[unisog] Nortel VoIP phone configuration with ISC DHCP

John Stauffacher stauffacher at chapman.edu
Fri Oct 28 23:29:30 GMT 2005

For those of you with Nortel VoIP phones (i2004 etc) and/or 
BCM/Concession..err Succession ....If you've been baffled by the 
wierdness Nortel does in DHCP to actually get the phone to automagically 
get its info, be baffled no more. I finally figured it out, and decided 
I will share.

The handshake is just like Avaya's in that the phone does a couple things:

1. It requests options (via option 55) 43,128,144,157,191 from the DHCP 
2. It then gets an address, and one of the options is the Tagged VLAN it 
is "supposed" to be on
3. It then drops the address and re-requests its ip info from the DHCP 
server on the tagged vlan

Now any one of those options can be present, and they need to be present 
throughout the conversation. Option 191 is interesting and we will get 
to that later.

Your probably going "well, thats great, what do I put in those options"....

The first option packet is an ascii identifier seperated by comma's and 
looks like this

A,B:C,D,E;F:G,H,I,J:K.  <= Rememeber the period.

A = "Nortel-i2004-A" <- Vendor Class Identifier (I've only seen this 
one, though the documentation seems to think there could be more)
B = IP address of your call manager
C = Port
D = Action (1 for "Hello", 0,2-254,255 are "reserved" according to Nortel)
E = Retry count
F = IP address (2) of your Call manager
G = Port (2)
H = Action (2)
I = Retry count (2)
J = [Optional] Ip address of XAS server (Net6)
K = [Optional] Port of XAS server (5000)

This can live in Option 128,144 or 157.

Option 191 is special in that it is the VLAN identifier. According to 
Nortel -- there is no way to tell the i2004 to automagically switch 
vlans -- but in practice we are doing it from a BCM (Running NT) and now 
from an ISC dhcp server -- it can be done -- its just not documented 

So option 191 contains
A:B. <= Rememeber the period

A = "VLAN-A"
B = numeric vlan id

Now, I am sure you can combine option 143 and 191 into a Vendor 
Encapsulated option 43 -- I had no luck with this and it proved to be 
too much work than it was worth (man 5 dhcp-options for more info). So I 
just leave 128 with the phone config string and 191 with the vlan 
identifier. Here's a sample:

set vendor-string = option vendor-class-identifier;
option NortelVoIPPhoneIdentifier code 128 = text;
option NortelVoIPVLANIdentifier code 191 = text;
option NortelVoIPPhoneIdentifier "Nortel-i2004-A,,1,5.";
option NortelVoIPVLANIdentifier "VLAN-A:8.";

(the set vendor-string just allows my leases file to show the vendor 
strings, its quite helpfull when debugging.

Now if you want to get tricky you can do this:

set vendor-string = option vendor-class-identifier;
option NortelVoIPPhoneIdentifier code 128 = text;
option NortelVoIPVLANIdentifier code 191 = text;

class "vendor-classes" {
         match option vendor-class-identifier;
subclass "vendor-classes" "Nortel-i2004-A" {
	option NortelVoIPPhoneIdentifier "Nortel-i2004-A,,1,5.";
	option NortelVoIPVLANIdentifier "VLAN-A:8.";

And only give out Nortel options to nortel phones. If anyone needs 
anymore info let me know.

John Stauffacher, CISSP
Network Administrator
Chapman University
stauffacher at chapman.edu
ph: 714.628.7249
"It's amazing how much you take for granted when you already know what you are doing."
"there is no /usr/local on my C:\ drive!"

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 4870 bytes
Desc: S/MIME Cryptographic Signature
Url : http://www.dshield.org/pipermail/unisog/attachments/20051028/59f2dc47/smime.bin

More information about the unisog mailing list