Comware

Hi everyone,

In a network with HP A3100-24-PoE v2 running R5203P04 as edge switches,
I'm experiencing scattered issues with hosts that suddenly stop being able to traffic thru the switch.

Like if the host were physically disconnected or "mac-address max-mac-count 0" were applied, the switch won't see the host's mac address on the interface anymore.

This happened either with hosts directly connected to the switch on native VLAN or with wifi stations whose traffic goes 802.1q tagged to the switch from the AP, both on hybrid port.

This is the common edge iface configuration used on these switches where this issue happened:
vlan 1 = user traffic
vlan 14 = voice traffic

#
interface Ethernet1/0/3
 port link-type hybrid
 port hybrid vlan 1 untagged
 voice vlan 14 enable
 poe enable
 stp edged-port enable
#

Neither shutting down administratively nor physically the interface while keeping this config, seems to solve the issue.

So far, as a workaround, disabling voice vlan over the interface, enables the switch to see the host's mac address and thus let the host traffic again,
even when these hosts have nothing to do with voice vlan or the OUIs related to it.
Also does restarting the switch ;).


Any ideas about what could be happening, or how could I debug this issue, would be very appreciated.

Thanks in advance.
Regards.

#A3100
#VoiceVlan

Hi,

 

the voice-vlan command on comware has several "features" (all with good reasons at the time they were made), which does not make it as easy as it should be.

 

Long story short : do not use the voice vlan command anymore if you encounter problems (I have customers using voice vlan, where it works just fine as well) and move to the classic method:

* manually enable the voice vlan tag on the interface

* manually configure lldp-med to announce the voice vlan

 

int range g1/0/1 to g1/0/48

 port link-type hybrid

 port hybrid vlan 10 tagged

 lldp voice-vlan 10

 

Hope this helps.

 

Hi Peter, thanks for your answer

We actually come from the classic method before deploy voice-vlan command, where we had:
* manually enabled the voice vlan tag on the interface
* manually enabled the voice vlan tag on the IP phone (since our 3COM 3500 IP phones don't support lldp-med)

Surprisingly voice-vlan command worked just fine for our IP phones since we left the classic method.
It is the other (native and 802.1Q) vlans' hosts that misbehaves until I disable voice-vlan command.

Still looking forward to hear other experiences and advices before start un-deploying voice-vlan command.
Regards.

Hi
it might worth trying to disable auto voice vlan and voice vlan security.
I have seen cases with 5120's auto voice vlan causes unstable results.

voice vlan aging 30
undo voice vlan security enable

interface Ethernet1/0/3
undo voice vlan mode auto

Hi mertdemi, thanks for your advice

As I mentioned before, we came from the classic method to voice-vlan command only for the "security" feature.
Given the unstable results and facing that we will have to do a big undeployment over our edge switches, I would go back directly to the proven classic method rather than keep the voice-vlan command with security disabled.

Either way, whats the real advantage of use manual non-secured voice-vlan command over classic method? I guess its only ACL rules and packet precedence, if configured (all defaulted on our scheme by the way).