a little sense.

          D.

          Comment


          • #6
            We have ST shut off on our Voice VLANs and that seems to help with internal quality. We still run into issues with traffic across our WAN, especially with services that rely on our HQ server (ie. Workgroups mostly).

            We see a lot of problems where our Firewalls will start blocking the 5440 port despite an explicit rule that should allow the traffic through. We usually end up rebooting the firewall at my site and the HQ site to fix the issue. Since the firewall seems to be a constant point of failure for reliability with VOIP, I was hoping for some examples from those of you who have done more than a few Shoretel Installs to see if using MPLS or any other leased circuit connection that might allow us to bypass the use of a firewall and fewer headaches in the long run.

            Comment


            • #7
              firewall

              what kind of firewall do you have? Just curious.

              Comment


              • #8
                Checkpoint.

                Comment


                • #9
                  I can put up a diagram of our multi wan network if that will help. We are using Juniper SSG's for our firewalls (formally netscreen) and don't experience any of the port blocking issues you mention.

                  D.

                  Comment


                  • #10
                    I too have run ShoreTel voice through Juniper/Netscreen with great success through hub and spoke as well as mesh vpns. Currently running through point to point circuits with Crisco routers doing prioritization and almost never see 119 errors.

                    Comment


                    • #11
                      We've done a lot of Shoretel projects that incorporate multisite. 90% of the time, WAN connectivity is through private circuits (point to point or MPLS type circuits) with Juniper routers (or Cisco is required). Works fantastic.

                      Also done some with Juniper firewalls where voice quality over the Internet wasn't a concern. Works great. In the earlier Shoretel days (and with earlier versions of ScreenOS.... Like 5.1-5.2), we saw issues with the firewalls hanging up sessions for switch traffic on 5440-5445.

                      Comment


                      • #12
                        We're on Version 6.1 and will be upgrading to 7.5 in the next few months.

                        Comment

                        Working...
                        X