When I ping from local router to IP phone the situation is like this:
<font color=red>Sending 100, 100-byte ICMP Echos to 10.1xx.x.x, timeout is 2 seconds:
Success rate is 86 percent (86/100), round-trip min/avg/max = 1/2/4 ms
When I ping from other device or ping from local router -> workstation everything working good.
Also when I ping from remote router ->IP phone ping is OK too.
What is it, is it some feature or problem???
It is done by design to avoid DoS attacks. I can't find the document, but there is a document on it.
Here's the doc.
Hope this helps.
Hi I see the respone for this but that is one reponse for every two pings sent, and not the actual problem that there is one in 6 or more of the pings fail from a local router. Looking at this with a sniffer the IP phone does not actually respond to the missing pings has anyone got a better or more fitting explantion to this than the document listed, as that document is not actually the same as the "fault" we are seeing.
I would still agree that what you are seeing is the built in protection against DoS
the documentation on http://www.cisco.com/en/US/tech/tk1077/technologies_tech_note09186a008010edb8.shtml
is a bit ambigious on this front, it is titled "ip phones replies to one ping out of two", whereas further on in this document it states
"This is because the IP phones have been designed to only reply to an echo every 10ms" this could still be whith what you are seeing.
Maybe the only way of finding out is looking at your sniffer log timestamps and check how far apart these echo requests are.
yep I have done and the phone just doesn;t resond to the 6th ping. but different phones do different things which is the annoying bit!!! Everyone has a rule of thumb to ignore these ping failures but this leads to the rule of thumb being extended and now I hear that it is ok for a server to behave the same way, which is just ridiculous and i really need a proper statement from Cisco around the behaviour, yes I'm that sad I have raised a TAC case on it.......
Communications Manager 8.5 and also Unity Connection 8.5 are doing the same thing. The phones take forever to register.. and after troubleshooting the pings I landed here. Did you find a resolution to this?
Nope I didnt really get anywhere with it, I was just told it was to prevent DoS attacks and then I gave up as it wasn't actually a fault that I was having just a moan sorry I can't be of any help
Make sure this is not a DNS issue, are your CUCM servers referenced by IP or hostname in configuration?
Good point from Chris (+5). Also ensure that the TFTP servers are running correctly on your CUCM servers. I've seen instances where phones will attempt to grab their config files via TFTP, timeout and fail (for whatever reason) and then register with CUCM using cached information.
Failing that, a wireshark trace of what the phone is doing almost always shows what is going wrong.
Sorry for hijacking the thread. My issue turned out to be a DNS problem after viewing the phone statistics. I hate that the CCM installation requires you to set a hostname, as we've been trained to leave DNS out of it. Not sure why, but the CCM ethernet port was running half duplex until I manually set it, which is why I posted..