Announcement

Collapse
No announcement yet.
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Better IP Routing

    Or at least let the routers on the network decide routing.

    The issue we have is that we have redundant links at every location. Our primary link is MPLS and if the MPLS goes down the site will switch to VPN. It is done via static routes with metrics higher than that of EIGRP, and no ip redirects on the ethernet interface of the router. The initial switch works fine with ShoreTel.

    The problem occurs when MPLS comes back up. All IP devices EXCEPT SHORETEL SWITCHES will go back to the proper routing. The ShoreTel switches hold their own routing tables, and since the VPN connection did not drop they believe this to be a good route. This then creates a loop where when users at HQ call the remote branch the call goes straight to VM. When users at the branch call HQ, the call is connected but neither party can hear each other.

    If ShoreTel switches are responsible for IP routing, we should have some control over what routes they take or refreshing routing tables.

    My preference is to let my routers do the routing.

  • #2
    I am not sure I follow you.

    Even a Windows client has a routing table. How is the ST switch learning about these new routes. If it is senting the traffice to the same gateway, how is it telling the gateway to route the traffic through a different path.

    I don't have access to a switch to see what your are describing but, I would like to hear more about your issue.

    Tom
    There are 10 types of people in the world, those that understand binary and those that donít.

    Comment


    • #3
      Aging out the routing tables on the switches.

      There used to be a known issue where the ShoreGear switches and phones would get host routes from ICMP redirect messages and wouldnt release them. You would have to manually clear them from the switch by rebooting or telneting into each switch and deleting the routes manually. There is a registry key you can add to your voicemail switch that will tell the switches to ignore ICMP redirects. I'm not sure if this is enabled by default on the later versions or not. I haven't encountered an issue like this since version. 4.3.

      Comment


      • #4
        Originally posted by aspen
        I am not sure I follow you.

        Even a Windows client has a routing table. How is the ST switch learning about these new routes. If it is senting the traffice to the same gateway, how is it telling the gateway to route the traffic through a different path.

        I don't have access to a switch to see what your are describing but, I would like to hear more about your issue.

        Tom
        From what my partner and ShoreTel have told me, when the ShoreTel switch has a valid route it does not check for a new one unless that route becomes unavailable or upon reboot.

        So with valid MPLS routes, the ST switch shows a gateway of 192.168.x.1 for the HQ site. When MPLS goes down, it then shows a gateway of 192.168.x.254 to go across VPN. When MPLS comes back up, the VPN route did not drop therefore the ST switch continues to use this route until it is rebooted or the VPN becomes unavailable.

        According to support, this is by design. They do have an enhancement request and are supposed to be creating something to work with this as I am not the first customer who has had issues with it.

        I hope that made sense.

        Comment


        • #5
          Until ST gets their act together, wouldn't a workaround be to drop the VPN for whatever period of time the switches take to find the correct path?

          Comment


          • #6
            Ran across a similar issue with ICMP redirect (not multiple wan links, but maybe applicable anyway)

            This assumes you are using a layer3 switch: put your gateways to the WAN on a different VLAN (or maybe a different subnet on the same vlan would work).


            Say all your servers, shoretel switches, PCs, etc are on vlan 10, 192.168.10.x/24

            Put your MPLS router, and VPN device on VLAN 100 192.168.100.x

            Set the gateway on the servers, shoretel switches, etc to be the ip address of the layer 3 switch and let it route to the wan.

            Then when MPLS goes down, the router won't send the ICMP redirect to anything other than yor L3 switch, the shoretel switches will never get the ICMP redirect. If your L3 switch even wants to send ICMP redirects, it won't be able to as there is no more preferable route (traffic has to hit the L3 as its gateway).


            I actually hit upon this method because of a client with L3 switches sending redirects for each public ip accessed, because their firewall was on the same vlan as their PCs. It was only a problem with some websites, but this removed the ICMP redirects.
            Last edited by aclements; 04-17-2008, 03:14 PM.

            Comment


            • #7
              Try a Layer 3 switch

              Not sure I completely understand your set up but here's how we've been designing it to help with a number of issues (which sounds like it fits your situation)

              If you have a switch that can handle Layer 3, make it the gateway for your ShoreTel switches. Let the Router handle routing to your service providers and let the switch take care of routing between subnets (Voice and Data VLANs for example) with static routes. ShoreTel gear won't care how often your circuit bounces back and forth if the L3 switch stays up.

              Comment

              Working...
              X