cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
coriumintl
New Contributor III

At what point should I get a Router instead of lean on my 1534 for L3 routing?

Jump to solution

smbMy network is around 200 machines (including servers) large between 2 ethernet subnets (my wifi is segregated to a seperate subnet and runs off AP150s). I have 6 Vlan's currently and my 1534 handles passing off to the internet gateway.

My pain point is bad SMB latency during inter VLAN communications. When accessing an application on my servers from an opposite VLAN, latency is in the 2+ second range.

I will add that this application is built on server 2003 so its using SMB 1, and the client computers are Win 7.

At what point do I need to get a router to better handle this switching? or is my issue more with how Win7 doesn't seem to handle SMB1 well?

I know i need to get a better handle on QOS as well.

0 Kudos
1 Solution

Accepted Solutions
Anonymous
Not applicable

Re: At what point should I get a Router instead of lean on my 1534 for L3 routing?

Jump to solution

Your not gonna like this but looking at the data sheet for the 1534 it does max out at 232 arp entries. You'd need to go up to a 1544 or 1638 both of which go up to 1000 arp entries. You could also look at offloading some of your vlans to another device. All of which goes back to your topic, it maybe time to just get a dedicated router.

View solution in original post

0 Kudos
16 Replies
Anonymous
Not applicable

Re: At what point should I get a Router instead of lean on my 1534 for L3 routing?

Jump to solution

- You mentioned that you are experiencing latency during interVLAN communications. Do you have any other layer 3 switches in the network? It would be helpful to see a network diagram if possible. Also, I would be more than happy to review the 1534 configuration. Please remember to remove any sensitve information.

Please do not hesitate to let us know if you have any questions.

Thanks,

Noor

coriumintl
New Contributor III

Re: At what point should I get a Router instead of lean on my 1534 for L3 routing?

Jump to solution

My network map is below. I will call out that the switch named GRSW-00 is intended to be a 1534, but we fell back to the 3COM listed as it has fewer issues than we detected when we cut over to the 1534.

So the switch named GRSW-00 is the edge switch and our internet gateways are also on it. GRSW-08 is also a 1534 and currently handles our AP150s and one AP160, it's also the home of the majority of our servers.

The consistant issues we get are when using devices on GRSW-10 communicating to the servers on GRSW-08.

Part of the pain i believe was that i didn't have the ip-helper configured correctly on the first cut over, just haven't had the opportunity to try it again due to the difficulty to schedule maintenance time.

Part of the issue also is making sure that VLAN 10 is QOS'd so that it has priority as it's where our ShoreTel VOIP system is at.

Thanks for looking this over, i have since had the cange to update my 1534's to Firmware 10.9.1, and my 123X's are at 17.09.01.00

The configuration I was trying to use with 1534 GRSW-00 is as follows:

!

!

! ADTRAN, Inc. OS version R10.5.1

! Boot ROM version 17.09.01.00

! Platform: NetVanta 1534P, part number 1702591G1

! Serial number LBADTN1331AC214

!

!

hostname "GRSW-00"

enable password

!

clock timezone -5-Eastern-Time

clock no-auto-correct-DST

!

ip subnet-zero

ip classless

ip default-gateway 192.168.3.253

ip routing

!

!

ip route-cache express

!

no auto-config

!

event-history on

no logging forwarding

no logging email

!

no service password-encryption

!

username "admin" password ""

ip forward-protocol udp time

ip forward-protocol udp nameserver

ip forward-protocol udp tacacs

ip forward-protocol udp domain

ip forward-protocol udp bootps

ip forward-protocol udp tftp

ip forward-protocol udp netbios-ns

ip forward-protocol udp netbios-dgm

!

!

!

!

!

!

no dot11ap access-point-control

no dos-protection

no desktop-auditing dhcp

no network-forensics ip dhcp

!

!

!

!

!

!

!

!

!

vlan 1

  name "Default"

!

vlan 2

  name "dot 3 B51"

!

vlan 10

  name "VOIP"

!

vlan 20

  name "dot 20 Wifi"

!

vlan 21

  name "Secondary WiFi"

  shutdown

!

vlan 30

  name "IP Cameras"

!

vlan 31

  name "Total Chrom"

!

interface gigabit-switchport 0/1

  description ShoreGear Switch

  spanning-tree edgeport

  no shutdown

  switchport access vlan 10

  switchport trunk native vlan 2

  switchport voice vlan 10

  qos trust cos

!

interface gigabit-switchport 0/2

  description ShoreGear Switch

  spanning-tree edgeport

  no shutdown

  switchport access vlan 10

  switchport voice vlan 10

  qos trust cos

!

interface gigabit-switchport 0/3

  description ShoreGear Switch

  spanning-tree edgeport

  no shutdown

  switchport access vlan 10

  switchport voice vlan 10

  qos trust cos

!

interface gigabit-switchport 0/4

  description ShoreGear Switch

  spanning-tree edgeport

  no shutdown

  switchport access vlan 10

  switchport voice vlan 10

  qos trust cos

!

interface gigabit-switchport 0/5

  description UPLNK GRSW-03

  no shutdown

  switchport mode trunk

  switchport voice vlan 10

  qos trust cos

!

interface gigabit-switchport 0/6

  description UPLNK FIREBOX X1000

  spanning-tree edgeport

  no shutdown

  switchport voice vlan 10

  qos trust cos

!

interface gigabit-switchport 0/7

  description UPLNK GRSW-02

  no shutdown

  switchport mode trunk

  switchport voice vlan 10

  qos trust cos

!

interface gigabit-switchport 0/8

  description UPLNK GRSW-06

  no shutdown

  switchport mode trunk

  switchport voice vlan 10

  qos trust cos

!

interface gigabit-switchport 0/9

  description UPLNK GRSW-04

  no shutdown

  switchport mode trunk

  switchport voice vlan 10

  qos trust cos

!

interface gigabit-switchport 0/10

  description UPLNK GRSW-01

  spanning-tree edgeport

  no shutdown

  switchport mode trunk

  qos trust cos

!

interface gigabit-switchport 0/11

  spanning-tree edgeport

  no shutdown

  switchport voice vlan 10

  qos trust cos

!

interface gigabit-switchport 0/12

  spanning-tree edgeport

  no shutdown

  switchport access vlan 10

  switchport voice vlan 10

  qos trust cos

!

interface gigabit-switchport 0/13

  description UPLNK FIREBOX XTM

  spanning-tree edgeport

  no shutdown

  switchport voice vlan 10

  qos trust cos

!

interface gigabit-switchport 0/14

  description UPLNK GRSW-10

  no shutdown

  switchport mode trunk

  switchport voice vlan 10

  qos trust cos

!

interface gigabit-switchport 0/15

  description Monitor Port

  no shutdown

  switchport voice vlan 10

  qos trust cos

!

interface gigabit-switchport 0/16

  spanning-tree edgeport

  no shutdown

  switchport voice vlan 10

  qos trust cos

!

interface gigabit-switchport 0/17

  spanning-tree edgeport

  no shutdown

  switchport voice vlan 10

  qos trust cos

!

interface gigabit-switchport 0/18

  description GRITSVR15

  spanning-tree edgeport

  no shutdown

  switchport voice vlan 10

  qos trust cos

!

interface gigabit-switchport 0/19

  spanning-tree edgeport

  no shutdown

  switchport access vlan 2

  switchport trunk native vlan 2

  qos trust cos

!

interface gigabit-switchport 0/20

  spanning-tree edgeport

  no shutdown

  switchport access vlan 2

  qos trust cos

!

interface gigabit-switchport 0/21

  description UPLNK GRSW-07

  no shutdown

  switchport mode trunk

  switchport trunk native vlan 2

  qos trust cos

!

interface gigabit-switchport 0/22

  description GRITSVR14

  spanning-tree edgeport

  no shutdown

  switchport access vlan 2

  switchport trunk native vlan 2

  qos trust cos

!

interface gigabit-switchport 0/23

  spanning-tree edgeport

  no shutdown

  switchport access vlan 2

  switchport trunk native vlan 2

  qos trust cos

!

interface gigabit-switchport 0/24

  spanning-tree edgeport

  no shutdown

  switchport access vlan 2

  switchport trunk native vlan 2

  qos trust cos

!

interface gigabit-switchport 0/25

  no shutdown

  switchport mode trunk

  switchport trunk native vlan 2

  qos trust cos

!

interface gigabit-switchport 0/26

  no shutdown

  switchport mode trunk

  switchport trunk native vlan 2

  qos trust cos

!

interface gigabit-switchport 0/27

  description From GRSW-08 FIBER

  no shutdown

  switchport mode trunk

  switchport trunk native vlan 2

  qos trust cos

!

interface gigabit-switchport 0/28

  no shutdown

  switchport mode trunk

  qos trust cos

!

!

!

interface vlan 1

  ip address  192.168.2.253  255.255.255.0

  ip route-cache express

  no shutdown

!

interface vlan 2

  ip address  192.168.3.253  255.255.255.0

  ip helper-address  192.168.2.1

  ip route-cache express

  no shutdown

!

interface vlan 10

  ip address  10.10.0.253  255.255.254.0

  ip helper-address  192.168.2.1

  ip route-cache express

  no shutdown

!

interface vlan 20

  ip address  192.168.20.253  255.255.255.0

  ip helper-address  192.168.2.1

  ip route-cache express

  no shutdown

!

interface vlan 21

  ip address  192.168.22.253  255.255.255.0

  ip helper-address  192.168.2.1

  ip route-cache express

  no shutdown

!

interface vlan 30

  ip address  192.168.30.253  255.255.255.0

  no awcp

  ip route-cache express

  no shutdown

!

interface vlan 31

  ip address  192.168.31.253  255.255.255.0

  ip helper-address  192.168.2.1

  no awcp

  ip route-cache express

  no shutdown

!

!

!

!

!

ip route 0.0.0.0 0.0.0.0 192.168.2.250 255

ip route 68.166.218.0 255.255.255.248 192.168.2.35

ip route 192.168.4.0 255.255.255.0 192.168.2.35

ip route 192.168.10.0 255.255.255.0 192.168.2.35

!

no tftp server

no tftp server overwrite

http server

http secure-server

snmp agent

no ip ftp server

ip ftp server default-filesystem flash

no ip scp server

no ip sntp server

!

!

!

!

!

snmp-server location ""

snmp-server community monitor RO

!

!

auto-link

auto-link server

auto-link recontact-interval 300

!

!

line con 0

  no login

!

line telnet 0 4

  login

  password

  no shutdown

line ssh 0 4

  login local-userlist

  no shutdown

!

!

monitor session 1 destination interface gigabit-switchport 0/15

monitor session 1 source interface gigabit-switchport 0/5 both

monitor session 1 source interface gigabit-switchport 0/6 both

monitor session 1 source interface gigabit-switchport 0/7 both

monitor session 1 source interface gigabit-switchport 0/8 both

monitor session 1 source interface gigabit-switchport 0/9 both

monitor session 1 source interface gigabit-switchport 0/10 both

monitor session 1 source interface gigabit-switchport 0/13 both

monitor session 1 source interface gigabit-switchport 0/14 both

monitor session 1 source interface gigabit-switchport 0/16 both

monitor session 1 source interface gigabit-switchport 0/17 both

monitor session 1 source interface gigabit-switchport 0/18 both

monitor session 1 source interface gigabit-switchport 0/19 both

monitor session 1 source interface gigabit-switchport 0/21 both

monitor session 1 source interface gigabit-switchport 0/22 both

!

!

end


(I hope this map posts larger than what it looks like in this input field)

networkmap.png

Anonymous
Not applicable

Re: At what point should I get a Router instead of lean on my 1534 for L3 routing?

Jump to solution

- I took a look at the 1534 configuration you provided and I had a couple of questions and suggestions. I'm not sure it has anything to do with the issues you were experiencing but perhaps it may help clear it up.

1. The command switchport voice vlan <VLAN ID> is used to assign a voice vlan ID to those phones that are LLDP-MED capable and enabled. As a result. it is important to remember that the command switchport voice vlan 10 is not required and will not do anything on those switchports that are configured as trunk ports.

2. I noticed in the configuration posted, that your default route has an admin distance of 255. Was there a reason for this?

3. Currently, your switchports have qos trust enabled. This means the switch will use the CoS value that incoming traffic is using. If you need to change any of these settings, then I would suggest looking at the guide below on setting this up:

Configuring Ethernet Switch QoS and CoS in AOS

4. I also wanted to confirm that gig 0/27 (uplink to GRSW-08) should have a native vlan of 2, while gig 0/14 (uplink to GRSW-10) should have a native vlan of 1.

I really didn't see anything that may affect performance but let us know if you still run into issues when you get a chance to put the switch back in.

Thanks,

Noor

coriumintl
New Contributor III

Re: At what point should I get a Router instead of lean on my 1534 for L3 routing?

Jump to solution

For 1, i guess that explains why the phones will find their way to VLAN 10 if the voice vlan isn't configured.

For 2, I copied the configuration from my switch GRSW-08 for this one. How should this value be considered? I can't find much in the AOS command reference guide. As for the value of it on GRSW-08 do I even need a default route since this switch isn't acting as a router, or shouldn't be? it's configured this way: ip route 0.0.0.0 0.0.0.0 192.168.3.253 255 and 192.168.3.253 is the VLAN 2 gateway.

For 3, sounds good; once i get GRSW-00 cut over from the 3com switch that it is currently our QoS for phones might improve then.

For 4, switches 8, 9, 11, and 15 are the only VLAN 2 default switches; however there are a couple of pockets of VLAN 2 over on a few of the other switches, and switches 10, 1, 2, 3, and 4 will eventually offer VLAN 31.

It sounds like my missconfiguration of the ip helper was the big contributor, though once I understand the admin distance setting better it might get some improvement as well.

Thanks! looking forward to an explanation/reccomendation on the admin distance setting.

Anonymous
Not applicable

Re: At what point should I get a Router instead of lean on my 1534 for L3 routing?

Jump to solution

-

Do you have any devices pointing to any of the 1534's VLAN interface IP addresses? If so, then you will need to leave routing enabled on it.

The admin distance is used by the router to decide the best path when there are 2 or more routes available for a specific network. By default, static routes have an admin distance of 1. Your configuration changed this admin distance to 255. The lower the admin distance, the more preferred it is. It probably isn't hurting anything because there is no other default route configured.

Let us know if you have any questions.

Thanks,

Noor

coriumintl
New Contributor III

Re: At what point should I get a Router instead of lean on my 1534 for L3 routing?

Jump to solution

That was my guess, and i noticed when i tried to change the admin distance on the GRSW-08 switch it complained about routing needing to be turned on, so that's not interfering with anything.

Will be cutting back over to the 1534 as GRSW-00 the second weekend of February, so i'll know then if i'm good.

coriumintl
New Contributor III

Re: At what point should I get a Router instead of lean on my 1534 for L3 routing?

Jump to solution

Well, the cutover worked better with the DHCP. however the most important issue is that any phones on VLAN 1 won't get their vlan801.2q status correct. But the phones that are on VLAN 2 are just fine.

For now if anyone's phone get's reset I'm going to have to statically configure that phone unless I can figure out what's glitched. I'm awaiting responses from a Shoretel forum that has been helpful in the past but i'm not sure how well they know Adtran.

Secondly the speed issue for VLAN transversal appears to be happening when Im trying to transfer files to a server on a ESXi host that is handing VLAN tagging. Perhaps that's an issue with VMware but on a different segment of my network this isn't an issue with a fairly similarly configured ESXi host.

Thanks for helping out, really excited to be 100% Adtran for our infrastructure now!

Anonymous
Not applicable

Re: At what point should I get a Router instead of lean on my 1534 for L3 routing?

Jump to solution

Actually saw and responded to your post on the Shoretel forum earlier this morning

"Whats doing DHCP for your network? Do you have option 156 configured in your dhcp server to force the phones in the right vlan? With the adtran switches you can use LLDP to move the phone into the right vlan and add qos tagging. Under the config for the ports that will have phone you just need to add "switchport voice vlan X" where X is the vlan. You can also add "switchport voice-signaling vlan X" to to get signaling traffic tagged."

Hope this helps. We almost exclusively use Adtran with our Shoretel installs and they work great together. If you needed to setup all the ports on the switch you can use interface ranges from the command line. "interface range gigabit-switchport 1/1-48" would drop you into configuring all the ports on the switch. You could then add the "switchport voice vlan" option to all ports at once. This has been the way I've done my installs for awhile and it's great not having to have the option 156 on your main DHCP server. This makes it so the phones don't even grab an address in vlan 1 when they first boot. You do still need to have something doing DHCP in your second vlan.

coriumintl
New Contributor III

Re: At what point should I get a Router instead of lean on my 1534 for L3 routing?

Jump to solution

Windows server is doing my DHCP. Option 156 is still in place.

The only change i made this weekend was cut over to an Adtran, we didn't change DHCP as that was handled by Windows. so this adtran took over VLAN routing and L3 routing for our intnernet gateway. all other services are handled by Windows.

Does VOICE VLAN 10 need to be on trunk ports also?

Anonymous
Not applicable

Re: At what point should I get a Router instead of lean on my 1534 for L3 routing?

Jump to solution

Not that I know of though I usually have it on there just in case. I've not had any issues when I've not had it there. I'd double check and make sure you have option 156 set correctly in your vlan 1 dhcp scope. I'm guessing 192.168.2.1 is your dhcp server. I'm not sure where thats plugged into in your network but I'd check that vlan 10 is build on that switch and all other switches in the network that has phones attached. If you program a port to be in vlan 10 and hook up a PC to that port do you get an address?

coriumintl
New Contributor III

Re: At what point should I get a Router instead of lean on my 1534 for L3 routing?

Jump to solution

yeah, my Shoregears hang off this 1534 in ports 1-4. my config is attached above in this thread along with a network map, yes my DHCP server is 192.168.2.1 and hangs on port 15.

if i flag a port as vlan 10 i do get an appropriate IP from a PC.

A new issue that has been raised is slowness in general. I can measure a 45ms average response time and about 2% packet loss across my fiber link on this switch. But SMB file transfers between vlan 1 and vlan 2 are fine. a couple of other apps i have are slow and time out, or when working with a file across vlan's it's slow.

Anonymous
Not applicable

Re: At what point should I get a Router instead of lean on my 1534 for L3 routing?

Jump to solution

Just to verify when you tried with a PC you did it from a remote switch and not the local switch where the vlan 10 gateway is? I'm just thinking it sounds like the packets are not getting across a trunk link somewhere. Also from one of the phones thats not working can you a do a MUTE I-N-F-O (4-6-3-6) and confirm that tagging is turned on and it's in the right vlan?

Not sure about your slowness. Maybe someone from Adtran will jump back into this thread. Does it only appear when it's across the fiber? IE is it fine if you copy traffic between 2 pc's on the same switch? I'd look at the port statistics on each end and check for duplex mismatch and see if you are having collisions or showing any other errors on either end.

coriumintl
New Contributor III

Re: At what point should I get a Router instead of lean on my 1534 for L3 routing?

Jump to solution

yeah, i'm on a switch other than the 1534 I swapped out on Saturday and trying the different VLAN's from there. my phone says it's 802.1q tagging is on and it's on VLAN 10 but it get's an IP that matches what the port is flagged as (VLAN 1). of all my VLAN's that have UDP relay set, VLAN 1 is the only one where it get's the wrong IP, VLAN 1 is the same subnet as the DHCP server.

I'm almost ready to re-factor my VLAN's so that the third octets match, meaning I'll move the ports configured as VLAN2 to VLAN3, then reconfigure my ports from VLAN 1 to VLAN 2. just incase that happens to correct it.

How should Class of Service be configured? might this have an impact?

As for the speed issue, it seems traffic dependent, latency is much better today but surges occasionally.

coriumintl
New Contributor III

Re: At what point should I get a Router instead of lean on my 1534 for L3 routing?

Jump to solution

Just noticing when i login to the CLI i'm getting EXPRESS_CACHE.EVENTS xRt: HW ARP table is full (232 max. entries).

Is there something I need to do about this?

Anonymous
Not applicable

Re: At what point should I get a Router instead of lean on my 1534 for L3 routing?

Jump to solution

Your not gonna like this but looking at the data sheet for the 1534 it does max out at 232 arp entries. You'd need to go up to a 1544 or 1638 both of which go up to 1000 arp entries. You could also look at offloading some of your vlans to another device. All of which goes back to your topic, it maybe time to just get a dedicated router.

0 Kudos
coriumintl
New Contributor III

Re: At what point should I get a Router instead of lean on my 1534 for L3 routing?

Jump to solution

I'm not sure I have all the pieces for QOS either with this 1534 I have currently, and it's not clear if the 1544 would fill that gap.

Any recommendations on which router to get in then?

We feel that a router is a better option, more on features than $. As long as we can figure out how to configure it!

Not that I expect the router to necessarily fix the phones getting the correct IP while on VLAN 1 flagged ports anyway.

Thanks again for the help!