Tg0028-Ed.08 Ip Touch Issues - en

TROUBLESHOOTING GUIDE No. TG0028 Ed.
08
OmniPCX Enterprise Nb of pages : 144 Date : 07 January 2011
SUBJECT : IP TOUCH ISSUES
CONTENTS
1. INTRODUCTION ..........................................................................5
1.1. Forewords................................................................................................. 5
1.2. IP-Touch Version....................................................................................... 5
2. REFERENCES................................................................................6
3. HISTORY......................................................................................7
4. ABBREVIATIONS AND NOTATIONS .............................................8

4.1. Abbreviations ........................................................................................... 8
5. SIGNALING LINK BOARD.............................................................9

5.1. Introduction .............................................................................................. 9
5.2. From Release R7.0 .................................................................................... 9
5.3. Up to Release R7.0 ................................................................................... 9
5.3.1. Principle............................................................................................................9
5.3.2. Signaling board search mechanism ................................................................10
5.4. Configuration ......................................................................................... 12
6. IP-TOUCH GLOBAL MECHANISM...............................................13

6.1. Overview ................................................................................................ 13
6.2. Overview of IP-Touch phases.................................................................. 13
6.3. Spatial redundancy ................................................................................. 13
6.4. Survivability ............................................................................................ 14
6.5. Running phase........................................................................................ 14
7. DESCRIPTION OF THE IP-TOUCH INITIALIZATION PHASES........15

7.1. Special modes......................................................................................... 15
7.1.1. Industrial–Mode..............................................................................................15
1
7.1.2. Backup–Version–Mode....................................................................................15
7.2. Step 1: Network initialization.................................................................. 16
7.3. Step 2: IP parameters acquisition and checking ...................................... 17
7.3.1. Acquisition ......................................................................................................17
7.3.2. Acquisition in survivability mode ....................................................................18
7.3.3. DHCP mechanism ...........................................................................................18
7.3.4. DHCP Offer Message Processing.....................................................................19
7.3.5. AVA feature ....................................................................................................20
7.4. Step 3: lanpbx.cfg Configuration file....................................................... 22
7.4.1. Overview ........................................................................................................22
7.4.2. Download .......................................................................................................22
7.4.3. File Location ...................................................................................................22
7.4.4. File format ......................................................................................................23
7.4.5. Secure mode...................................................................................................24
7.4.6. Download/Parsing ..........................................................................................24
7.5. Step 4: Software downloading and updating .......................................... 25
7.5.1. Code and data binaries ..................................................................................25
7.5.2. Fast-init ..........................................................................................................26
7.5.3. Binary download and flashing ........................................................................28
7.5.4. Binary download and flashing ........................................................................28
7.5.5. TFTP server limitation......................................................................................29
7.6. Step 5: start file ...................................................................................... 30
7.6.1. Format ............................................................................................................30
7.6.2. Download and parsing ...................................................................................31
7.6.3. Redirection......................................................................................................32
7.6.4. CONNECT timeout..........................................................................................32
7.7. Connect Message.................................................................................... 33
7.7.1. Overview ........................................................................................................33
7.7.2. Super Fast Connect .........................................................................................34
7.7.3. Connect Message definition............................................................................34
7.7.4. Release connection .........................................................................................35
7.8. Follows-up.............................................................................................. 35
7.9. Keep Alive mechanism............................................................................ 36
7.9.1. Mechanism .....................................................................................................36
7.9.2. Disabling the Keepalive mechanism ...............................................................37
7.10. Data exchange........................................................................................ 38
7.10.1. Principle ......................................................................................................38
7.10.2. Advanced data exchange ............................................................................40
2
7.11. RTP packets voice payload format ........................................................... 41
8. IP-TOUCH AND IP PHONE INITIALIZATION AND DOWNLOAD TEST

.................................................................................................42
9. POWER CLASSIFICATION...........................................................43
9.1. IEEE Recommendation and IP-Touch classification .................................. 43
9.2. Consumption Details .............................................................................. 43
9.2.1. Fast Edition range...........................................................................................43
9.2.2. Extended Edition range...................................................................................44
10. 802.1X.......................................................................................44
11. TROUBLESHOOTING IP-TOUCH ISSUES.....................................45

11.1. Troubleshooting initialization/restarting issues....................................... 45
11.2. Troubleshooting IP-Touch reset issues .................................................... 45
11.3. Troubleshooting one-way communications issues (or no audio at all) .... 46
11.4. Troubleshooting audio volume issues ..................................................... 46
11.5. Troubleshooting registration issues ........................................................ 46
11.6. Troubleshooting other issues .................................................................. 47
12. FREQUENTLY ASKED QUESTIONS..............................................48

12.1. MPLS....................................................................................................... 48
12.2. Handsfree principle ................................................................................ 49
12.3. Power Over Ethernet 802.3af.................................................................. 52
12.4. VAD ........................................................................................................ 53
12.5. Control IP-Touch ..................................................................................... 53
12.6. "No Ethernet Link" message .................................................................... 53
12.7. IP-Touch Switch behavior during the IP-Touch reset ............................... 54
12.8. IP-Touch doesn’t start and stays in "connect" phase ................................ 55
12.9. Upgrade IP-Touch version ...................................................................... 56
12.10. Jitter buffer size.................................................................................. 56
12.11. NAT translation .................................................................................. 57
12.12. Spatial redundancy ............................................................................ 57
12.13. Keep-alive mechanism ....................................................................... 57
12.14. Delay on the data network ................................................................. 58
12.15. IP-Touch and backup signaling link.................................................... 59
12.16. Call server duplication ....................................................................... 60
3
12.17. Loss of signaling board ...................................................................... 60
12.18. VoIP assessment tool .......................................................................... 60
12.19. Bluetooth............................................................................................ 61
13. BEFORE CALLING ALCATEL’S SUPPORT CENTER ........................61
APPENDIXES
APPENDIX 0 - 802.1x
APPENDIX 1 - STATUS OF THE IP LINK
APPENDIX 2 - ERROR MESSAGES IN STARTING PHASE
APPENDIX 3 - ADD ON MODULE
APPENDIX 4 - EMBEDDED IP-TOUCH SERVICE COMMANDS
APPENDIX 5 - IP-TOUCH RESET CAUSE
APPENDIX 6 - SNIFFER TRACES
4
OmniPCX Enterprise
TROUBLESHOOTING GUIDE No. 28 IP TOUCH ISSUES
1. INTRODUCTION
1.1. Forewords
This troubleshooting guide explains the operation of an IP-Touch (in some cases for an e-Reflex but
not necessary) in a VoIP environment. Its aim is to help diagnose and resolve issues in activating the
IP-Touch.
This document takes into account IP-Touch versions up to 3.70 corresponding to Call Handling
release R7.1
The IP-Touch terminals are declined in 5 models:
− 4008 (Model Z)
It is a cost reduction of 4018, with same packaging as 4018
• No PC Ethernet port
• Standard handset instead of comfort handset
• Narrow band loudspeaker instead of wide band enabled loudspeaker
− 4018 (Model A)
− 4028 (Model B)
− 4038 (Model C)
− 4068 (Model D)
SRAM and FLASH Memory sizes are kept identical to IP-Touch R2, R3 and R4.0.1
This document does not deal with wireless sets: MIPT 300, MIPT 600.
1.2. IP-Touch Version

In this document, sometimes the denomination Release R1, R2, R3, R4 of the IP-Touch will be used,
below you will find the correspondence table
IP-Touch Release Binary Version (Export) Binary Version

(Full = Security Thales)
R1 1.xx.xx --
R2 2.xx.xx --
R3 3.1x.xx (Ex: 3.18.00) 3.1x.5x (Ex: 3.18.50)
R4 3.6x1.xx x1 =(0-4) 3.6x2.xx x2 = x1 +5 = (5-9)
R4.0.1 3.7x1.xx x1 =(0-4) 3.7x2.xx x2 = x1 +5 = (5-9)
Ed. 08 / 07 January 2011 5 TG0028

OmniPCX Enterprise
2. REFERENCES
The following documents, dealing with subjects around IP Issues, are also available on
BPWS/Technical Knowledge Base:
• Troubleshooting guides:
♦ TG0001: Echo in a VoIP environment
♦ TG0002: VoIP audio quality problems
♦ TG0014: IP Phones issues
♦ TG0015: INTIP issues
• Technical Communications:
♦ TC0034: Voice on IP: Configuring an inter-PABX link in VoIP (LIOE)
♦ TC0107: IP Phone and OmniPCX 4400 R3.2/R3.2M secured on its Ethernet link
♦ TC0151: Using the DHCP Relay feature in OmniPCX 4400 (from Release 3.2M)
♦ TC0154: VoIP and Internet glossary
♦ TC0189: Information about rate and duplex mode available on OmniPCX
4400/Enterprise IP components
♦ TC0190: OmniPCX 4400 (R >= 3.2) and TOS field configuration for LIOE, TSC_LIOE,
INT-IP and IP Phones
♦ TC0258: Setting the Windows 2000 server into DHCP server for IP Phones – from Release
3.2M
♦ TC0267: Tftp server enhancement for optimization of IP Phones implementation
♦ TC0295: Configuring the VLAN (802.1q) ON OmniPCX 4400 IP equipments
♦ TC0376: VoIP/INTIP : Bad audio quality on OmniPCX 4400 in Release 4.1.1
♦ TC0423: IP redundancy in OmniPCX Enterprise
♦ TC0441: Echo phenomenon with VoIP
♦ TC0458: IP Phones VoIP technical characteristics
♦ TC0474: IP Phone V2 sets / OmniPCX 4400 Versions & Add-On modules compliance
♦ TC0506: Use of the tool tcpdump on OmniPCX Entreprise
♦ TC0600: Test report: Alcatel IP Phones sets using power over Ethernet supplied by Cisco
Catalyst 3560-24PWR
♦ TC0601: Automatic VLAN Assignment (AVA) – Implementation guide and restrictions
♦ TC0607: Redundancy over IP will not switch-over if the Ethernet link on the Main CPU is
lost
♦ TC0623: 802.1P/Q Configuration guidelines for Alcatel IP Phones connected to a Cisco
Catalyst Switch.
♦ TC0633: The IP-Touch sets do not restart from versions F1.602.3.m and F1.603.1.c
♦ TC0663: IP-Touch does not restart after upgrading of new versions
♦ TC0736: Technical release note for the VoIP assessment tool Aviso 3.0
TG0028 6 Ed. 08 / 07 January 2011

OmniPCX Enterprise
♦ TC0768: IP Phones sets don’t start on a secured system

♦ TC0791: Continuous resets of IP-Touch 4068 after binaries upgrade
♦ TC0804: Non detection of the hook key integrated in the headset cable connected to the
IP-Touch
♦ TC0811: The display of the directory on IP-Touch 4038, 4039, 4068 is blocked after
translating from <= R5.1.2 to >= R6.1
♦ TC0821: Spatial Redundancy: The inter-CPU IP link is not back after its cutting off and its
restoring
♦ TC0831: One way communication with an IP-Touch (4018,4028,4038,or 4068)
3. HISTORY
• Ed 01 Creation of the document
• Ed 02 Official availability
• Ed 03 Add-ons
• Ed 04 Modifications of Appendix 4 section Port Mirroring (mirror)
• Ed 05 Correction of section 7.9 Keep Alive mechanism
• Ed 06 Correction of section 12.10 Jitter buffer size
• Ed07 Add section IP Touch Extended Edition phones consumption details
• Ed08 Correction of number of AOM in Appendix 3
Ed. 08 / 07 January 2011 7 TG0028

OmniPCX Enterprise
4. ABBREVIATIONS AND NOTATIONS
4.1. Abbreviations
In this "IP-Touch Troubleshooting Guide", following abbreviations can be used.
• AVA : Automatic VLAN Assignment
• IPP : IP Phone V2, V1, V1S = e-Reflex
• IPT : IP-Touch 4008, 4018, 4028, 4038 or 4068
• CS : Call Server: CPU on common hardware or Appliance Server
• CPU4400 : CPU on Crystal 4400
• OXE : OmniPCX Enterprise
• MMI : Man Machine Interface (Used in this document for IP-Touch MMI)
• MGR : Manager (mgr) (Used for Call Handling)
• VAD : Voice Activity Detection
• DHS : Corresponds to OXE Call Server
• AOM-EL : Electronic Add On Module
• Notations
This symbol indicates some possible risks or gives important information or tricks.
TG0028 8 Ed. 08 / 07 January 2011

OmniPCX Enterprise
5. SIGNALING LINK BOARD
5.1. Introduction
To simplify the notation in the following document according to the "Signaling link" sending either
from CS, CPU4400, INTIPA, GD, rescued GD, to the IP-Touch or e-reflex terminals, we have
introduced the notation, "Signaling Link Board" which will correspond to the board used to
transport the "Signaling Link" to IP-Touch.
− Signaling link will carry signals like : keepalive, connect, UA messages,
− IpLink : corresponds to the fictive INTIPA on Communication Server
5.2. From Release R7.0

From Release R7.0, all sets either IP-Touch or e-reflex are systematically connected to IpLink,
independently to CPU type, or domain number.
There are no more parameters to force the signaling for
− IP-Touch to a real INTIPA board
− IP-Touch or e-Reflex to a GD or GA
− GD to a real INTIP Board
See paragraph 5.4.
In the case of "Backup signaling", the rescued GD is used to deliver the Signaling Link messages.
5.3. Up to Release R7.0
5.3.1. Principle
The table (Page 11) gives the "Signaling Link Board" which has been used up to R7.0, depending on
the:
− use of domain (X domain or default domain)
− Call Server type
− IP-Touch (IPT), e-reflex (IPP)
− mgr parameters
Ed. 08 / 07 January 2011 9 TG0028

OmniPCX Enterprise
5.3.2. Signaling board search mechanism

During an IP set start up, the IP set will be connected to the "Signal Link Board" according to the
following mechanism.
− Choice of a "Signal Link Board" which is in the same domain as the IP terminal.
− When there is no "Signal Link Board" in the IP set domain, "Signal Link Board" will be chosen
from default domain.
− When there is no "Signal Link Board" available, the "Signal Link Board" is searched in all the
domains
The following table shows the differences regarding the Signaling Ling Board connection between an
IP Phone and an IP-Touch.
Annotations used in the next table
(1) The load is distributed according to a load repartition optimization between the different
available couplers.
(2) Terminals are connected to GD board, when the other coupler in the domain are busy
(3) These couplers can only accept Signaling link for IPP and for IPT in the case "IP -> IP
Parameters -> IP Phone signaling on eMGD = YES"
(4) In the case of backup, the GD (/GA) boards in rescuer mode accept without conditions the IP
terminals in their domains
(5) When there are no other board available, the terminal in domain X will be connected to the
IpLink
Remark: Historically, parameter "System -> Other System Parameters -> System parameters ->
IP-Touch IP on a real INTIPA board" has been created in the way that IP-Touch terminals have the
same behavior that IP Phone terminals regarding to the "Signaling Board". Today this parameter
should only be modified with R&D agreement, and has by default to be set to NO.
TG0028 10 Ed. 08 / 07 January 2011

OmniPCX Enterprise
INTIPA GD (3)(4) GA (3)(4)

Iplink Default Default Default
X domain X domain X domain
domain domain domain
X domain •(5) •(2) •(1)

IP
Touch Default
•
domain
CS
X domain •(5) • (1) •(2) •(1)
IPP Default
•(1) •(1)
domain
X domain •(5) •(2) •(1)

IP
Touch Default
•
domain
CPU4400
X domain •(1) •(2) • (1)
IPP
Default
•(1)
domain
Ed. 08 / 07 January 2011 11 TG0028

OmniPCX Enterprise
5.4. Configuration
Below we will show the difference between a configuration before and after R7.0. As we can see, the
next parameters won’t be manageable any more from R7.0
System -> Other System Parameter -> System Parameters

- GD Linked with a real INTIPA Board
- IP-Touch IP on real INTIPA board
IP -> IP Parameters
- IP Phone Signaling on eMGD (Connection to a real GD or GA)
TG0028 12 Ed. 08 / 07 January 2011

OmniPCX Enterprise
6. IP-TOUCH GLOBAL MECHANISM
6.1. Overview
At reset time, after some hardware and software initialization, the terminal enters in starting phase.
During this phase, the software performs all the necessary steps required before the terminal can
connect to a system. When the terminal is connected, the user can place phone calls and can access
to any services or applications provided by the system. In running phase, the terminal is fully driven
by the system using Alcatel Proprietary protocols: (Proprietary: UA Protocol)
6.2. Overview of IP-Touch phases

The starting phase is divided into 6 steps:
• (Step 0) software initialization,
• (Step 1) network initialization,
♦ Mac address checking
♦ Ethernet link initialization
• (Step 2) IP parameters acquisition and checking,
♦ checking of IP parameters in static mode, or
♦ acquisition and checking of IP parameters in dynamic mode thanks to a DHCP Server
• (Step 3) configuration file,
The configuration file step consists in downloading the lanpbx.cfg file. The request is
sent to the TFTP server address supplied by the user or obtained via DHCP. The
configuration file contains a list of systems addresses
• (Step 4) software updating
♦ checking if a different software version is available, and if necessary to download the new
binaries thanks to a TFTP Server
♦ flash the new downloaded binaries.
• (Step 5) start file.
The start file step consists in downloading and analyzing the startnoe file (which
contains the signaling UDP port the phone has to use).
During the starting phase, the user is notified on operation evolutions by displays on screen (see
Appendix 2: "ERROR MESSAGES IN STARTING PHASE").
6.3. Spatial redundancy

For any reasons, when the main call server goes down, terminals must be able to connect to a
redundant call server located in another subnet (spatial). The IP address of the redundant call server
can be entered via the LOCAL MMI (static mode) or given in the lanpbx.cfg file (dynamic mode).
Ed. 08 / 07 January 2011 13 TG0028

OmniPCX Enterprise
6.4. Survivability
The Backup signaling link feature is used to back up signaling between a Call Server and Media
Gateway. This service is designed to ensure limited phone operations on a remote Media Gateway
(connected by a WAN) in case of a failure of the IP network connecting the sites. Before R6.2 IP-
Touch should be declare in static mode, after R6.2 IP-Touch can be declared in dynamic mode.
Whether both Call Servers are out of order, the terminals must then be able to connect to the
rescued Media Gateway.
6.5. Running phase

The running phase starts as soon as the UA over UDP protocol port is opened (end of the starting
phase). The TELNET server is started a bit earlier, when IP addresses getting and checking has been
performed.
TG0028 14 Ed. 08 / 07 January 2011

OmniPCX Enterprise
7. DESCRIPTION OF THE IP-TOUCH INITIALIZATION PHASES
7.1. Special modes

During step 0 of the starting phase, some special combinations of up to 4 keyboard keys may be
pushed by user in order to switch terminal in a particular mode. The steps for switching to a special
mode are the following:
− power–off the terminal
− push the keys of the combination together (or one of them)
− power–on the terminal while key(s) are still pushed (or push the remaining keys of the
combination, in order to have all the keys of combination pushed)
− wait for a visual indication (all leds on) before releasing all the keys
The defined special modes are:
7.1.1. Industrial–Mode
This mode is reached using combination ’1 2 3 [i]’. In this mode, the terminal takes a predefined
Mac address and predefined IP configuration (IP address, router, subnet, ...).
The terminal must be reset to quit this mode.
In industrial mode, the set will only work in a specific sub network, and default IP address
− IP-Touch IP address: 192.168.1.1
− tftp address: 192.168.1.6
Nothing is to configure on the set, the address above are the default "industrial" addresses
Procedure:
− At first to configure your PC with address "192.168.1.6"
− Then start the IP-Touch in industrial mode:
• IP-Touch starts in industrial mode thanks to key (i 1 2 3)
• Use a crossed cable to connect your Set to the PC, or a HUB
• Now it is possible to make a telnet on the set
This mode could be interesting for example: to reset the flash or to run some other commands in
case the IP-Touch is locked.
7.1.2. Backup–Version–Mode
This mode is reached using combination ’1 3 8 [i]’. When put in this mode, terminal will switch to
the backup binary version in flash. This is the same as the "verswitch" command. When the keys
are released, if the switch was successful, the terminal resets and starts in normal mode.
This version will remain the current software version until the version is switched again or a new
version is downloaded.
The switch from a secured version to a non secured version is not authorized.
Ed. 08 / 07 January 2011 15 TG0028

OmniPCX Enterprise
7.2. Step 1: Network initialization

The network initialization step consists in:
− Mac address checking
− Ethernet link setup (LAN and PC ports). If not modified using the LOCAL MMI, auto-negotiation
is the default setting for both ports).
Note
Following power-up, the minimum time before the Ethernet link is established through auto-
negotiation is 2.8 seconds.
2.8 seconds correspond also to the time during which IP-Touch "PC Link" is down after:
− an IP-Touch Hardware Reset , or
− during IP-Touch binary download
TG0028 16 Ed. 08 / 07 January 2011

OmniPCX Enterprise
7.3. Step 2: IP parameters acquisition and checking
7.3.1. Acquisition
The IP parameters acquisition and checking step consists in:
− checking IP parameters when the terminal is configured in static mode
when the terminal is configured in static mode, IP parameters must be supplied by the user using
the LOCAL MMI. If supplied parameters are invalid, terminal loops in this step and displays an
error message until valid parameters are entered.
− acquisition and checking of IP parameters when the terminal is configured in dynamic mode
(which is the manufacturing default mode), IP parameters are acquired during this step using the
DHCP protocol.
Using the LOCAL MMI, the user can select two different modes: any-DHCP mode and
Alcatelonly mode (which takes into account only the offers from Alcatel DHCP servers).
During a DHCP standard initialization, when the terminal receives the DHCPACK message it
checks if IP parameters in this message (IP address of the terminal, router address, subnet
address, TFTP address #1 and VLAN-id) are different of those stored in the zone reserved for
DHCP configuration. If they are different the terminal stores them in flash but if not it continues
IP-Touch initialization with these parameters.
In the two previous modes (any-DHCP or Alcatel-only), the terminal follows the standard DHCP
initialization.
• Discover
• Offer
• Request
• Acknowledgment
IP parameters of DHCP zone can be seen in the local MMI during DHCP initialization.
If the DHCP initialization fails (the terminal doesn’t receive DHCPOFFER message in
SELECTING mode), the terminal passes in survivability mode.
Ed. 08 / 07 January 2011 17 TG0028

OmniPCX Enterprise
7.3.2. Acquisition in survivability mode

Before beginning the survivability mode, the terminal checks if a TFTP_backup address is stored in
flash (see Download and parsing section in STEP5). Without this address, the terminal cannot pass in
the survivability mode and is reset.
Once in survivability mode, the IP-Touch checks the validity of IP parameters stored in flash, in DHCP
zone. If IP parameters are valid, it checks if the IP address of the terminal, in DHCP zone, is
duplicate. If this IP address is not already used by another equipment, the terminal continues directly
its initialization with step 5 in survivability mode without intermediate steps.
In both cases, if IP parameters are not valid or if the IP address is duplicated, the software resets the
terminal.
7.3.3. DHCP mechanism
7.3.3.1. DHCP discover message processing

The IP-Touch sends a DHCPDISCOVER request with the aim of obtaining the following information
from a DHCP server present on the network:
• The IP address of the IP-Touch
• The sub-network mask
• The IP address of the gateway/router
• The IP address of the TFTP servers.
The DHCP server can be internal to the OmniPCX or external.
This message may be repeated 5 times in case of no response from any DHCP servers.
The set must make a request to renew its IP parameters when the lease time timers expire; if these
parameters cannot be renewed, the set resets.
It is essential that DHCP requests (broadcast messages) are resent by a relay DHCP server if
the IP set is not in the same sub-network as the DHCP server.
As soon as a response is received (DHCPOFFER message), the terminal stops sending

DHCPDISCOVER messages and starts waiting for 10 seconds until a maximum of 4 responses are
received or an AVA offer is received. These responses are stored in memory before they are
analyzed.
TG0028 18 Ed. 08 / 07 January 2011

OmniPCX Enterprise
7.3.4. DHCP Offer Message Processing

The DHCP server designated to process this request replies with the IP address of the IP-Touch and
the address of the next server (lanpbx.cfg Server).
Before broadcasting its DHCPREQUEST, the terminal must select one of the DHCPOFFER received
according to the DHCP mode selected by the user:
− "any–DHCP": DHCPOFFER from Alcatel DHCP servers are preferred (Vendor Specific Option). If
there are no DHCPOFFER from Alcatel servers, all DHCPOFFER are examined.
− "Alcatel–only": only DHCPOFFER from Alcatel DHCP servers are examined.
7.3.4.1. DHCP Request message processing

If there are 2, 3 or 4 validated DHCPOFFER,
− AVA DHCPOFFER have priority over Alcatel server DHCPOFFER and external server
DHCPOFFER,
− the one with highest lease time is selected and
a DHCPREQUEST is sent (broadcast).
7.3.4.2. DHCP Ack message processing

When the DHCPACK message is received, the DHCP procedure is complete.
7.3.4.3. Releasing
If the terminal decides to reset, for any other reason than a lease expiration, it will send a
DHCPRELEASE message (unicast) to the server.
Not more the case since R4.01 (since 3.71.00).
7.3.4.4. Standards conformance

As a DHCP client, the terminal conforms to RFC2131 and implements all mandatory items defined
in this RFC. The most important points are
• terminal uses its mac address as client identifier option (61)
• terminal uses "IP-Touch-aabbccddeeff" (where aabbccddeeff is the mac address
in hexadecimal) as host name option (12).
Ed. 08 / 07 January 2011 19 TG0028

OmniPCX Enterprise
7.3.5. AVA feature
7.3.5.1. Principle
AVA (Automatic VLAN Acquisition) is the preferred solution for assigning a VLAN (802.1Q) to a
terminal connected to a VLAN-enabled network. The mechanism involved by AVA is known as
"double-DHCP" because a first AVA enabled DHCPDISCOVER message is sent and then if an AVA-
enabled server respond to that request, a second "standard" DHCPDISCOVER is sent using the
acquired VLAN.
If a static VLAN is programmed (by the user using the LOCAL MMI), the first DHCPDISCOVER
message is sent on this VLAN.
Otherwise, the default VLAN is used (e.g. no VLAN).
The first DHCPDISCOVER message provides option 43 (vendor specific option) indicating that the
terminal supports the automatic VLAN feature. The second DHCPDISCOVER message doesn't
provide this option.
The VLAN menu from the LOCAL MMI is updated with the VLAN ID received using AVA.
TG0028 20 Ed. 08 / 07 January 2011

OmniPCX Enterprise
7.3.5.2. Procedure example
The first AVA DHCPDISCOVER message is sent. Only the AVA server and the Alcatel server receives
the message because they are (for the moment) on the same VLAN as the terminal.
Both servers respond but the AVA DHCPOFFER has priority over the Alcatel server DHCPOFFER.
The terminal sends a DHCPREQUEST to inform other DHCP servers that their DHCPOFFER (if
any) have not been selected. Once this REQUEST is acknowledged by the AVA server, the terminal
sends a RELEASE message to ensure the AVA server releases the IP address. Finally, the terminal
sends a second DHCPDISCOVER message on the acquired VLAN. Only the external server receives
the message and replies to the terminal.
If no AVA server responds to the first AVA DHCPDISCOVER, the normal DHCP procedure applies.
AVA DHCPOFFER have priority over Alcatel server DHCPOFFER and external server
DHCPOFFER.
7.3.5.3. For more details

For more details, please consult Technical Communication TC0601 Automatic VLAN Assignment
(AVA) – Implementation guide and restrictions, or the Technical documentation under DHCP
module.
Ed. 08 / 07 January 2011 21 TG0028

OmniPCX Enterprise
7.4. Step 3: lanpbx.cfg Configuration file
7.4.1. Overview
The configuration file step consists in downloading the lanpbx.cfg file. The configuration file is
downloaded using a TFTP READ request.
The configuration file, in ASCII format, contains one or more lines. Each line provides one or two
system addresses. The terminal selects the first line of the file. If there is no responds from the system
addresses, terminal will select second line, and so one. The associated addresses will be the
maincpu addresses of the terminal. These maincpu addresses are selected and flashed during step 5
7.4.2. Download
The lanpbx.cfg file is downloaded using:
− the TFTP address received in the DHCP response (next-server field) if dynamic initialization is
used or,
− one of the two TFTP addresses configured using the local MMI if static initialization is used. In
that case, and depending on addresses validity, the terminal can send up to two TFTP READ
requests in parallel. Only the first response is taken into account and if any, other running
transfers are aborted.
To take in account all failure cases, the two TFTP addresses must be configured in this order:
− TFTP address #1 = Call Server #1,
− TFTP address #2 = Call Server #2,:
7.4.3. File Location

When the IP-Touch starts up, it will try to load the lanpbx.cfg file that contains vital information
for the correct operation of the set. The lanpbx.cfg file is stored on the hard disk in the following
directory:
/usr3/mao or /DHS3data/mao
If the file does not exist on the disk, it is created in the memory after the TFTP process started.
The lanpbx.cfg can also be generated using "lanpbxbuild" command.
TG0028 22 Ed. 08 / 07 January 2011

OmniPCX Enterprise
7.4.4. File format

Lanpbx.cfg file format is like:
TYPE=<type> VERSION=<version> IP_DOWNLOAD=<ip> IP_DOWNLOAD_RD=<ip> BIN_DOWNLOAD=<ip> ...
Description
TYPE : possible values are ‘A4400’ or ‘A4200’ (not used)

VERSION : represents the UA over UDP protocol version
IP_DOWNLOAD : this is the IP address of the TFTP server to be used in step 4
(software download) and step 5 (start file download)
(main IP address of the CS)
IP_DOWNLOAD_RD : this is an optional (redundancy) IP address of the TFTP server
to be used in step4 and step5 with IP_DOWNLOAD
(main IP address of the backup CS in case of spatial redundancy
BIN_DOWNLOAD : this is an optional IP address of the external TFTP server to be used in
step4 instead of IP_DOWNLOAD and IP_DOWNLOAD_RD
PORT_DOWNLOAD : this is an optional field which represents an alternate port to be used
in step 4 and step 5 for any TFTP transfers
(the default TFTP port is 69)
CPU1 : physical IP address of the main CS
CPU2 : physical IP address of the stand-by CS
It is important to know that it is not mandatory to configure in the most case

BIN_DOWNLOAD field. BIN_DOWNLOAD is mandatory if the phone binary is provided by
an external TFTP server different from the one providing the lanpbx.cfg and startnoe files.
Wrong Configuration
Example of a wrong configuration: Assume a topology with Call Server Duplication, spatial
redundancy and several nodes, lanpbx.cfg could be look like as following:
TYPE=A4400 VERSION=1 IP_DOWNLOAD=10.1.1.3 IP_DOWNLOAD_RD=155.132.1.3 IP_CPU1=10.1.1.1 IP_CPU2=155.132.1.1

BIN_DOWNLOAD=10.1.1.3
As only last BIN_DOWNLOAD IP address information will be taking into account, (in the above case:
10.5.4.3), the IP Set connected to 10.1.1.3, will get the binary on 10.5.4.3. In the case that both
nodes do not have the same IP-Touch version, the IP-Touch will continually reset.
Good Configuration

Ed. 08 / 07 January 2011 23 TG0028

OmniPCX Enterprise
7.4.5. Secure mode

When the terminal runs in secure mode, some additional parameters are parsed in the lanpbx.cfg,
namely the IP_CPU parameters which indicate the CS physical addresses, and the IP_BT_CS
parameter which is used as an indicator that the CS is protected by a SSM. They also include the
parameter of a specific 'SECURITY' line which contains data allowing to verify the digital signature on
this file. Details about these parameters can be found on BPWS under: "IP-Touch Security".
In secure mode, the lanpbx is accepted only if the signature can be successfully verified by the
terminal. If the signature check fails, the flashed parameters are taken into account
7.4.6. Download/Parsing
If the configuration file cannot be downloaded after all TFTP retries, the terminal checks if a maincpu
address is stored in flash. If yes, the terminal continues with step 4 (software updating) or step 5
(start file). If no, the terminal is restarted
If maincpu addresses are different in lanpbx.cfg file than in flash (order of IP_DOWNLOAD and
IP_DOWNLOAD_RD addresses is not important), terminal erases maincpu addresses in flash.
These addresses will be flash when startnoe file will be downloaded successfully in step5.
Take into account the moving of maincpu with survivability feature, TFTP_backup address is
also erased when lanpbx.cfg file is downloaded successfully.
TG0028 24 Ed. 08 / 07 January 2011

OmniPCX Enterprise
7.5. Step 4: Software downloading and updating
7.5.1. Code and data binaries

The binaries used are:
− "binnoeip" for IP-Touch terminals used up to version 1.17.01.
− From release 1.17.01 to 1.xx.xx, IP-Touch works, for C terminals with binaries "bin4038", or for
D terminal "bin4068" following IP-Touch kind.
− Since release 2.xx.xx, software delivery is composed of two binaries: a code binary and a data
(or resources) binary (melodies/beeps, icons, fonts and images). Depending on the terminal
model, the binaries requested by the terminal are the following:
• bin4018 and dat4018 are requested by 4018 terminals (1)
(1) bin4018 and dat4018 exist are real files on the Call Server file system
(2) bin4028, bin4038 and bin4068 are symbolic links to a unique file: bin40x8
dat4028, dat4038 and dat4068 are symbolic links to a unique file: dat40x8
The binaries for the IP-TOUCH are stored on the hard disk of the Alcatel in the following directory
(depending on the OXE Release in):
• /usr2/downbin/
• /usr2/downbin/standard
• /usr2/downbin/secu
The OXE TFTP server will look for the files in this directory. The /usr2/downbin/ will contain the
real files or the symbolic links.
The phone first asks for the binary header (small part of the whole binary containing the binary
version) in order to check if the version is different that the one which is running.
Ed. 08 / 07 January 2011 25 TG0028

OmniPCX Enterprise
7.5.2. Fast-init
The first message transmitted to the call server provides, among other information, the version
number of the running code binary and the version number of the data binary.
These numbers are checked by the call server to determine if zero, one or two binaries have to be
downloaded.
The init_mode parameter stored in FLASH memory is used by the terminal software to find which
binaries must be updated during step 4 of the terminal initialization:
init_mode =
• UPDATE_NONE (=0)
terminal goes directly to step 5 (start file) since nothing needs to be downloaded
• UPDATE_CODE (=1) or UPDATE_DATA (=2)
♦ check if a different code or data binary version is available,
♦ download the new code or data binary,
♦ flash the new downloaded binary,
♦ change the init_mode parameter from UPDATE_CODE/UPDATE_DATA to UPDATE_NONE
and
♦ restart the terminal.
• UPDATE_CODE_DATA (=3)
♦ check if a different code binary version is available,
♦ download the new code binary,
♦ change the init_mode parameter from UPDATE_CODE_DATA to UPDATE_DATA,
♦ check if a different data binary version is available,
♦ download the new data binary,
♦ change the init_mode parameter from UPDATE_DATA to UPDATE_NONE and
♦ restart the terminal.
init_mode can be controlled using embedded IP-Touch command: "dwlmethod"
Immediately after the UA/UDP link is established (CONNECT message), the init_mode
parameter is set to UPDATE_ALWAYS (default value) which is the same as
UPDATE_CODE_DATA except that after a binary has been downloaded and flashed (code or
data), the terminal doesn't modify the init_mode parameter.
A fast-init capable call server must then configure init_mode to UPDATE_NONE in order to
enable the fast-init mechanism on the terminal side.
Reception of this message doesn't reset the terminal. This message can be send at any moment once
the UA/UDP link is established.
TG0028 26 Ed. 08 / 07 January 2011

OmniPCX Enterprise
This message is ignored for IP-Touch version 1.xx.xx terminals since the fast-init feature is not
supported in these releases. This message is also ignored for TSCIPv1S, IPPhoneV2 terminal
The solution to authorize code and data update for an IP-Phone can be managed under
Users -> Tcp IP Users
Ed. 08 / 07 January 2011 27 TG0028

OmniPCX Enterprise
7.5.3. Binary download and flashing

A binary (code or data) download is performed using TFTP READ requests sent in parallel to
− all flashed maincpu addresses if the lanpbx.cfg file was not downloaded during step 3 or
− the first IP_DOWNLOAD/IP_DOWNLOAD_RD addresses found in the lanpbx.cfg file if there
is no maincpu address stored in flash. (or last BIN_DOWNLOAD address found)
A first special TFTP READ request is sent to download only the binary header in order to check if a
whole downloading is required or not. This header contains information like the binary size, the
software version number, the production date, a checksum, etc.
If the terminal finds that the downloaded version number is different from the running one and if the
new binary is compatible with the hardware/software, the entire binary file is downloaded
If the entire binary file cannot be downloaded after all TFTP retries (5 requests / 5 seconds between
2 requests), an error code is returned to the application (no tftp response) and the terminal continues
with step 5 (start file).
7.5.4. Binary download and flashing
7.5.4.1. Code
After a checksum test on the downloaded binary, the new code binary is flashed: it replaces the not–
running binary of the two binaries stored in FLASH memory.
7.5.4.2. Data
After a checksum test on the downloaded binary, the new data binary is flashed: the old data binary
is replaced. If a problem occurs during the flashing procedure, an error code is returned to the
application and the terminal is restarted.
Then the phone resets and runs the new downloaded binaries.
TG0028 28 Ed. 08 / 07 January 2011

OmniPCX Enterprise
7.5.5. TFTP server limitation

Depending on the Call Server type:
• Appliance or
• Common Hardware CS
and thanks to the Fast-Init mechanism, IP-Touch Binary/Data download is much more faster than on
the previous Releases.
The principle is following:
Each IP-Touch being in "init_mode=none". Before to update a range of sets, the Call Server will
configure these IP-Touches in "init_mode=Always", and then reset theses IP-Touches. Meaning that
only these chosen IP-Touch will be updated.
For an Appliance Server:
• Range = 80 IP-Touch each one per 500 ms: one download is started every 500ms and there
could be 80 in parallel.
For a Call Server
• Range = 20 IP-Touch each one per 500 ms: one download is started every 500ms and there
could be 20 in parallel.
This range can be reduced thanks to parameter:
IP -> INTIP/IP Parameters -> Context number for TFTP Download
Context number for TFTP download = This attribute indicates the number of downloads
possible in parallel by the tftp server: It is a percentage of the maximum value. Minimum value is
10%.
The tftp_check –c command gives the state of the download
============================== IP phones state ================================
Total Ip phone number : 6
In service : 5 Out of service : 1
============================== IP phones types =================================

V1 V1S V2 IPTOUCH A(4018) IPTOUCH B(4028) IPTOUCH C(4038) IPTOUCH D(4068)
0 0 3 0 0 3 0 0 0
================== In service IP phones version state =========================

Code : Good version : 5 Bad version : 0
Data : Good version : 3 Bad version : 0
Localization : Good version : 3 Bad version : 0
Customization : Good version : 3 Bad version : 0
======================= IP phones tftp init state =============================

Idle : 6 Locked : 0
Update eval. requested : 0 Update is on going : 0
Ed. 08 / 07 January 2011 29 TG0028

OmniPCX Enterprise
7.6. Step 5: start file

The start file step consists in downloading and analyzing the startnoe-aabbccddeeff file (where
aabbccddeeff is the terminal mac address in hexadecimal).
In secure mode the requested file is startnoes-aabbccddeeff.
7.6.1. Format
The start file provides the UDP port number the terminal must open before receiving NOE messages
using the UA/UDP transport protocol. The start file format is the following:
UDP_PORT_SIG=x<CR>
Description
UDP_PORT_SIG: the UDP port number to open (value must be between 0 and 65535)
Secure mode
An additional UDP_PORT_SIG_CRYPT parameter is included in the file if the protection of the
VoIP flows is to be used. This port will then be used by the terminal to listen to the Signaling
traffic.
TG0028 30 Ed. 08 / 07 January 2011

OmniPCX Enterprise
7.6.2. Download and parsing

The start file is downloaded using TFTP READ requests sent in parallel to all valid maincpu addresses
(IP_DOWNLOAD and IP_DOWNLOAD_RD). Only the first response is taken into account and, if
any, other transfers are aborted.
• brand new set (or no maincpu addresses)
o During it's first run, the terminal has no maincpu addresses flashed
(255.255.255.255). The terminal must then read the lanpbx.cfg file (downloaded
during step 3), and should try each IP_DOWNLOAD and IP_DOWNLOAD_RD
addresses of the file as long as the start file is not downloaded or all addresses have
been tested. If the start file is downloaded and parsed without errors, the terminal
memorizes in flash the successful IP_DOWNLOAD and IP_DOWNLOAD_RD
addresses of the corresponding lines in the lanpbx.cfg file: these addresses
become the maincpu addresses of the terminal. If all addresses have been tested
without success, the terminal is reset.
• second run (or with maincpu address)

o If the lanpbx.cfg file was downloaded during step 3 and if the maincpu addresses
stored in flash are listed in the file, the terminal tries to download the start file using
these addresses. If one of the maincpu addresses is not listed in the file, the terminal
erases the value stored in flash and behaves as a brand new set
o If the lanpbx.cfg file was not downloaded during step 3, the terminal tries to
download the start file using the two maincpu addresses stored in flash. In both
cases, if the file contains an error, the terminal is restarted. But if the download of the
start file fails, the terminal enters in survivability mode.
• survivability mode
o The terminal tries to download the start file using the Media-Gateway (or Passiv Call
Server) address stored in flash (TFTP_backup address). When the terminal receives
the start file, this address is not stored in flash as the maincpu. If this download fails,
the terminal resets. The TFTP_backup address (generally the Media gateway address)
is received after the reception of CONNECT message. The terminal flashes this
TFTP_backup address only if it is different of that in flash.
This TFTP_backup address is read-only in the local MMI
There are 2 criteria to be in survivability mode:

• DHCP procedure fails. The terminal uses IP parameters of the previous lease and
downloads directly the start file from the TFTP_backup address (without attempts on
maincpu addresses).
• Failure to download start file on maincpu addresses. The terminal performs a correct
initialization until the step 5. If it cannot download the start file from maincpu addresses
stored in flash or in lanpbx.cfg file, it downloads this file from TFTP_backup address
(generally the Media-Gateway or the Passive Call Server address).
Ed. 08 / 07 January 2011 31 TG0028

OmniPCX Enterprise
7.6.3. Redirection
The maincpu addresses can be modified if the terminal receives a REDIRECT message. This implies
that in a networked environment (many CPUs are listed in lanpbx.cfg file)
With spatial redundancy, REDIRECT message contains 2 valid maincpu IP addresses (maincpu and
maincpu_rd). When the terminal receives REDIRECT message, it erases TFTP_backup, maincpu and
maincpu_rd addresses.
Without spatial redundancy, REDIRECT message contains only 1 maincpu address. When the
terminal receives REDIRECT message, it erases TFTP_backup, maincpu addresses and puts
maincpu_rd address at 255.255.255.255.
7.6.4. CONNECT timeout
When the start file is downloaded and if a CONNECT message is not received after 10
seconds, the startfile is downloaded again. If the CONNECT has not been received after 10
such attempts, the terminal is restarted.
Modification since 3.80.40:
In case of failed connection, step5 loops 15 times and waits 30 seconds between each loop.
TG0028 32 Ed. 08 / 07 January 2011

OmniPCX Enterprise
7.7. Connect Message
7.7.1. Overview
After TFTP exchange, the "Signaling Board" takes always initiative for connection establishment. The
link is established only when both sides of the connection have sent a CONNECT message and
received a CONNECT ACKNOWLEDGE message. Both sides have to wait until the end of this
exchange before sending data.
"Signaling Link Board" initiates the first connect exchange.
Example
Ed. 08 / 07 January 2011 33 TG0028

OmniPCX Enterprise
7.7.2. Super Fast Connect

From software terminal version 3.71.00, the number of CONNECT messages fall from 4 messages
to 1 message. This mechanism is controlled from Call Server see "Connect Message Definition"
below. It means that the terminal succeeds to establish signalization when it receives the CONNECT
message from the Signaling Board.
7.7.3. Connect Message definition
VERSION: Protocol version, current version is 1.

WINDOW_SIZE: As handled by the sender of the message IP terminals always use a
window size of 1 for transmit and they do not adapt to a larger window even if the dhs
allows more than 1.
MTU: Ignored.
UDP_LOST: Unit is second. Optional. Default value is 10 seconds. Setting to 0 is silently
modified to setting to default value.
UDP_LOST_REINIT: Unit is second. Optional. Default value is 20 seconds. Setting to 0 is
silently modified to setting to default value.
UDP_KEEPALIVE: Unit is second. Optional. In the IP phone, this value is only used as a
boolean to indicate if the set has to monitor link activity or not. A value of 0 means no
monitoring and puts the set in the so called ’remote worker’ mode. Default value in the
IP-Touch Phone is same as TRUE.
QOS_IP_TOS (optional) specific to signalization link. Optional. Default value is 0.
QOS_8021_VLID: Default VLAN for all ethernet frames sent by the IP-Touch Phone.
Optional: missing element is the same as using VLAN programmed in MMI. An invalid
VLAN value (> 4095) stops tagging.
QOS_8021_PRI specific to signalization link. Optional. Default value is no priority
tagging on signalization.
Super Fast Connect If the value of this attribute is 0x01, the Super Fast Connect
mechanism is activated. Default is disabled (0x00). This parameter is optional.
IP-Touch UDP_LOST= UDP_Keep_Alive(mgr) + UDP_LOST(mgr)
TG0028 34 Ed. 08 / 07 January 2011

OmniPCX Enterprise
7.7.4. Release connection

Both Call Server and IP-Touch Phone can take initiative for disconnection. The connection is
considered as closed once the RELEASE_ACK has been received.
7.8. Follows-up
Before the Keep alive mechanism, there are some other messages which are exchanged between
OXE and IP-Touch, which are not necessarily detailed in this troubleshooting Guide. Refer also to
section 7.10 .
Ed. 08 / 07 January 2011 35 TG0028

OmniPCX Enterprise
7.9. Keep Alive mechanism
7.9.1. Mechanism
KEEPALIVE is emitted regularly (using UDP_KEEPALIVE timer) when there is no traffic in order to
detect a network link–down failure. "Signaling link Board" takes initiative for KEEPALIVE packet
exchange. IP-Touch has only to acknowledge with a KEEPALIVE_ACK.
This timer is started each time a packet is received. The expiration of this timer means that no
KEEPALIVE has been received because the network link is down between "Signaling link Board" and
IP-Touch Phone.
Once network failure has been detected, UDP_LOST_REINIT timer is launched. Then IP terminal
waits for a new signaling link to be established by system. If no connection request has been
received after UDP_LOST_REINIT timer expiration, IP terminal will reset immediately.
The next figures shows in detail the mechanism which is used for the KeepAlive mechanism.
What we can also observe is in that after UdpKeepalive time, the CS will send periodically (each 3
sec) a KeepAlive to the terminal, then after 3 times without Acknowledgment, CS will send a Connect
each second.
A connection is considered as lost if no packet has been received after UDP_LOST timer expiration.
TG0028 36 Ed. 08 / 07 January 2011

OmniPCX Enterprise
When changing the KeepAlive parameters on the system don’t forget to reset the IP-Touch.
Below the KeepAlive parameters in mgr (QOS is linked to a domain number)
IP-Touch UDP_LOST= UDP_Keep_Alive(mgr) + UDP_LOST(mgr)
7.9.2. Disabling the Keepalive mechanism

The system can disable the keepalive mechanism. In that case no keepalive message will be
exchanged.
This is configured by setting the following parameter
IP -> IP Quality of service COS -> UDP Keep-Alive to 0
In this case, IP terminals will be unable to detect a network failure if there is no activity on
"Signaling Link Board". Moreover, if a new binary is present on the Call Server, the IP-Touch
will not automatically download that new binary.
Therefore, it is recommended to let this parameter unchanged.
Ed. 08 / 07 January 2011 37 TG0028

OmniPCX Enterprise
7.10. Data exchange
7.10.1.Principle
Either DATA packet emitted by OXE or IP terminals contains a sequence number that is used to
acknowledge the packet.
If no ACK is received, the DATA packet is re–emitted after 200 ms (first occurrence), then with a
periodicity of 1 second. The connection is considered as released after UDP_LOST timer expiration.
ACK packet is a DATA packet without data (only sequence numbers are significant). ACK packet
must not be acknowledged.
The protocol also supports acknowledge by DATA packet. An acknowledgement of the last received
DATA packet (expected sequence number) may be integrated in current DATA packet.
TG0028 38 Ed. 08 / 07 January 2011

OmniPCX Enterprise
Example:
Ed. 08 / 07 January 2011 39 TG0028

OmniPCX Enterprise
7.10.2.Advanced data exchange

"Signaling Link Board" has a window to anticipate DATA packet transmission (several packets may
be sent before the acknowledgement receipt).
IP terminal has no window but it has to test the sequence number of incoming packets in order to
send a NACK on receipt of a DATA packet with a bad sequence number. The NACK packet then
contains the expected DATA packet sequence number. All received DATA packets with a wrong
sequence number are discarded and no more NACK packet must be sent by IP-Touch Phone.
On reception of a NACK packet, Call Server re–sends all DATA packets since negative
acknowledgement sequence number.
TG0028 40 Ed. 08 / 07 January 2011

OmniPCX Enterprise
7.11. RTP packets voice payload format

G.711, G.723.1 or G.729A frames may be concatenated inside RTP packets.
Frame duration: G.711 = 5ms, G.729 = 10ms, G.723 = 30ms.
Payload can be shorter than maximum duration due to voice activity detection mechanism (VAD).
Silence Descriptor frame (SID) is concatenated at the end of the current RTP packet and then the
packet is emitted.
Example of payload concatenation with VAD
Example of ethereal RTP Payload
Ed. 08 / 07 January 2011 41 TG0028

OmniPCX Enterprise
8. IP-TOUCH AND IP PHONE INITIALIZATION AND DOWNLOAD

TEST
The tests have been carried out on three CPU types:
− OmniPCX 4400 (CPU7 and CPU5)
− Call server OXE
− Appliance server
The tests consisted in:
− measure of initialization time of IP-Touch sets on large configuration
− measure of download duration of IP-Touch sets on large configuration
TG0028 42 Ed. 08 / 07 January 2011

OmniPCX Enterprise
9. POWER CLASSIFICATION
9.1. IEEE Recommendation and IP-Touch classification

In an IEEE 802.3af environment, power of up to 15.4 Watts is available at the power source
equipments (LAN Switch port). Be able to classify power devices helps to minimize building over
capacity in the power source equipments, and ultimately extends the number of power devices
supported.
The IP-Touch Power Classification corresponds to Class 2 meaning a range between 3.84 and 6.49.
9.2. Consumption Details
9.2.1. Fast Edition range
• IP-Touch 4008 Phone model

The maximum consumption for IP-Touch A is calculated with:
LAN 10/100 + PC 100 + Led + communication Handset + Audio Handsfree
= 3.68 W

The maximum consumption for IP B is calculated with:
LAN 10/100 + PC 100 + Led + Communication Handset + Audio Handsfree + AOM
Electronic
= 4.04 W

The maximum consumption for IP C is calculated with:
Electronic
= 4.05 W

The maximum consumption for IP D corded is calculated with:
Electronic + Back Light
= 4.82 W
The maximum consumption for IP D Bluetooth is calculated with:
LAN10/100 + PC100 + Led + Communication Handset + Audio Handsfree + AOM Electronic
+ Back Light + Load Bluetooth
= 5.7 W
Ed. 08 / 07 January 2011 43 TG0028

OmniPCX Enterprise
9.2.2. Extended Edition range
IP Touch 4008 EE IP Touch 4018 EE IP Touch IP Touch 4068 EE IP Touch 4068 EE

4038&4028 EE with new LCD
module from
Wintek
Backlight is on x x
Bluetooth handset is
x x
loading
LAN Ethernet link is
connected (1000 x x x x x
Mps)
PC Ethernet link is
connected (1000 x x x x x
Mps)
Three electronic
add-on are x x x
connected
The set is ringing at
x x x x
maximum volume
Power over Ethernet
3.24 3.64 4.8 6.4 5.47
(W)
10. 802.1x
See Appendix 0.
TG0028 44 Ed. 08 / 07 January 2011

OmniPCX Enterprise
11. TROUBLESHOOTING IP-TOUCH ISSUES

This section gives hints for troubleshooting IP-Touch issues. Refer also to the FAQ section for some
common issues.
11.1. Troubleshooting initialization/restarting issues

− Check the IP-Touch Ethernet configuration and switch configuration on data network side.
• Ethernet configuration (Full/Half duplex : 10 Mb/s 100 Mb/s)
− Check the presence and configuration of the lanpbx.cfg file at OXE level.
− Check the coherency of the VLAN configuration (terminal VLAN Number) in the network.
− Check the IP configuration (router address, TFTP address, etc.); the precise cause is displayed on
the screen of the IP-Touch.
− Check that there are no IP duplicated addresses; in that case a message "duplicate IP" can be
recorded in the IP-Touch accessible through the defence command (see Appendix 4 and 5).
− Check the IP connectivity in the data network by using commands like ping, traceroute etc. (see
Appendix 4); check the configuration of the "default gateway" on the IP-Touch.
− Check the DHCP server accessibility; when there are several DHCP servers for example, it might
be a wrong DHCP server which answers; or for example, the DHCP server might in a VLAN
which is not accessible by the IP-Touch.
− Check the IP-Touch status with the ippstat command.
− Check the cause of reset of the IP-Touch with the embedded defence command (see Appendix
4).
− Run a sniffer trace (see Appendix 6) and check the initialization steps with the description made
in the section 7.
− Run a tcpdump trace on Call Server.
− Run a Syslog trace.
11.2. Troubleshooting IP-Touch reset issues

− Check the reason of the reset with the embedded IP-Touch defence command (see Appendix
4) or system incident 426.
− Check that there are no IP duplicated addresses (for example, an other set starts with the same
IP address ); in that case a message "duplicate IP" can be recorded in the IP-Touch accessible
through the defence command (see Appendix 4 and 5).
− Check if DHCP process is running.
− If the cause is "UAUDP_LOST_CONNECT", the signaling link with the Call Server has been lost
due to loss of UA Keepalive messages:
• Check the OXE configuration of the UDP_Keep_Alive DHCP and UDP_Lost parameters.
• Check with a sniffer that there is no broadcast issue on the data network; check also that are
no incidents relative to broadcast at Call Server level.
Ed. 08 / 07 January 2011 45 TG0028

OmniPCX Enterprise
• Check the spanning tree configuration in the data network; path reconstruction might take
some time and not let enough time to re-establish the signaling link with the CS.
• Check the data network with AVISO; loss of IP-Phones due to issues in the data network can
be very efficiently pointed out with that tool and definitely exclude the Call Server.
− If the cause is "DHCPC_LEASE_EXPIRATION", check the DHCP server (server accessibility, IP
addresses available, etc.);
− Run a tcpdump trace on Call Server.
11.3. Troubleshooting one-way communications issues (or no audio at all)

Note: For voice quality issues, please refer to the Troubleshooting Guide No 2.
− Check that the "RTP direct" configuration at OXE level is consistency over the whole IP-PBX
network.
− Check the configuration of the "default gateway" on the IP-Touch.
− Check the data connectivity which might be ok in one direction but not in the other direction; for
example routing issue or UDP filtering by a firewall in one direction.
− In the OXE QoS Tickets (ipview commands), check the number of packets sent/received.
− Make a sniffer trace with Ethereal and check the RTP packets, their size, whether are sent in both
directions to localize the issue.
− From concerned IP-Touch, run a ping or a trace route, to be sure that all involved equipments
have their default gateway properly configured.
11.4. Troubleshooting audio volume issues

− Check the audio volume level on call server; at maximum levels, saturations or double-talk
issues might be encountered.
− Check the gain configuration in the OXE, normally default values should be used except for
specific situations:
• at INTIP/GD gateway level, parameter IP->IP Phone parameters-> Volume in db for IP-
Phones,
• at IP-Touch level, parameter Alcatel 8&9 Series-> Alcatel 8&9 Set Audio
Parameters -> Sending Audio Paths-> Analog Send Gain and Digital
Send Gain.
− Check the jitter and packet loss on the data network, which could explain lower audio level
because of packet interpolations.
11.5. Troubleshooting registration issues

− Check the configuration of the IP-Touch by "ippstat".
− Erase the MAC address in mgr -> User and perform a new registration.
− If case of a network of several IP-PBXs, check the lanpbx.cfg configuration (must contain CS IP
address of all the nodes).
TG0028 46 Ed. 08 / 07 January 2011

OmniPCX Enterprise
11.6. Troubleshooting other issues

− Check the MTU size across the data network. In fact, to download a new binary, the packet size
must be set to 1428 bytes. This can be checked thanks to ping command on Call Server under
root
ping 172.25.32.55 -s 1428
Ed. 08 / 07 January 2011 47 TG0028

OmniPCX Enterprise
12. FREQUENTLY ASKED QUESTIONS

The goal of this chapter is to give some quick recipes and tricks to resolve some common issues.
12.1. MPLS
Ethernet is based on the principle that the Max Size of an Ethernet frame = 1518 Bytes. Meaning
that in normal transmission, without 802.1q, MPLS, ... the maximum size of an IP Packet = 1500
Bytes.
Meaning also that when the device wants to add some supplementary information like: VLAN,
PPPoE, the device has to decrease the IP Packet size.
Example: When a Thales Box sends a Packet of supposing 1500 Bytes, and that there's a router
which wants to add some headers like MPLS-Label, resulting that the Ethernet Frame size could
exceed 1518 Bytes, and that fragmentation is not allowed (case on a Call Server), the router should
inform the equipment thanks to an ICMP, that the IP Packet size is too large.
When this situation happens, Thales box will decrease the IP Packet size.
Now come to MPLS.
Following next figure, we see that MPLS, should be transparent for an IP Packet, except there is a
problem of packet size. Note also that MPLS Label = 4 Bytes. Meaning that in the major case where
frame size = 1510 bytes, 1510 + 4 = 1514 < 1518.
So there is no a problem for frame size (== 1510)
With the Label Size for Ethernet:
TG0028 48 Ed. 08 / 07 January 2011

OmniPCX Enterprise
12.2. Handsfree principle

Below you will find a basic explanation of the Handsfree principle.
Let a communication be established between two sets, one in Handsfree mode, the latter in Handset
mode.
If no voice treatment is done by set B, the set A user hears its own voice signal as an echo. The user
A talker echo loudness rating (TELR) shall reach a minimum value to avoid echo sensation, this value
varying as a function of transmitting delay as described in G131 recommendation. (See figure
below).
G131
To fulfill TERL attenuation, there are two mechanisms which are mainly used:
Ed. 08 / 07 January 2011 49 TG0028

OmniPCX Enterprise
Set B
− Gain switching ATTR (Attenuation in Reception) and ATTS (Attenuation in Transmission) modules
which decrease respectively the receiving and the sending paths. (This mechanism
corresponding, relative to an acoustic point of view, to a Half Duplex mode)
− Echo canceller with adaptive filter (mathematical based model) consisting to subtract the
loudspeaker signal captured by the microphone (from Speaker A) without to subtract the signal
from the local speaker (Speaker B). The constraint which has to be respected with an adaptive
filter is to run the filter coefficient adaptation only in reception state and not in Double Talk state.
(This mechanism corresponding, relative to an acoustic point of view, to a Full Duplex mode).
Relative to the TERL attenuation which has to be applied in an IP environment, it is not possible to
treat the echo only with Adaptive Filters.
Depending on the parameters like:
− Loud Speaker level
− Big / Small rooms
− Room reflection
− Use of the Handsfree
− Etc.
It is mandatory to add a Gain Switching attenuation. It is also important to know that the Gain
Switching will also decrease or increase relative to the performance of the Adaptive Filter.
It is a state machine inside Handsfree algorithm which has to decide the repartition between Gain
Switching and Adaptive Filter to reach the TERL constraint.
Relative to this concept, the Alcatel IP Phone's Hands-frees (e-reflex or IP Touch) have been
developed to work as much as possible in Full-Duplex mode, this is done until a specific Handsfree
level and, as said, the level is depending on the environment in which the Handsfree is used
(Big/Small Rooms, Room reflections). But after this Handsfree level, Half-duplex mode will slowly
enter in action, meaning that the Handsfree will work in a range where we will find a certain
percentage of Full duplex and a certain percentage of Half-Duplex.
TG0028 50 Ed. 08 / 07 January 2011

OmniPCX Enterprise
The difference between Alcatel IP Touch and Alcatel e-reflex concerns especially the state machine. IP
Touch state machine is smarter and works differently than IP Phone state machine. IP Touch will take
better decision between Reception and Double Talk state, and so adaptive filter will converge faster,
and so IP Touch Handsfree will work more in a Full-Duplex mode. Attenuation from Gain Switching
module will be lower, this will then give a better feeling of a full duplex behavior in strong condition
because the switching between Reception and emission will be more smooth.
Ed. 08 / 07 January 2011 51 TG0028

OmniPCX Enterprise
12.3. Power Over Ethernet 802.3af

Question:
How can I get Power Over Ethernet or IP-Touch Class on POE Cisco switch?
Answer:
Switch>show power inline
Available:370.0(w) Used:61.6(w) Remaining:308.4(w)
Interface Admin Oper Power Device Class

(Watts)
---------- ----- ---------- ------- ------------------- ----------
Fa0/8 auto off 0.0 n/a n/a
Fa0/9 auto on 15.4 Ieee PD Class 0
Fa0/10 auto off 0.0 n/a n/a
Fa0/11 auto on 15.4 Ieee PD Class 2
Question:
Why my IP-Touch is in Class 3?
Answer:
This is depending on the serial number of your IP-Touch. Around may 2004, IP-Touch classes
evolved from Class 3 to Class 2. Serial number (or hard) can be found using the IP-Touch telnet
and with command id;
#id#
soft 1.29.03
boot 1.00.10
hard 3GV23014ACCA040416
range IP
type C
linkdate Mon Oct 11 17:33:59 MEST 2004.
Question:
Power Over Ethernet doesn’t work on my PoE Switch.
Answer:
Your Ethernet Interface is perhaps not configured to accept inline power:
(case of Cisco switch)
Switch#configure terminal
Switch(config)#interface fastEthernet 0/1
Switch(config-if)#power inline ?
auto Automatically detect and power inline devices
never Never apply inline power
TG0028 52 Ed. 08 / 07 January 2011

OmniPCX Enterprise
12.4. VAD
Question:
On an IP-Touch (or e-Reflex), I can observe during silence phase (nobody speaks) an audio level
attenuation, as if the distant user had been lost.
Answer:
When G.711 codec is used, this is probably due to the activation of VAD. Deactivate the VAD,
and check if this behavior is still present.
12.5. Control IP-Touch

Question:
How can I see some information, and can control (example reset) my IP-Touch from the OXE?
Answer:
termstat d <directory number>
12.6. "No Ethernet Link" message

Question:
An e-reflexe IP Phone has been replaced with and IP-Touch, and now we observe that this new
terminal doesn’t start correctly, and stops on "No Ethernet Link" message.
Answer:
A possible explanation can be due to the Jack/Plug contact difference between IP-Touch and e-
reflex. In fact when we insert the plug with a lateral push, then Ethernet link is not present on the
IP-Touch, but works on the e-reflex. This is due to the fact that the jack connector pin on e-
reflexes is build with a cylindrical section. The cylindrical section won’t stripe the plastic guide as
the square section in the IP-Touch phone.
Ed. 08 / 07 January 2011 53 TG0028

OmniPCX Enterprise
12.7. IP-Touch Switch behavior during the IP-Touch reset

Information
Below we show the status concerning the PC Ethernet link behind an IP-Touch terminal.
From release 1.56.01 and 2.54.03 the software will manage the PC Ethernet link with the
following rules:
Before release From release

1.56.01/2.54.03 1.56.01/2.54.03
IP-Touch terminal reset requested by the Break of PC Ethernet link No break of PC Ethernet link
Call server
IP-Touch terminal : Ethernet Lan link Break of PC Ethernet link No break of PC Ethernet link
lost or IP link lost or IP configuration
defect
Signaling link lost with Call Server Break of PC Ethernet link No break of PC Ethernet link
After software files (software, data) Break of PC Ethernet link No break during the
downloading inside the terminal IP- downloading
Touch the terminal makes a full reset to +
be able to reconfigure all the terminal Break of PC Ethernet link during
including the ethernet links. 2.8 seconds during the
initialization
Power of the terminal removal Break of PC Ethernet Link Break of the PC Ethernet Link
TG0028 54 Ed. 08 / 07 January 2011

OmniPCX Enterprise
12.8. IP-Touch doesn’t start and stays in "connect" phase

Question:
My IP-Touch stays in "connect" phase.
Answer:
The "Connect" hand Checking mechanism is following:
• Step 1: "Call Handling" will sent a connection message to the "IP Link Board " (From this time
Call Handling will initialize a counter.
• Step 2: At the moment that the "IP Link Board" will receive this message, it will send a
"Connect" to IP-Touch.
• Step 3: When IP-Touch receive "Connect", It answers with "Connect Ack".
• Step 4: Finally, when "IP Link Board" receives the "Connect Ack", it will send a message to
"Call Handling".
By default, the maximum delay between Step 1 and Step 4 are programmed in the system timer
271 to value 10, corresponding to 10x100ms = 1 second.
In the case the Call handling doesn’t receive any answer before the end of this timer, it will send
a message to "IP Link board" to indicate that the terminal is not reachable, and the mechanism
restarts.
This timer 271 parameter can be increased in case of long delays on the data network.
Ed. 08 / 07 January 2011 55 TG0028

OmniPCX Enterprise
12.9. Upgrade IP-Touch version

Question:
My IP-Touch refuses to be upgraded with a new binary version.
Answer:
There are some IP-Touch version migration which are not allowed.
----> To ≥ 1.17.01 ≥ 1.28.00 ≥ 2.00.00

≥ 2.03.00
From < 1.28.00 < 2.00.00 < 2.03.00
≥ 1.17.01
OK OK OK NOK
< 1.28.00
≥ 1.28.00
NOK OK NOK OK
< 2.00.00
≥ 2.00.00
OK OK OK NOK
< 2.03.00
≥ 2.03.00 NOK OK NOK OK
My 4038 IP-Touch has version 1.17.01, and the binary: bin4038 on OXE has version 2.13.00.
In this case this version will not been downloaded in one time. I have at first to download an
intermediate version, for our example we will choose intermediate version 1.55.03, and after
that we can then upgrade, following above table, to version 2.13.00.
Consult the Technical Communication TC0663 IP Touch does not restart after upgrading of
new versions dealing with "IP-Touch sets do not restart after upgrade to new versions";
12.10.Jitter buffer size

Question:
What is the maximum size of the jitter buffer? How does it work?
Answer:
High levels of jitter are not acceptable for applications running in real time. This results in signal
distortion, requiring the introduction of additional delays necessary for packet re-assembly.
IP-Touch uses a dynamic buffer of 12 packets maximum. Dynamic means that the jitter buffer
size will be decreased whenever the network conditions allow it, keeping it to the lowest possible
value, if possible.
The jitter buffer has been designed in the way to react very quickly to delayed packets that the
phone can receive. So if only one packet is received with more delay than expected, they will
increase the size of the jitter buffer.
In the IP Touch phones, the maximum value that can handle the jitter buffer is 300ms.
The jitter buffer must always be able to memorize 1 packet. But it does not mean that we always
have 1 packet in the buffer as it can be used very shortly by the DSP after it has been received by
the phone.
TG0028 56 Ed. 08 / 07 January 2011

OmniPCX Enterprise
12.11.NAT translation
Question:
Is it possible to connect the IP-Touch through an IP NAT (Network Address Translation) Device?
Answer:
No, the UA protocol being not compatible with NAT because of IP addresses embedded in the
UA protocol which can thus not be translated by a NAT device.
A solution to avoid NAT translation in that case might be the use of a VPN tunnel.
12.12.Spatial redundancy
Question:
From which IP-Touch version spatial redundancy is supported?
Answer:
Spatial redundancy is supported by the IP-Touch version 2.xx from OXE version 6.1.
Note
Spatial redundancy is not supported by e-reflexes phones.
12.13.Keep-alive mechanism
Question:
Is it possible to de-activate the Keep-alive mechanism?
Answer:
The system can disable the keepalive mechanism. In that case no keepalive messages will be
exchanged.
See also section 7.9 .
This is configured by setting the following parameter
IP -> IP Quality of service COS -> UDP Keep-Alive to 0
In this case, the IP-Touch will not be able to detect a network failure if there is no activity on
the "Signaling Link Board". Moreover, if a new binary is present on the Call Server, the IP-
Touch will not automatically download that new binary.
Therefore, it is recommended to let this parameter unchanged.
Ed. 08 / 07 January 2011 57 TG0028

OmniPCX Enterprise
12.14.Delay on the data network

Question:
What is the maximum delay accepted?
Answer:
When you design networks that transport voice over packet, frame, or cell infrastructures, it is
important to understand and account for the delay components in the network. If you account
correctly for all potential delays, it ensures that overall network performance is acceptable.
Overall voice quality is a function of many factors that include the compression algorithm, errors
and frame loss, echo cancellation, and delay.
The International Telecommunication Union (ITU) considers network delay for voice applications
in Recommendation G.114. This recommendation defines three bands of one-way delay as
shown in next table.
Range in milliseconds Description

0-150 Acceptable for most user applications.
150-400 Acceptable provided that administrators are aware of
the transmission time and the impact it has on the
transmission quality of user applications.
Above 400 Unacceptable for general network planning purposes.
However, it is recognized that in some exceptional
cases this limit is exceeded.
TG0028 58 Ed. 08 / 07 January 2011

OmniPCX Enterprise
12.15.IP-Touch and backup signaling link

Question:
What’s the duration of restart of an IP-Touch after switching to the back-up signaling link?
Answer:
The backup signaling link is used to recreate a signaling link to a Media-Gateway if an IP link
goes down. This backup signaling link is set up via the public network with a back-up Media-
Gateway.
When the Call Server observes the interruption of a "keep alive" dialog with a Media Gateway, it
waits for a certain time (specified in management). When this time has elapsed, it declares the
nominal link failed and initiates the backup link activation procedure.
This procedure is performed as follows:
• On the Call Server side:
♦ Search for a free rescuer Media Gateway.
♦ The internal modem of the rescuer Media Gateway calls the isolated Media Gateway at
the number defined in management.
• On the Rescued Media Gateway side:
♦ The isolated Media Gateway, having observed the failure of the nominal link, performs a
reset. All calls in progress are then lost.
♦ The isolated Media Gateway is rebooted in "backup link" mode; it activates exclusively the
backup access (specified in management) and waits in reception mode on this access.
"Backup link" mode is a simplified operational mode that processes signaling on the
backup access.
For these reasons, the time for again working IP sets are between 8 and 10 minutes.
When the IP link is re-established, the transition is transparent for the IP-Touch.
Ed. 08 / 07 January 2011 59 TG0028

OmniPCX Enterprise
12.16.Call server duplication

Question:
In some cases, during switch-over from the main Call Server to the back-up Call Server, my IP-
Touch resets.
Answer:
During this switching, keepalive mechanism can be longer then normal, so in some case IP set
will not receive keepalive signal, to resolve this issue, terminal’s UDP Lost value can be
increased.
Question:
What happens for the IP-Touch in case of IP network break down between main and standby
Call Server?
Answer:
When the contact between main and standby Call Server is lost, there is normally no direct
impact for the IP-Touch as long as they continue to dialog with one of the Call Servers. But their
signaling board might change and switch to the former standby Call Server.
When the IP network is back, the Call Server which will be considered as pseudo-main Call
Server (because for example he was not attached to the reference Media Gateway in contrary to
the other Call Server) will reset to become the standby Call Server and all sets having their
signaling link established with that Call Server will reset.
12.17.Loss of signaling board

Question:
What happens when the IP-Touch looses his signaling board? Does the set reset?
Answer:
If there is another signaling board available (see section 5 Signaling Link Board for the signaling
board search), the signaling will be taken over transparently for the user by a new board without
reset of the IP-Touch.
For the current communication of the set, there is no impact unless that communication involves
a compressor located on the board which is lost.
12.18.VoIP assessment tool

Question:
We need the VoIP assessment tool which is compatible with the 40x8 IP sets. Please let me know
the version of the assessment tool which is compatible with these sets.
Answer:
From VoIP Assessment tool version 3 we can use 40x8 IP sets.
TG0028 60 Ed. 08 / 07 January 2011

OmniPCX Enterprise
12.19.Bluetooth
Question:
What is the hardware reference for a Bluetooth 1.2 on an IP-Touch 4068 (set and handset)?
Answer:
The Alcatel IP-Touch Bluetooth® wireless handset is 1.2 enabled and operates with Alcatel IP-
Touch 4068 reference 3GV27043xx (package) from OmniPCX Enterprise R6.2.
Summary:
• IP-Touch Hardware Reference : 3GV26043 BT: 1.2 (RAM 16Mo)
• IP-Touch Hardware Reference : 3GV26012 BT: 1.1 (RAM 8 Mo)
• IP-Touch Handset Reference : 3GV 26007 BT :1.2
• No IP-Touch Handset in BT 1.1
13. BEFORE CALLING ALCATEL’S SUPPORT CENTER

Before calling Alcatel’s Business Partner Support Center (ABPSC), make sure that you have read
through:
• the Release Notes which lists features available, restrictions etc.
• the Problem Report base available on the BPWS under section eSupport
• this chapter and completed the actions suggested for your system’s problem.
Additionally, do the following and document the results so that the Alcatel Technical Support can
better assist you:
• Have any information that you gathered while troubleshooting the issue to this point
available to provide to the TAC engineer (such as traces).
• Have a data network diagram. Make sure that relevant information are listed such as
bandwidth of the links, equipments like firewalls, DHCP servers etc.
• Provide a sniffer trace when relevant (in case of initialization problem, etc.).
Note
Dial-in or Telnet access is also desirable to help with effective problem resolution.
Ed. 08 / 07 January 2011 61 TG0028

OmniPCX Enterprise
TG0028 62 Ed. 08 / 07 January 2011

OmniPCX Enterprise
TROUBLESHOOTING GUIDE No. 28 APPENDIX 0
IP TOUCH ISSUES 802.1x
Summary
1. SHORT 802.1X OVERVIEW .................................................................................................... 3
1.1 Principle............................................................................................................................. 3
1.2 Definition ........................................................................................................................... 3
1.3 Introduction........................................................................................................................ 4
1.4 Port Access Entity (PAE)................................................................................................... 4
1.5 Authentication server......................................................................................................... 5
1.5.1 FreeRADIUS ................................................................................................................. 5
1.5.2 Funk Software Steel-Belted Radius / Enterprise Edition ............................................... 5
1.5.3 Microsoft Windows 2003 IAS RADIUS Server .............................................................. 5
2. AUTHENTICATION ON IP TOUCH........................................................................................... 6
2.1 EAP- MD5 Authentication Method.................................................................................... 6
2.2 Authentication initialization ................................................................................................ 7
2.3 IP Touch ............................................................................................................................ 8
2.3.1 IP Touch internal Switch................................................................................................ 8
2.3.2 IP Touch PC Port Security ............................................................................................ 9
2.3.3 Embedded Command ................................................................................................. 10
2.3.4 Error and status messages ......................................................................................... 10
3. TROUBLESHOOTING............................................................................................................. 11
3.1 Introduction...................................................................................................................... 11
3.2 Configuration 1 ................................................................................................................ 13
3.3 Configuration 2 ................................................................................................................ 14
3.4 Configuration 3 ................................................................................................................ 16
4. F.A.Q. ...................................................................................................................................... 20
4.1 Set stays in phase 2/5 ..................................................................................................... 20
4.2 802.1x Activation Issue ................................................................................................... 20
4.3 802.1x Deactivation......................................................................................................... 20
4.4 802.1x set on IP Touch but pass through........................................................................ 21
4.4.1 View of the Issue ......................................................................................................... 21
4.4.2 Ethereal Trace in case ................................................................................................ 21
4.5 MAC Resolution .............................................................................................................. 22
4.6 IP Touch stays in phase 5/5 ............................................................................................ 22
4.7 Restriction to 802.1x........................................................................................................ 22
4.8 I cannot see EAP frames in my captured Trace.............................................................. 22
5. CONFIGURATION ON A 6800 SWITCH................................................................................. 23
5.1 Overview ......................................................................................................................... 23
5.2 Prerequisites ................................................................................................................... 23
5.3 Configuration ................................................................................................................... 23
6. STEEL-BELTED RADIUS SERVER INSTALL GUIDE ............................................................ 25
7. CONFIGURATION OF ODYSSEY CLIENT ............................................................................ 26
Ed. 08 / 07 January 2011 1 TG0028

OmniPCX Enterprise
Ed. 08 / 07 January 2011 2 TG0028

OmniPCX Enterprise
1. SHORT 802.1X OVERVIEW

1.1 Principle
1.2 Definition
AAA server:
server program that handles users' requests for access to computer resources and provides
authentication, authorization and accounting (AAA) services.
Port Based Network Access Control:

IEEE 802.1X provides port based network access control, which allows network access decisions
to be made at the port.
Unique open or single supplicant / host (cisco):

port configuration that gives access only to the device that has been authenticated. If the access is
open after IP TOUCH authentication and if a PC is plugged behind, the port access is then
blocked.
Global open or Multiple hosts (cisco) but single supplicant :

port configuration that gives a global access. If the port has been enabled for one device and if a
PC is plugged behind, the port access remains open for all devices. If the device, which has got
the access granted, logs off, the global access is also closed.
Multiple open or Multi supplicant :

port configuration that requests an authentication for every device associated to that port (multiple
access). If the access has been granted to IP TOUCH and if a PC is plugged behind, the PC needs
to gain access independently, IP TOUCH must be transparent and forward the exchanges.
For more details please consult 802.1x documentation on BPWS.
Ed. 08 / 07 January 2011 3 TG0028

OmniPCX Enterprise
1.3 Introduction
The aim of the 802.1x “Port-based Network Access Control”, or shorter dot1x, is the ability to deploy
LAN based infrastructure where users or devices need first to log in prior to anything. Dot1x
manages access rights to the Local Area Network (LAN) wired or not (WLAN). It implements an
effective framework for authenticating and controlling user traffic to a protected network. Dot1x ties
a protocol called EAP (Extensible Authentication Protocol) to the LAN media supports for the
moment MD5 authentication methods,
The idea of dot1x is like an ON/OFF gate inside Ethernet switches. This gate starts in the OFF
position, handling only dot1x requests until a decision is made to grant the station access. At that
point, the gate is thrown into the ON position so that all LAN traffic can be relayed between the
station and the upstream network. Eventually, the station times out or disconnects, throwing the
gate back into the OFF position. This authentication intervenes before any other exchanges.
1.4 Port Access Entity (PAE)

The PAE carries the essential of the modifications introduced by the dot1x protocol. The main
innovation consists in dividing the physical port access to the network into two logical ports, which
are connected in parallel on the physical port.
The first logical port is known as "controlled" and can take two states, "open" or "closed". It is used to
access services that the authenticator makes available only to authorized supplicants.
The second logical port, the "uncontrolled port" is always accessible but only for authentication traffic
(dot1x frames) .
Before the supplicant’s connection to the physical port of the authenticator's PAE, the use of the
controlled port is restricted, preventing unauthorized data transfer and only the uncontrolled port is
accessible.
The authentication dialogue is then between the authentication server and the supplicant by the
uncontrolled port of the authenticator's PAE.
When the dot1x state machine of the authenticator sees an authentication acknowledgment
coming from the server, it opens its controlled port, thus giving to the supplicant the access to the
service. From this moment, the Ethernet traffic is normally assured.
However, the dot1x protocol remains active and can reactivate an authentication process in case,
for example, of explicit request of the supplicant or physical disconnection to the network.
Ed. 08 / 07 January 2011 4 TG0028

OmniPCX Enterprise
1.5 Authentication server
1.5.1 FreeRADIUS
FreeRADIUS is an open source RADIUS server. It is well within the top 5 RADIUS servers
worldwide, in terms of the number of people who use it daily for authentication. It scales from
embedded systems with small amounts of memory, to systems with millions of users. It is fast,
flexible, configurable and supports more authentication protocols than many commercial
servers.
The server comes with complete support for RFC 2865 and RFC 2866 attributes.
FreeRADIUS supports EAP, with EAP-MD5, EAP-SIM, EAP-TLS, EAP-TTLS, EAP-PEAP and
Cisco LEAP subtypes.
1.5.2 Funk Software Steel-Belted Radius / Enterprise Edition
Funk Software Steel-Belted Radius / Enterprise Edition: is a complete implementation of

RADIUS. It maintains cooperative technical and marketing relationships with Premium Alliance
Partners, including Alcatel. IP TOUCH needs to interoperate with Steel-Belted Radius Enterprise to
be assured of full compatibility between the products. Funk Steel-Belted server provides AAA for
the Alcatel OmniSwitch, Authenticated VLAN user application and the Authenticated Switch
Access management application.
1.5.3 Microsoft Windows 2003 IAS RADIUS Server
Microsoft Windows 2003 IAS RADIUS Server: The Internet Authentication Service (IAS) is the
Microsoft implementation of a RADIUS server and proxy. As a RADIUS server, IAS performs
centralized connection AAA for many types of network access. As a RADIUS proxy, IAS forwards
authentication and accounting messages to other RADIUS servers.
Ed. 08 / 07 January 2011 5 TG0028

OmniPCX Enterprise
2. AUTHENTICATION ON IP TOUCH
2.1 EAP- MD5 Authentication Method
EAP-MD5 does not propose mutual authentication, it only authenticates the supplicant by providing
a login/password couple and does nothing to authenticate the AAA server. (AAA : server program
that handles users' requests for access to computer resources and provides authentication,
authorization and accounting)
After connection and standard “EAP-Request/Identity” phase (Phase 1), the server sends a
challenge text to the supplicant (Phase 2): some string, along with a serial number. EAP MD5
method has been chosen depending on the Identity sent by IP TOUCH.
The supplicant (Phase 3) proves it knows the password by hashing the identifier, the password and
the challenge together and sending the information back. With MD5, the password does not pass
across the wire.
(Phase 4)The server hashes the challenge on its side by using the supplicant's password stored in
its database. If the result is the same, the supplicant is authenticated.
It is very important to note that the exchanges are not encrypted. The challenge text and its
hashing result are directly sent on the network.
This method is vulnerable to dictionary (brute force attacks), Man In the Middle, session hijacking
attacks.
Ed. 08 / 07 January 2011 6 TG0028

OmniPCX Enterprise
2.2 Authentication initialization
Authentication can be initiated either by the Supplicant PAE or by the Authenticator PAE.
If authentication is enabled on a given port, authentication is initiated by the authenticator PAE

(port from disabled to enabled). If the authenticator PAE does not receive a response, EAP will
retransmit the authentication request.
A supplicant PAE may initiate the authentication sequence by sending an “EAPOL-Start” frame. A
supplicant PAE that does not receive an authentication initiation frame from the authenticator PAE
on re-initialization may initiate authentication by sending an “EAPOL-Start” frame.
Ed. 08 / 07 January 2011 7 TG0028

OmniPCX Enterprise
2.3 IP Touch
2.3.1 IP Touch internal Switch
IP Touch terminals provide an internal switch which allows to chain one or more devices behind
the terminal to limit the number of network ports needed in an office. The port on which these
devices, most probably a PC, but possibly another terminal, are connected is referred to as the
"PC port".
Warning:
The case where a PC is plugged behind IP TOUCH and also tries to authenticate in an “unique
open” Switch configuration is not supported. It is up to the client to configure properly its
authenticator.
We advise to not use a “global open” switch configuration for security reasons.
Ed. 08 / 07 January 2011 8 TG0028

OmniPCX Enterprise
2.3.2 IP Touch PC Port Security
PC port security feature brings security protections against possible intrusions in the voice network
of the customer from the PC port. This will be achieved through either completely disabling the PC
port, or by preventing the PC from sending traffic in the Voice VLAN.
This feature is relevant when mixed with 802.1x authentication because 802.1x removes the
possibility for an unauthenticated PC to be directly connected to the access switch.
By default, IP Touch equipped with an internal switch will forward all traffic coming from the PC
port to the LAN port, and the switch is activated by default.
With this PC port security feature, the IP Touch can be configured
- to either block the PC port of the switch, preventing daisy chaining of a PC behind the
terminal, or
- to prevent the device(s) plugged on the PC port to send 802.1q tagged frames, thus
ensuring no Voice VLAN traffic can be sent from illegitimate sources.
The two functions provided by the feature are:

- Blocking of the PC port of the terminal's switch
- Filtering of 802.1q tagged frames received on the PC port of the terminal's switch
Ed. 08 / 07 January 2011 9 TG0028

OmniPCX Enterprise
2.3.3 Embedded Command
The ‘pcport’ function allows to get the current PC port security status and the state stored for
the next startup.
Command: pcport
function option value return value access

pcport Currentpc port protection: status
After next reset: status
status = off or blocking or voice vlan filtering
The PC port command is incompatible with the port mirroring feature. Consequently, when the PC
port security is active, the mirror command is disable.
The PC port is not available on Z phone model.
2.3.4 Error and status messages
During IP Touch initialization in dot1x activated mode, some messages are displayed to inform the
user:
Messages:
- Authentication failure: authentication denied RADIUS server unreachable, access is
refused to the terminal on the RADIUS server or the terminal has a bad identity (bad login
and/or password).
- Authentication success: access granted Authentication process is complete. The RADIUS
server grants access to the terminal, the authenticator opens its port.
Ed. 08 / 07 January 2011 10 TG0028

OmniPCX Enterprise
3. TROUBLESHOOTING
3.1 Introduction
This paragraph gives an overview between the different exchanges which are involved in 802.1x
authentication.
This should help to diagnostic some issues during 802.1x authentication.
This section, is based on the following topology, and all traces, observations, remarks are relative
to this topology.
Remark: As 802.1x exchanges are based on OSI level 2, so, for trace analysis refer only to MAC
addresses
Ed. 08 / 07 January 2011 11 TG0028

OmniPCX Enterprise
CPU Main
Java
172.25.32.49
UA32
CPU CPU
Java_A Java_B
172.25.32.48 172.25.32.46
Serveur Radius
00:08:02:E5:7A:4F
Switch 172.25.32.164 INTIP A
00:D0:95:D7:45:62 Shared Secret : 172.25.32.45
172.25.32.163 radiuskeyA
Login : admin
Tel :1001
Pass : admin
TDM
Router
172.25.32.1
Radius
name : funk Tel :1000
IP :172.25.32.164 TDM
Shared Secret :
radiuskeyA
Port 9 : 802.1x
00:D0 :95 :D7 :45 :63 Port 11 : 802.1x
Same configuration
as PC2
PC 2
Tel : 1005 Tel : 1006 Tel :1007 Suppliant
Ed.00:80:9F:56:10:AF
08 / 07 January 2011 00:80:9F:56:58:EE 12 00:80:9F:56:09:3E Tel : 1008 TG0028 00:0F :20 :FA :A5 :7E
172.25.32.167 172.25.32.68 172.25.32.90 00:80:9F:3D:48:46 172.25.35.81
802.1x 802.1x 802.1x 172.25.32.93 802.1x
Login :ALCIPT+MAC Login : ALCIPT+MAC Login :ALCIPT+MAC Login: PC+MAC
Pass :radiuskeyB Pass :radiuskeyB Pass :radiuskeyB Shared Secret : radiuskeyC
OmniPCX Enterprise
3.2 Configuration 1
Configuration used is following:

IP Touch 802.1x : Yes
Omniswitch Port 802.1x : No
Radius Server : No
As we can see, in the next Ethereal trace, there is an EAP authentication request by the suppliant
EAP-Start, and without any response, IP Touch will follows its normal process.
Ed. 08 / 07 January 2011 13 TG0028

OmniPCX Enterprise
3.3 Configuration 2

Omniswitch Port 802.1x : Yes
Radius Server : No
Remark: For this trace, IP Touch had IP address: 17.25.32.54 and MAC 00:80:9F:56:10:AF
EAP Request
In this case the mechanism begins with a EAP Start (From IP Touch to Switch), then Switch will
respond with a EAP Request, see above, then IP Touch will send its EAP Response where we can
see the IP Touch identity
EAP Response
Identity
Ed. 08 / 07 January 2011 14 TG0028

OmniPCX Enterprise
What we can also observe is an authentication exchange between the OmniSwitch and Radius
Server. But as the server is not running, the exchange fails
EAP Request
Failure
In this case IP Touch enter in “reset-loop”
Ed. 08 / 07 January 2011 15 TG0028

OmniPCX Enterprise
3.4 Configuration 3

Omniswitch Port 802.1x : Yes
Radius Server : Yes
The traces below show a success authentication, and has been done for the same authorization
exchange.
Ethereal trace has been taken on
- Radius Server: to show the exchange between OmniSwitch and Radius server
- On mirroring port: to see the exchange between IP Touch and OmniSwitch
1. Exchanges between Radius Server and OmniSwitch
Overview of exchanges between Radius Server and Omniswitch
2. Exchange between IP Touch and OmniSwitch
Overview of exchanges between IP Touch and Omniswitch
3. Step By Step Exchange
In this paragraph we will show the step by step exchange by remixing the traces above.
OmniSwitch (Port 9) ask for an Identity Request
Ed. 08 / 07 January 2011 16 TG0028

OmniPCX Enterprise
IP Touch gives an answer to this request (EAP Identity Response)
OmniSwitch will then forward the Response to Radius Server (EAP Response)
Ed. 08 / 07 January 2011 17 TG0028

OmniPCX Enterprise
Radius Sever will then propose a challenge (In this case MD5)
OmniSwitch will forward this challenge to IP Touch
IP Touch answers with challenge MD5
Ed. 08 / 07 January 2011 18 TG0028

OmniPCX Enterprise
OmniSwitch will forward the challenge to Radius Server
Radius Server accepts the challenge (EAP Success), end OmniSwitch will open Controlled Port 9
Success is also transferred to IP Touch
Ed. 08 / 07 January 2011 19 TG0028

OmniPCX Enterprise
4. F.A.Q.
4.1 Set stays in phase 2/5
• I don’t know why my set stays in phase 2/5, while on the other hand my Radius Server and
my Switch are correctly configured ?
• It seems that 802.1x hasn’t been activated on the set, and as the set never enter in a
802.1x process to validate the user access (No uncontrolled port reachable), it stays in this
phase 2/5 like (no Ethernet link)
4.2 802.1x Activation Issue
• I don’t have the possibility to validate the 802.1x in the IP Touch MMI ?
• It is necessary to enter a password before to have the possibility to activate the option
802.1x
4.3 802.1x Deactivation
• Why there is the possibility to deactivate 802.1x directly on the IP Touch without access
control ?
• Because it is mandatory to enter a IP Touch Password

Alcatel 8&9 Series ->IP Touch sets generic parameters
Ed. 08 / 07 January 2011 20 TG0028

OmniPCX Enterprise
4.4 802.1x set on IP Touch but pass through
4.4.1 View of the Issue
• My Phone is set in 802.1x, but after connection, it pass through the different init phases 1-5
without restrictions ?
• This is the normal behavior of 802.1x . When the set ask for a authentication, and the
switch is not configured in 802.1x, the set will follow its normal startup process.
4.4.2 Ethereal Trace in case
• In the case that the switch is not configure to manage 802.1x packet, and the IP Touch is
programmed to deliver 802.1x packets, below we will give the Ethereal trace.
Be careful, Ethereal will decode the Packet as Spanning Tree packet (Destination Mac
address shows that it is a 802.1x packet).
Remark: For this trace, IP Touch had IP address: 17.25.32.54
Ed. 08 / 07 January 2011 21 TG0028

OmniPCX Enterprise
4.5 MAC Resolution
• In the Ethereal traces, like in the picture above, I would like see real MAC address name
and not the decoded name like: “Spanning Tree”
• Disable “MAC name resolution” in Ethereal trace option capture
4.6 IP Touch stays in phase 5/5
• When Switch port is configured for 802.1x, and there is no Radius Server, or when Radius
server don’t authorize the access to open the port, the IP Touch will stay in phase 5/5, and
then will reset.
4.7 Restriction to 802.1x
• To avoid the risk that someone could steal a MAC address of a set, then associate this
address to a PC, and plug this PC behind a HUB
• it is in charge of the Switch, to restart each “n” time the authentication process
4.8 I cannot see EAP frames in my captured Trace
• There is a strange behavior in my ethereal trace because I cannot see EAP or EAPOL
frames in the trace. Example, I want to capture EAP frames between Switch, and IP
Touch: (Number :1007 below) thanks to mirroring on the switch, and I cannot see EAP
Frames, even the phone starts with EAP negotiation.
• See if there is not an Authentication Client which is running on the Ethereal PC, which could
catch the EAP frames. You have to stop the authentication client running on the PC
Ed. 08 / 07 January 2011 22 TG0028

OmniPCX Enterprise
5. CONFIGURATION ON A 6800 SWITCH

5.1 Overview
This section deals about the configuration of Omni switch 6800 to be run in 802.1x
This switch has been used because it allows 802.1x authorization with different equipment behind
the same switch port. (Multiple Open Switch)
5.2 Prerequisites
Before to configure you switch in 802.1x, be sure you have the correct version installed on your
switch.
Minimum version is 5.3.1.210.R02
5.3 Configuration
This paragraph will show the command to activate the 802.1x on 6800 Switch
• Specify Radius Server
aaa radius-server <radius_name> host <radius_server_ip_address> auth-port 1812

acctport 1813 key <radius_secret> (same secret as in the RADIUS server)
Example
aaa radius-server funk host 172.25.32.164 auth-port 1812 acct-port 1813 key radiuskeyA
• Declare the server as a 802.1x server
Example
aaa authentication 802.1x funk
• Activate 802.1x on specific port

vlan port mobile <port_num> (on each port to authenticate)
vlan port <port_num> 802.1x enable (on each port to authenticate)
802.1x <port_num> direction both port-control auto (on each port to authenticate)
Example
vlan port mobile 1/9
vlan port 1/9 802.1x enable
• show vlan port mobile
cfg ignore ingress

port mobile def authent enabled restore bpdu filtering
-------+--------+----+--------+---------+---------+-------+----------
1/1 off on
1/9 on 1 on-8021x on on off off
1/10 off on
Ed. 08 / 07 January 2011 23 TG0028

OmniPCX Enterprise
• To configure PC in a particular Vlan:

vlan 1 enable name "Voice" (default Vlan for IP Touch)
vlan 1 authentication enable
vlan 2 enable name "Data" (Vlan for the PC)
vlan 2 authentication enable
• Save to Certified directory?

Once those changes have been roadtested, the contents of the /flash/working
directory can be copied to the /flash/certified directory via the command.
o write memory
o copy working certified
To reboot the switch from working directory
o reload working no rollback-timeout
• Some useful commands

o show configuration snapshot (show the configuration)
o write memory (save the current configuration)
o Show configuration snapshot
o Show 802.1x users
o Show 802.1x statistic
o Show 802.1x
o Show aaa authentication 802.1x
o Show vlan
o Show vlan port
Ed. 08 / 07 January 2011 24 TG0028

OmniPCX Enterprise
6. STEEL-BELTED RADIUS SERVER INSTALL GUIDE

This section deals about Steel-Belted Radius Server configuration
Install package
- SBR Admin tool (SBRNT_Admin_53.msi) and
- Server (SBRNT_ALL_53.MSI) on the same PC. (Choose Enterprise Edition)
When finished, run the SBR admin.
In the Servers Connection tab, choose local and connect to the SBR with the admin account.
Radius clients tab: click on the Add button. Enter the

- Switch name (OMNISWITCH),
- its IP address (172.25.32.163) and the
- shared secret (radiuskeyA) defined on the switch (<radius_secret> below).
- Choose in the list of Make/model, the Alcatel Omniswitch,
save.
Authentication Policies tab:

- check only Native User,
- click on the EAP Setup button and
- select MD5-Challenge only, for each 802.1x client.
As the switch and the server communicate, you can see in the Statistics tab a Summary of
authentication between them.

Users tab: define here each IP TOUCH phone and the PC client as Native Users. Click on the Add
button, enter
- the login (login[+mac @]) and
- the password (same as on the terminal) for the IP-Touchs,
- the PC <domain>\ <login_account> and password (same as on the PC) and
save.
To set the PC in the Data Vlan set on the Switch (see Odyssey client configuration):
In the Attributes Return list, click on Add…
- Select the Alcatel-Auth-Group in the list and set the value to the Data Vlan
Close and save.
Ed. 08 / 07 January 2011 25 TG0028

OmniPCX Enterprise
7. CONFIGURATION OF ODYSSEY CLIENT

This section deals about PC Odyssey Client configuration
Odyssey client: PC can directly be plugged on the IP-Touch PC port or on the Switch
Install the Odyssey Client on a Windows XP workstation, check the 30-day trial version box.
When finished, launch the Odyssey Client Manager.
In the Profiles tab Add tab…, in the Profile name:

- PC Odyssey (for example),
- Login name: the PC login (it is the PC account name)
In the Password tab, check Use Windows password

In the Authentication tab, Add… EAP-MD5-Challenge and Remove EAP-TTLS.
In the Adapters tab, choose the right Wired 802.1x Ethernet adapter
In the Connection tab, select the adapter, the Connection using profile defined before (PC
Odyssey)
In the menu File Settings -> Windows Logon Settings, check Override…
and After Windows Logon…, a popup window appears and ask you to provide Windows password
(enters the password (same as on the SBR).
Back in the Connection tab, click on the Re-authenticate button, the PC should authenticate.
You can check on the switch and on the server the authentication status of the PC.
Global remark: when you change the SBR configuration, you need to restart the SBR service to
take the changes into account.
To restart the Odyssey client, disable and re-enable it via the menu File.
Ed. 08 / 07 January 2011 26 TG0028

OmniPCX Enterprise
IP TOUCH ISSUES STATUS OF THE IP LINK
STATUS OF THE IP LINK
The table below gives the real link state depending on the devices parameters (invalid parameters
setting are shown darker):
Device 1 Device 2 Real Link State

1 auto–negotiation auto–negotiation 100–FULL
2 100–FULL auto–negotiation 100–HALF
3 100–HALF auto–negotiation 100–HALF
4 10–FULL auto–negotiation 10–HALF
5 10–HALF auto–negotiation 10–HALF
6 100–FULL 100–FULL 100–FULL
7 100–FULL 100–HALF 100–HALF
8 100–FULL 10–FULL no link
9 100–FULL 10–HALF no link
10 100–HALF 100–HALF 100–HALF
11 100–HALF 10–FULL no link
12 100–HALF 10–HALF no link
13 10–FULL 10–FULL 10–FULL
14 10–FULL 10–HALF 10–HALF
15 10–HALF 10–HALF 10–HALF
When an invalid configuration is programmed, the switch is unable to detect it correctly. As

a consequence, IP Touch software may display speed and duplex settings not reflecting the
real link state.
Conclusion
To avoid conflicts between both devices, following Simple Rule should be applied each time.
- When both devices are in Auto Negotiation, there is no problem, and 100 Mbps / Full
Duplex is automatically chosen
- When Both devices are set Manually, Same configuration Must be applied.
- Other configurations should be avoided.
Ed. 08 / 07 January 2011 1 TG0028

OmniPCX Enterprise
IP TOUCH ISSUES STATUS OF THE IP LINK
Ed. 08 / 07 January 2011 2 TG0028

OmniPCX Enterprise
IP TOUCH ISSUES ERROR MESSAGES IN STARTING PHASE
ERROR MESSAGES IN STARTING PHASE
1. FAILURE SIGNALING
Failure signaling provides the user an indication (a message displayed on the screen) of what is
going wrong on the terminal (most of the time, this is a network problem). Messages displayed are
in English language.
After UDP_LOST timeout without receiving any message from the call server, the terminal indicates to
end user that the signalization link is broken and gives the reason of the failure: if there is a cable
problem between the terminal and the LAN switch, the following message is displayed (A/B/C/D
terminals):
"No Ethernet link"
If there is no problem between the terminal and the LAN switch, the problem could be anywhere else
on the network (cable problem between the LAN switch and the call server, the call server goes
down, etc) the following message is displayed (A/B/C/D terminals):
"Connection lost"
Then, the terminal waits for a CONNECT message. After UDP_LOST_REINIT timeout, the terminal
indicates that it will reset by displaying the following message:
"Reset...please wait"
This last message is also displayed if a reset request (UA3G or NOE message) from the call server is
received by the terminal.
If a duplicate IP address detected (terminal X receives an ARP request and finds that the source IP
address inside that packet is its own IP address), the following message is displayed during five
seconds (A/B/C/D terminals):
"Duplicate IP address"
2. ERROR MESSAGES
The following table indicates the messages and errors displayed during the starting phase (messages
and errors are always displayed in English language).
short text: a short text is displayed on the screen (20 characters max on A terminal),only in case of
real error and not for progress indication (END, STARTED and SUCCESS).
Ed. 08 / 07 January 2011 1 TG0028

OmniPCX Enterprise
Ed. 08 / 07 January 2011 2 TG0028

OmniPCX Enterprise
Ed. 08 / 07 January 2011 3 TG0028

OmniPCX Enterprise
Ed. 08 / 07 January 2011 4 TG0028

OmniPCX Enterprise
IP TOUCH ISSUES ADD-ON MODULE
ADD-ON MODULE
AOM-10 AOM-14 AOM-40

An Add-On Module (AOM) is an extension keyboard for the B/C/D terminals. It provides 10 keys.
(AOM-10) or 40 keys (AOM-40) associated to icons.
AOMs cascading is allowed only with 40 keys: an AOM-10 can only be the last element of an AOM-40
chain.
AOMs and terminal are interconnected with an UART interface via a RJ45 connector.
With one terminal, up to 50 additional keys are possible.
Configurations allowed on OmniPCX Enterprise:
• 10 keys (1 AOM-10)
• 40 keys (1 AOM-40)
• 50 keys (1 AOM-40 + 1 AOM-10)
• 42 keys (3 AOM-14). Reminder: No AOM-14 on 4008/4018/4019 phones.
Connection and Detection
How AOMs must be connected to a terminal?
• Power off the terminal
• Connect the AOMs with RJ45 (first AOM to the terminal, second AOM to first the AOM, etc.)
• Power on the terminal
AOMs must not be plugged to the phone while t h e phone is powered on. Even if the previous
mandatory recommendation is not respected, "hot plugging" of an AOM is not destructive for the
hardware (terminal and AOM).
AOM is detected during terminal initialization. If no AOM is detected, the UART used by AOM is
initialized for trace mode (115200 bit/s).
AOM–EL
AOM-EL stands for ELectronic Add-On Module. AOM-EL is available on B/C/D terminals.
Compared to AOM-40/AOM-10, the same restriction concerning connection and detection
applies.
AOM-EL cannot be cascaded with AOM-40 or AOM-10. A maximum of 3 AOM-EL can be
cascaded but it depends on the power consumption results (UA and IP).
TG0028 1 Ed. 08 / 07 January 2011

OmniPCX Enterprise
IP TOUCH ISSUES ADD-ON MODULE
TG0028 2 Ed. 08 / 07 January 2011

OmniPCX Enterprise
IP TOUCH ISSUES EMBEDDED IP TOUCH SERVICE
COMMANDS
EMBEDDED IP TOUCH SERVICE COMMANDS

1. COMMAND ON OMNIPCX ENTERPRISE ....................................................................................... 3
1.1. FOREWORD ........................................................................................................................................ 3
1.2. SHELLTOOL ........................................................................................................................................ 3
1.3. LIMITED ACCESS................................................................................................................................ 4
1.4. TELNET AUTHORIZATION................................................................................................................... 4
2. SOME TROUBLESHOOTINGS ........................................................................................................... 5
2.1. ONE-WAY COMMUNICATION.............................................................................................................. 5
2.2. COMMUNICATIONS WITH BAD AUDIO QUALITY ................................................................................. 6
2.3. PHONE BINARY UPDATE WITH A TEST VERSION ................................................................................. 7
2.4. PHONE INITIALIZATION PROBLEM (EXAMPLE: TFTP PROCESS DEBUG) ............................................ 8
3. GLOBAL COMMANDS ON IP TOUCH ............................................................................................. 9
3.1. LEVEL ................................................................................................................................................ 9
3.2. GLOBAL SET CONFIGURATION (ID) .................................................................................................. 10
3.3. DOWNLOAD METHOD MANAGEMENT .............................................................................................. 11
3.4. BINARY DOWNLOAD MANAGEMENT ................................................................................................ 11
3.5. INIT STATUS (INITSTATUS).............................................................................................................. 12
3.6. DEFENCE (DEFENCE)........................................................................................................................ 12
3.7. VERSION SWITCH (VERSWITCH)....................................................................................................... 14
3.8. RESET MANAGEMENT (RESET)......................................................................................................... 14
3.9. AUDIO INFORMATION (AUDIO) ........................................................................................................ 14
3.10. RTP CHANNEL INFORMATION (RTP) ............................................................................................ 15
3.11. COMPRESSOR CONFIGURATION (CODEC) ..................................................................................... 16
3.12. AUDIO CONFIGURATION (AUDIOCONF)........................................................................................ 17
3.13. RINGER STATE (RINGER).............................................................................................................. 17
3.14. GLOBAL AUDIO CONFIGURATION (GLOBALAUDIO) ..................................................................... 18
3.15. IP CONFIGURATION (IPCONFIG) ................................................................................................... 19
3.16. LINK MANAGEMENT (PHY) .......................................................................................................... 21
3.17. SDRAM SIZE (SDRAMSIZE) ......................................................................................................... 21
3.18. LOG TRACE DUMP (TRCDUMP) ..................................................................................................... 22
3.19. TONE DEFINITION (TONEDEF) ...................................................................................................... 22
3.20. RTCP STATISTICS (RTCPSTATS)................................................................................................... 23
3.21. DISPLAY VOIP STATISTICS (VOIPSTATS) ..................................................................................... 24
3.22. ETHERNET VIEW (ETHERNETSTATS) ............................................................................................ 25
3.23. UA / UDP STATISTICS (UA_UDP) ................................................................................................. 26
3.24. ONLINE PING (PING)..................................................................................................................... 27
3.25. TRACEROUTE (TRACEROUTE) ...................................................................................................... 28
3.26. ARP TABLE (ARPSHOW)............................................................................................................... 29
3.27. ROUTESHOW (ROUTESHOW)......................................................................................................... 30
3.28. IFSHOW (IFSHOW)......................................................................................................................... 31
3.29. SYSLOG THOUGHT NETWORK (NETLOG)...................................................................................... 32
3.29.1. Exemple ................................................................................................................................... 34
3.30. PORT MIRRORING (MIRROR)......................................................................................................... 37
Ed. 08 / 07 January 2011 1 TG0028

OmniPCX Enterprise
COMMANDS
3.31. DOS ATTACK REPORT (DOS)......................................................................................................... 39

4. BLUETOOTH MANAGEMENT......................................................................................................... 40
4.1. SOFTWARE VERSION (BTHID) .......................................................................................................... 40
4.2. BLUETOOTH PHONE ADDRESS (BTADDR)......................................................................................... 40
4.3. BLUETOOTH DEVICE STATE (BTSTATE) ........................................................................................... 40
5. THALES VOIP SECURITY MANAGEMENT ................................................................................. 41
5.1. TERMINAL SECURITY STATE (THALSEC).......................................................................................... 41
5.2. IPSEC PROTOCOL STATE (IPSEC) ...................................................................................................... 42
6. PC PORT MANAGEMENT................................................................................................................. 43
6.1. PC PORT MANAGEMENT (PCPORT)................................................................................................... 43
7. 802.1X AUTHENTICATION ............................................................................................................... 43
7.1. 802.1X AUTHENTICATION (DOT1X).................................................................................................. 43
Ed. 08 / 07 January 2011 2 TG0028

OmniPCX Enterprise
COMMANDS
1. COMMAND ON OmniPCX Enterprise
1.1. Foreword
This appendix gives the different commands which can be run directly on IP Touch for diagnostic
help. Not all available commands will be given here, only the most useful will be given in this
appendix. Don’t forget that you can use help command for each IP Touch command to discover
the parameters of each command like:
audio help
#audio#
audio [state|channel]
1.2. Shelltool
It is possible to access to the major IP Touch commands thanks to the embedded IP Touch
ShellTool.
ShellTool
To activate the IP Touch ShellTool press successively IP Touch keyboards button:

↑
Back
←
Back
Ed. 08 / 07 January 2011 3 TG0028

OmniPCX Enterprise
COMMANDS
1.3. Limited Access
For security reason, some functions will not be accessible, by default, through the « IP Touch
Shelltool » The access to this function will be called “limited”. To access to the “limited” functions,
the phone has to receive from the PBX the telnet authorization message. In other words these
commands are only available by telnet.
1.4. Telnet authorization
This command is run on OXE to authorize telnet access on IP Touch. In fact, by default telnet
server is disabled on IP Touch. The telnet execution on an IP Touch, in comparison to IP Phone,
can be run from any network element.
ippstat
>IPP (IP Phone) information :
>-------------------------------------
>Display the IP Address of the local node :1
>……………….
>Ip Phone download Menu : 13
>Timeout for telnet session of NOE set : 14
>INT IP Menu : 15
>Domain Menu : 16
>IPlink Menu : 17
>Status Menu : 18
>Quit this tool :0
>Enter your choice : 14

>Enter a directory number you want to manage : 3003
>Enter a timeout value expressed in minutes (between 0 to 1440) : 1440
>return to menu : press ENTER
Telnet is now allowed from any PC
Ed. 08 / 07 January 2011 4 TG0028

OmniPCX Enterprise
COMMANDS
2. SOME TROUBLESHOOTINGS
2.1. One-way communication

While in communication, use:
rtp 0 to retrieve the IP configuration of the communication (source and destination IP

address and ports),
rtcpstats 0 to read the RTCP statistics,
arpshow to check the remote MAC – IP address association,
traceroute to check the route taken to reach the remote part,
ping to check if remote part is reachable,
ethernetstats cpu to check if there are DoS attacks,
and of course the defence.
If the faulty communication is no more active, use:
voipstats 0 to read the VoIP statistics (lost packets) of the faulty communication,
Ed. 08 / 07 January 2011 5 TG0028

OmniPCX Enterprise
COMMANDS
2.2. Communications with bad audio quality

While in communication, use:
codec 0 to retrieve the codec configuration of the communication (codec type,

framings, VAD),
rtcpstats 0 to read the RTCP statistics,
ethernetstats lan to check LAN port ethernet statistics (collisions, CRC errors),
ifshow to check the attached network interfaces statistics (collisions, dropped),
If the faulty communication is no more active, use:
voipstats x to read the VoIP statistics (lost packets, delay, jitter) of the faulty
communications,
Ed. 08 / 07 January 2011 6 TG0028

OmniPCX Enterprise
COMMANDS
2.3. Phone binary update with a test version
Put the IPTouch test binaries on the TFTP server and activate the server,
use dwl set to configure the TFTP server IP address, the binary and data file names,
start the download using dwl go,
disable the binary update using dwlmethod,
disable the binary update in mgr.
Ed. 08 / 07 January 2011 7 TG0028

OmniPCX Enterprise
COMMANDS
2.4. Phone initialization problem (example: TFTP process debug)

Telnet is not possible as the phone does not go into service. Thus, a syslog server will be used.
Activation of the syslog server parameters using netlog (in NOE R6 this will be
possible using phone MMI):
y netlog server 155.132.130.222
y netlog boot_enable // enable the syslog after phone reset
y netlog uptime 1440
y level all anomaly // reset the levels
y level tftp debug // set the TFTP level to debug
y netlog save_config // flash the current levels
y netlog config 3 // use the flashed levels
Ed. 08 / 07 January 2011 8 TG0028

OmniPCX Enterprise
COMMANDS
3. GLOBAL COMMANDS ON IP TOUCH
3.1. Level
function definition : level [<flux_name> <level>]
For the possible flux names see below

The possible level names are :
a) debug used only for debug purpose (reserved to development team)
b) verbose verbose log level
c) normal standard log level
d) anomaly log only anomaly
e) disable disable log stream (but not direct printf)
f) never disable all log and command response. use it only on all flux
possible return value

When using ’level’ command without argument, the list of debug stream and the output link
is
displayed with the level of details of the debug information.
default value
Default value of all level is set to ’anomaly’
Ed. 08 / 07 January 2011 9 TG0028

OmniPCX Enterprise
COMMANDS
3.2. Global set configuration (id)
The ’Id’ function allows to get information about software version, hardware version, set range and
set type.
• function definition :
− For release 1
id [ soft | boot | hard | range | type | linkdate | full ]
− For release 2
id [ main | soft | data* | boot | load** | hard | range | type | linkdate | full ]
• possible return value (Global view)
Ed. 08 / 07 January 2011 10 TG0028

OmniPCX Enterprise
COMMANDS
3.3. Download method management
The ’dwlmethod’ function allows to get or set the binary download method.
dwlmethod [set no_binary | full]
• possible return value
3.4. Binary download management
The ’dwl’ function allows to get or set the binary name and tftp server information and starts a
binary download. The ’start’ describer forces the set to download and use after reset the binary
present on the server.
dwl go | [set] binary | data* | load*** | cust** | L10N** | server | port
• Restriction
“dwl go” not available on NOE IP D with 8Mb SDRAM and one binary (containing data and
code) In some case, “dwl go” can provoke a reset of the phone. To avoid such problem, do not
use this command when applications that needs a great amount of memory runs on the set.
Also, if a set is downloaded during a voice communication, this can disturb the audio quality.
Ed. 08 / 07 January 2011 11 TG0028

OmniPCX Enterprise
COMMANDS
3.5. INIT status (initstatus)
The ’initstatus’ function allows to get the initialization phase

initstatus
3.6. Defence (defence)
The ’defence’ function allows to get the number of defence flashed or the defence list and allows to
reset the defence list.
The erase command flushes all the content of the defence sectors in the flash, then stores one
defence record with the version and the reset date of the running software.
Example:
defence erase
001-01:04:39.970 DEFENCE: version: 1.12.10 sysdate: 11/02/2004-08:40:28
#defence#
defence OK
defence <value> | erase
Remark:
With the 'date' command, you get the last reset.
NoePhone > date
date
#date#
date reset 15/07/2006-16:10:28
time 17:25:37
ds today 14/09/06
dl today Thu 14 Sep 2006
ds tomorrow 15/09/06
dl tomorrow Fri 15 Sep 2006
date OK
Ed. 08 / 07 January 2011 12 TG0028

OmniPCX Enterprise
COMMANDS
Ed. 08 / 07 January 2011 13 TG0028

OmniPCX Enterprise
COMMANDS
3.7. Version switch (verswitch)
The terminal contains 2 versions. the ’verswitch’ function allows rebooting on the other version at
the next reset of terminal
verswitch
• Restriction
In PROTECT mode, the verswitch checks for signature validity before switching. From a
FULL binary to an EXPORT binary, the verswitch fails. This behavior is normal as the
switching to an export binary or a badly signed binary requires to set the terminal to the no
security mode (BYPASS via the local MMI).
3.8. Reset management (reset)
The ’reset’ function allows to reset the set or to erase the flash (except for binary and industrial
parameters: MAC address,...), the customization file or the localization file
reset [flash|l10n|cust]
3.9. Audio information (audio)
The ’audio’ function allows to get audio mode information and number of active channel.
audio [state|channel]
Ed. 08 / 07 January 2011 14 TG0028

OmniPCX Enterprise
COMMANDS
3.10. RTP channel information (rtp)
The ’rtp’ function allows to get rtp state and local or remote ip address and port
rtp 0|1 [state|direction|locip|locport|remip|remport|encryption]
When the rtp state is idle, the value of direction, locport, remip and remport corresponds to the last
active communication.
The encryption flag set to yes means SRTP is used for this communication. This is meaningful only
in a system protected with Thales boxes. (field available in release 3 or more)
Ed. 08 / 07 January 2011 15 TG0028

OmniPCX Enterprise
COMMANDS
3.11. Compressor configuration (codec)
The ’codec’ function allows to get compressor configuration

codec 0|1 [compress|VAD|band|framing|pktprd ]
**compressor possible value are :

− g711_a
− g711_mu
− g723_5.3kb/s
− g723_6.3kb/s
− g729
*** DSP framing
**** RTP packet period
Ed. 08 / 07 January 2011 16 TG0028

OmniPCX Enterprise
COMMANDS
3.12. Audio configuration (audioconf)
The ’audioconfig’ function allow to get the current configuration of the different devices.
audioconfig [handset|headset|handsfree|loudspeaker|announce|ring]
3.13. Ringer state (ringer)
The ’ringer’ function allows to get ringer configuration

ringer [mode|melody|level|cadence ]
Ed. 08 / 07 January 2011 17 TG0028

OmniPCX Enterprise
COMMANDS
3.14. Global audio configuration (globalaudio)
The ’globalaudio’ function allows to get all information describe in this chapter. (available in
release1 and 2, removed in release 3 or more)
globalaudio
The return value will correspond to the following sequence except for the command
acknowledgment that will be given at the end of the sequence. (the echo function is not
defined but is use to indicate the text that will be displayed):
o echo audio
o audio
o echo rtp 0
o rtp 0
o echo rtp 1
o rtp1
o echo codec 0
o codec 0
o echo codec 1
o codec 1
o echo device handset
o device handset
o echo device handsfree
o device handsfree
o echo device headset
o device headset
o echo ringer
o ringer
o echo voicemode
o voicemode
Ed. 08 / 07 January 2011 18 TG0028

OmniPCX Enterprise
COMMANDS
3.15. IP configuration (ipconfig)
The ’ipconfig’ function allows to get and set (flash except for TOS and priorities) IP parameters. All
flashed value will be taken into account after reset.
ipconfig [ip|router|mask|tftp|tftpport|cpu|mode|dhcp|vlan|use_vlan]
ipconfig [maincpu|maintftp|survi|save|restore]
ipconfig [set ip|router|mask|tftp|tftpport|cpu|mode|vlan|use_vlan <value>]
Ed. 08 / 07 January 2011 19 TG0028

OmniPCX Enterprise
COMMANDS
* The maincpu option shows the Call Server the terminal is connected to. The maintftp option
shows the elected tftp server.
** The VLAN id value is expressed in decimal and in (hexadecimal).
*** The restore option only works after an ipconfig save command, and only one time (one restore
for each save). maincpu, mainftp, survi, save and restore option are available in release 3 or more.
Ed. 08 / 07 January 2011 20 TG0028

OmniPCX Enterprise
COMMANDS
3.16. Link management (phy)
The ’phy’ function allows to get the actual link properties and to set these link properties. When the
set option is used, the configuration of the link is changed immediately, but those parameters are
note stored in flash, so after a reset, the previous value of the link are used.
phy [lan|pc] | [set lan|pc 10|100|auto half|full|auto]
speed = 10, 100 or 1000**

duplex = half or full
* pc port not available on Z phone
** for Gigabit platform only
Note that on gigabit platform, 1000MB cannot be forced. The auto-negotiation feature must be
used.
3.17. SDRAM size (sdramsize)
The ’sdramsize’ function allow to get the sdram size in MByte.
• function definition :
sdramsize
Ed. 08 / 07 January 2011 21 TG0028

OmniPCX Enterprise
COMMANDS
3.18. Log trace dump (trcdump)
the ’trcdump’ function allows to get the last UAUDP protocol messages log of the last 3 reset
(except
hardware reset) The message log is limited to 16kB and first message can be truncated. This
message log concerns the UA/UDP messages so it begins with the first connect messages
received
by the phone after reset.
trcdump n

the dump messages are displayed as followed :
time d msg
001004f3 S 04
00100521 R 07 00 a4 00 17 04 00 15 04 02 31
00100522 S 07 00 18 00 a3
3.19. Tone definition (tonedef)
The ’tonedef’ function allows to see the tone definition corresponding to def. tone ua message
tonedef [ < value > ]
Ed. 08 / 07 January 2011 22 TG0028

OmniPCX Enterprise
COMMANDS
3.20. RTCP statistics (rtcpstats)
The ’rtcpstats’ function allows to get RTCP information during a voice communication.
rtcpstats 0|1 [ rtpout | rtpin | rtplost | rtpjitter | rtplatency | rtcpout | rtcpin | rtpjittermax]
rtpjittermax parameter only available in release 1.1 or more
Ed. 08 / 07 January 2011 23 TG0028

OmniPCX Enterprise
COMMANDS
3.21. Display VoIP statistics (voipstats)
The ’voipstats’ function allows to see the Qos statistics of the 20 last calls (for release 1,1 or more,
only 10 in release 1.0). To take into account a communication, it has to be more than 20 seconds.
Those statistics are not updated during a call but at the end of the call.
voipstats n [ remip | rtpout | rtpin | rtplost | codec | delay | jitter ]
* jitter parameter only available in release 1.1 or more
• Terminal applicability
Applicable to IP terminals
Ed. 08 / 07 January 2011 24 TG0028

OmniPCX Enterprise
COMMANDS
3.22. Ethernet view (ethernetstats)
The ’ethernetstats’ function allows to get the ethernet port statistics

ethernetstats { lan|pc [ speed | duplex | collisions | crcerrors | broadcast ] } | cpu
* pc port not available on Z phone

**** For Gigabit platform only
** available on release 2 or more
*** available in release 3 or more
Warning: “cpu” option is only available for R2 and upper versions.
Ed. 08 / 07 January 2011 25 TG0028

OmniPCX Enterprise
COMMANDS
3.23. UA / UDP statistics (ua_udp)
The ’ua_udp’ function allows reading counters and status of the ua on udp layer.
ua_udp { stats | status }
examples :
ua_udp status
#ua_udp#
ua_udp_socketed : 1
ua_udp_waiting_for_ack: 0
ua_udp_connect_state : CONNECTED
keepalive : 0 s
lost : 5 s
reinit : 10 s
ua status OK
ua_udp stats
#ua_udp#
Receive Transmit
CONNECT = 1 1
CONNECT_ACK= 1 1
RELEASE = 0 0
RELEASE_ACK= 0 0
KEEPALIVE = 3648 ACK= 3648
DATA = 4 6
ACK = 8 3
NACK = 0 0
DATA_bad = 0
NACK_bad = 0
errors = 0 0
bad content= 0
bad len = 0
bad peer = 0
bad state = 0
ua stats OK
• Terminal applicability:
Ed. 08 / 07 January 2011 26 TG0028

OmniPCX Enterprise
COMMANDS
3.24. Online ping (ping)
The ’ping’ function allows to ping an IP address.

ping < x.x.x.x >

The return value are standard ping results and are available on serial link only for release 1
and release 2. In release 3, it is available in the PCD flux.
• example
a. ping to an IP address that does not respond (release 1 and 2 only)
ping 172.26.176.103
PING 172.26.176.103 :56 data bytes
no answer from 172.26.176.103
#ping#
ping KO
b. ping to an IP address that does respond (release 1 and 2 only)
ping 172.26.176.40
PING 172.26.176.40 :56 data bytes
64 bytes from Noe (172.26.176.40): icmp_seq=0. time=10. ms
----172.26.176.40 PING Statistics----
4 packets transmitted, 4 packets received, 0% packet loss
round-trip (ms) min/avg/max = 0/2/10
#ping#
ping OK
c. ping to an IP address that does not respond (release 3 only)
ping 172.26.176.103
000-00:01:28.960 PCD : PING 172.26.176.103 (84=20+8+56 bytes)
000-00:01:33.960 PCD : ping: timeout
000-00:01:33.960 PCD : no answer from 172.26.176.103
#ping#
ping KO
d. ping to an IP address that does respond (release 3 only)
ping 172.26.176.40
000-00:01:15.480 PCD : PING 172.26.176.40 (84=20+8+56 bytes)
000-00:01:15.490 PCD : 64 bytes from Noe (172.26.176.40): icmp_seq=0. time=10.
ms
ms
ms
ms
000-00:01:19.490 PCD : ----172.26.176.40 PING Statistics----
000-00:01:19.490 PCD : 4 packets transmitted, 4 packets received, 0% packet
loss
000-00:01:19.490 PCD : round-trip (ms) min/avg/max = 0/2/10
#ping#
ping OK
Applicable to IP terminals.
Ed. 08 / 07 January 2011 27 TG0028

OmniPCX Enterprise
COMMANDS
3.25. traceroute (traceroute)
the ’traceroute’ function allows to do a trace route to another IP address (available in release 1.1 or
more)
traceroute < x.x.x.x > | < x.x.x.x > < max hops >

possible return value are printed on the TRACERT debug flux
• example
a. traceroute to an IP address that does not respond with default max hops value
traceroute 172.26.168.19
000-00:03:40.550 TRACERT: traceroute to 172.26.168.19, 10 hops max
000-00:03:40.570 TRACERT: 1 172.25.40.8 10ms 0ms 10ms
000-00:03:55.570 TRACERT: 2 * * *
000-00:04:10.570 TRACERT: 3 * * *
000-00:04:25.570 TRACERT: 4 * * *
...
000-00:10:40.570 TRACERT: 9 * * *
000-00:10:55.570 TRACERT: 10 * * *
#traceroute#
traceroute OK
b. traceroute to an IP address that does not respond with max hops value of 5
traceroute 172.26.168.19 5
000-00:03:40.570 TRACERT: 1 172.25.40.8 10ms 0ms 10ms
000-00:03:55.570 TRACERT: 2 * * *
000-00:04:10.570 TRACERT: 3 * * *
000-00:04:25.570 TRACERT: 4 * * *
000-00:10:40.570 TRACERT: 5 * * *
#traceroute#
traceroute OK
c. traceroute to an IP address that does respond
traceroute 155.132.33.12
000-00:00:36.240 TRACERT: 1 172.25.40.8 10ms 0ms 10ms
000-00:00:36.240 TRACERT: 2 155.132.205.207 0ms 0ms 0ms
000-00:00:36.250 TRACERT: 3 155.132.142.100 0ms 0ms 0ms
000-00:00:36.290 TRACERT: 4 139.54.237.173 10ms 20ms 10ms
000-00:00:36.330 TRACERT: 5 139.54.255.2 10ms 10ms 20ms
000-00:00:36.360 TRACERT: 6 172.26.1.251 10ms 10ms 10ms
000-00:00:36.420 TRACERT: 7 155.132.33.12 20ms 10ms 20ms
#traceroute#
traceroute OK
Ed. 08 / 07 January 2011 28 TG0028

OmniPCX Enterprise
COMMANDS
3.26. ARP table (arpshow)
The ’arpshow’ function allows to get the ARP table of the terminal. (available in release 2 or more)
arpshow
• examples
a. arpshow with release 2
arpshow
002-17:40:42.480 ARP : LINK LEVEL ARP TABLE
002-17:40:42.480 ARP : IP Address Mac adress Flags Use Interface
002-17:40:42.480 ARP : -----------------------------------------------------------
002-17:40:42.480 ARP : 172.26.176.8 00:20:da:ff:68:ff 0x0405 0 bcm0
002-17:40:42.480 ARP : 172.26.176.12 00:80:9f:32:9d:6d 0x0405 26305 bcm0
002-17:40:42.480 ARP : -----------------------------------------------------------
#arpShow#
arpShow OK
b. arpshow with release 3
arpshow
002-17:40:42.480 PCD : LINK LEVEL ARP TABLE
002-17:40:42.480 PCD : IP Address Mac adress Flags Refcnt Use Interface
002-17:40:42.480 PCD : --------------------------------------------------------------
----
002-17:40:42.480 PCD : 172.26.176.8 00:20:da:ff:68:ff 0x0405 1 0 bcm0
002-17:40:42.480 PCD : 172.26.176.12 00:80:9f:32:9d:6d 0x0405 2 26305 bcm0
002-17:40:42.480 PCD : --------------------------------------------------------------
----
#arpShow#
arpShow OK
• “Flags” field legend (logical AND):

0x1 /* route usable */
0x2 /* destination is a gateway */
0x4 /* host entry (net otherwise) */
0x8 /* host or net unreachable */
0x10 /* created dynamically (by redirect) */
0x20 /* modified dynamically (by redirect) */
0x40 /* message confirmed */
0x80 /* subnet mask present */
0x100 /* generate new routes on use */
0x200 /* external daemon resolves name */
0x400 /* generated by ARP or ESIS */
0x800 /* manually added */
0x1000 /* just discard pkts (during updates) */
0x4000 /* protocol specific routing flag */
Ed. 08 / 07 January 2011 29 TG0028

OmniPCX Enterprise
COMMANDS
3.27. routeshow (routeshow)
The ’routeshow’ function allows to display the current routing information contained in the routing
table. (available in release 3 or more)
• function definition
routeshow
a. example
routeshow
000-00:00:57.660 PCD : ROUTE NET TABLE
000-00:00:57.660 PCD : destination gateway flags Refcnt Use Interface
000-00:00:57.660 PCD : --------------------------------------------------------------
---
000-00:00:57.660 PCD : 0.0.0.0 172.26.176.8 0x0003 1 0 bcm0
000-00:00:57.660 PCD : 172.26.176.0 172.26.176.40 0x0101 1 0 bcm0
000-00:00:57.660 PCD : --------------------------------------------------------------
---
000-00:00:57.660 PCD : ROUTE HOST TABLE
000-00:00:57.660 PCD : destination gateway flags Refcnt Use Interface
000-00:00:57.660 PCD : --------------------------------------------------------------
---
000-00:00:57.660 PCD : 127.0.0.1 127.0.0.1 0x0005 0 0 lo0
000-00:00:57.660 PCD : 172.26.163.79 172.26.176.8 0x0007 1 27 bcm0
000-00:00:00.660 PCD : --------------------------------------------------------------
---
#routeShow#
routeShow OK
• “Flags” field legend (logical AND):

0x1 /* route usable */
0x2 /* destination is a gateway */
0x4 /* host entry (net otherwise) */
0x8 /* host or net unreachable */
0x10 /* created dynamically (by redirect) */
0x20 /* modified dynamically (by redirect) */
0x40 /* message confirmed */
0x80 /* subnet mask present */
0x100 /* generate new routes on use */
0x200 /* external daemon resolves name */
0x400 /* generated by ARP or ESIS */
0x800 /* manually added */
0x1000 /* just discard pkts (during updates) */
Ed. 08 / 07 January 2011 30 TG0028

OmniPCX Enterprise
COMMANDS
3.28. ifshow (ifshow)
the ’ifshow’ function allows to display the attached network interfaces for debugging and diagnostic
purposes (available in release 3).
ifshow
• example
ifshow
000-00:15:34.250 PCD : bcm (unit number 0):
000-00:15:34.250 PCD : Flags: (0x68043) UP BROADCAST MULTICAST ARP RUNNING INET_UP
000-00:15:34.250 PCD : Type: ETHERNET_CSMACD
000-00:15:34.250 PCD : inet: 172.26.176.40
000-00:15:34.250 PCD : Broadcast address: 172.26.176.127
000-00:15:34.250 PCD : Netmask 0xffff0000 Subnetmask 0xffffff80
000-00:15:34.250 PCD : Ethernet address is 00:80:9f:56:02:63
000-00:15:34.250 PCD : Metric is 0
000-00:15:34.250 PCD : Maximum Transfer Unit size is 1500
000-00:15:34.250 PCD : 0 octets received
000-00:15:34.250 PCD : 0 octets sent
000-00:15:34.250 PCD : 179 unicast packets received
000-00:15:34.250 PCD : 57 unicast packets sent
000-00:15:34.250 PCD : 0 non-unicast packets received
000-00:15:34.250 PCD : 2 non-unicast packets sent
000-00:15:34.250 PCD : 0 incoming packets discarded
000-00:15:34.250 PCD : 0 outgoing packets discarded
000-00:15:34.250 PCD : 0 incoming errors
000-00:15:34.250 PCD : 0 outgoing errors
000-00:15:34.250 PCD : 0 unknown protos
000-00:15:34.250 PCD : 0 collisions; 0 dropped
000-00:15:34.250 PCD : 0 output queue drops
#ifShow#
ifShow OK
Ed. 08 / 07 January 2011 31 TG0028

OmniPCX Enterprise
COMMANDS
3.29. Syslog thought network (netlog)
The ‘netlog’ function allows to configure an network syslog server on which the debug flux will be
send. It also allows to set the debug flux level and enable or disable the debug link. (available in
release 4 or more)
• Function definition
netlog [<live|boot>_<disable|enable> | <list|save|dump>_config| {server <addr>} | {config
<n>} | {uptime <minutes>} | {dump_config <n>}]
• Possible return value
Ed. 08 / 07 January 2011 32 TG0028

OmniPCX Enterprise
COMMANDS
• Remark:
a. the running parameters indicates if the external syslog redirection is currently active
b. the service parameters indicates if the external syslog redirection will start after next
reset
c. the syslog redirection will last for the programmed timeout duration. Maximum
timeout value is 23040 seconds.
d. When the service is activated, if the phone resets before the time left reach 0, the
syslog redirection will restart for the program timeout duration, else the syslog
redirection will not restart.
e. The live_<enable|disable> allows to activate the syslog redirection immediately.
f. The boot_<enable|disable> allows to activate the syslog redirection at next restart of
the phone
Ed. 08 / 07 January 2011 33 TG0028

OmniPCX Enterprise
COMMANDS
3.29.1. Exemple
How to easily(?) configure the netlog service running on NOE terminals:
1. First enter the IP address of the syslog server from client site
netlog server <addr>
2. Enter the desired duration for the netlog service in minutes

(by default it is set to 23040min = 16 days)
netlog uptime <x>
3. Then, you might want to set up the level of the debug traces sent to the
syslog server.
a. netlog list_config
This command gives you the different choices you have:
CONFIG_CURRENT = 1,
CONFIG_VERBOSE = 2,
CONFIG_FLASHED = 3,
CONFIG_UA_ONLY = 4,
CONFIG_TRACE_INIT = 5,
b. netlog dump_config <config number>
This command prints the debug levels associated to the config number
entered.
c. netlog config <n>
The desired config number is then saved in flash. Levels

modification and flux redirections will be done, as soon as the
service is started.
Some additional info about netlog CONFIGS:
Config VERBOSE sets every flux to verbose level.

Config UA_ONLY sets UA_MSG flux to debug level, other flux are
disabled.
Config TRACE_INIT sets TFTP and INIT flux to debug level, other flux
are set to normal.
Config CURRENT uses the levels printed by 'level' command (ie debug
level currently running on the set). With this configuration, levels
can be modify manually on a per flux basis through 'level' command.
To avoid to loose specific CURRENT levels after a reset, it is
possible to save them in flash using:
netlog save_config command.
The config FLASHED must then be used to restore netlog redirections
saved in flash at each initialization of the service.
4. Now we can start the service immediately

netlog live_enable
Ed. 08 / 07 January 2011 34 TG0028

OmniPCX Enterprise
COMMANDS
Enable the service on the set. If the phone resets the service is
automatically stopped.
5. It is also possible to ask for the activation of the netlog after each
reboot of the terminal.
netlog boot_enable
If the phone resets before the end of the timeout, the syslog redirection
will restart for the programmed timeout duration. When the timeout is
reached the service is automatically stopped.
6. To stop the service, following commands may be called:
netlog live_disable
netlog boot_disable
Ed. 08 / 07 January 2011 35 TG0028

OmniPCX Enterprise
COMMANDS
Ed. 08 / 07 January 2011 36 TG0028

OmniPCX Enterprise
COMMANDS
3.30. Port mirroring (mirror)
The ’mirror’ function allows to get the actual ports mirroring state and to set the mirroring state on
these ports (copy port traffic towards PC port). (available in release 2 or more)
mirror [set lan | smp | idle ]
Applicable on IP terminals only (Not available on Z phone)
Remark:
The switch behavior must be such that the frames are mirrored with the tag unchanged,
unless the software has enabled the VLAN remove/replace bits in the Configuration
Register. The settings in the VLAN Configuration Register control how tagged and non-
tagged frames are handled.
To mirror all frames as they are received without modifying any tags, the switch should not
be enabling bits in these registers or the 802_1PQ_Enable bit. Mirrored frames will be
copied without any tag modifications provided the software is not setting the bits in the
VLAN Configuration Register. Therefore, no special modifications to the software need to
be made to mirror frames just as they arrive.
In that case, the traffic mirrored on PC port (from LAN or SMP) is exactly the same as the
one received.
Caution:
The PC port is still participating in the bridging while the mirroring feature is set. Some
traffic received on PC port will be received twice and may need to be filtered in the
application on the PC/probe sets on that port for trace.
This is true only to the packets that have not been learned by the ARL (Address Resolution
Logic) table yet. Only these packets will be flooded to both the SMP and PC port.
Therefore, only these unlearned packets will be received twice - one from flooding and the
other from mirroring.
Restriction:
The port mirroring feature is incompatible with the PC port security feature. Consequently,
when the PC port security is active, the mirror command which activates the port mirroring
feature is not usable, and an error message is issued when this command is used.
Ed. 08 / 07 January 2011 37 TG0028

OmniPCX Enterprise
COMMANDS
Management:
It is possible to activate a port mirroring between the LAN port and the PC port on the IP
Touch.
In this way all information coming on the LAN port will be forwarded to PC port.
Procedure to activate the mirroring between the two ports:
By default and after a reset, the phone refuses telnet connections.

It is possible to enable the telnet for a given time:
ippstat telnet d 77116 t 10 (to enable telnet on 77116 set for 10 minutes)
ippstat d 77116 (in order to read phone information (including its IP address))
telnet 172.25.34.240 (use the IP address of the phone you read from the previous
command)
Since R8.0, the mirroring PC port is not activated by default. It is necessary to modify some
parameters on the OmniPCX Enterprise system:
Alcatel 8&9 Series > Alcatel 8&9 classe of service > Phone COS
Set the State PC Port parameter to Enable Port.
NoePhone > mirror set lan (to activate the mirroring; the configuration will be lost if
IP Touch reboots).
NoePhone > mirror set idle (to disable the mirroring).
WARNING: The phone has to be in service.
Ed. 08 / 07 January 2011 38 TG0028

OmniPCX Enterprise
COMMANDS
3.31. Dos attack report (dos)
The dos function could return a summary with the different attacks detected since the last reset. It
show too the different thresholds for DOS protection activation.
dos [summary]
Ed. 08 / 07 January 2011 39 TG0028

OmniPCX Enterprise
COMMANDS
4. BLUETOOTH MANAGEMENT
4.1. Software Version (bthid)
The ’bthid’ function allows to get the bluetooth handset software version
bthid
4.2. Bluetooth phone address (btaddr)
The ’btaddr’ function allows to get the local bluetooth address

btaddr
4.3. Bluetooth device state (btstate)
The ’btstate’ function allows to get the bluetooth handset and headset state
btstate handset|headset [logical|link|range]
Ed. 08 / 07 January 2011 40 TG0028

OmniPCX Enterprise
COMMANDS
5. THALES VOIP SECURITY MANAGEMENT

The commands described in this section are available from release 3 only.
5.1. Terminal security state (thalsec)
The ’thalsec’ command allows to get/reset security parameters related to the Thales security
feature.
thalsec show | keys | padck | { reset bypass|full }
The “padck” option returns Correct if the padding value is correct for this terminal.
** The “thalsec reset bypass” causes the terminal to return to bypass mode without deleting the
PSKp possibly installed. This has the same effect as receiving a lanpbx file indicating BYPASS
security mode.
*** The “thalsec reset full” restores the factory security settings, i.e. the terminal returns to BYPASS
mode and the PSKp is removed. This has the same effect as restoring defaults from the MMI.
This command is applicable only for IP terminals, in full version.
Ed. 08 / 07 January 2011 41 TG0028

OmniPCX Enterprise
COMMANDS
5.2. IPsec protocol state (ipsec)
The ’ipsec’ command allows to display the IPsec Security Policy and Security Associations
databases, often referred to as SPD and SADB respectively.
• Function Definition
ipsec spdshow | ikep1 | ikep2 | sadbdump
• Possible return values
This command is applicable only for IP terminals, in full version.
• Examples
’ipsec spdshow’ displays the IPsec SPD:
SPD
INBOUND
Proto Destination Port/ Source Port/
Destination Address Source Address Mode
------------------------------------------------------------------
UDP 1024 ANY BYPASS
172.25.40.172 172.25.40.173
UDP 500 500 BYPASS
172.25.40.172 172.25.40.173
ANY 172.25.40.172 172.25.40.173 TRANSPORT
UDP 500 500 BYPASS
172.25.40.172 0.0.0.0/0
50 172.25.40.172 0.0.0.0/0 BYPASS
51 172.25.40.172 0.0.0.0/0 BYPASS
UDP 68 ANY BYPASS
0.0.0.0/0 0.0.0.0/0
OUTBOUND
Proto Destination Port/ Source Port/
Destination Address Source Address Mode
-------------------------------------------------------------------
UDP ANY 1024 BYPASS
172.25.40.173 172.25.40.172
UDP 500 500 BYPASS
172.25.40.173 172.25.40.172
ANY 172.25.40.173 172.25.40.172 TRANSPORT
UDP 500 500 BYPASS
0.0.0.0/0 172.25.40.172
50 0.0.0.0/0 172.25.40.172 BYPASS
51 0.0.0.0/0 172.25.40.172 BYPASS
UDP 67 ANY BYPASS
0.0.0.0/0 0.0.0.0/0
Ed. 08 / 07 January 2011 42 TG0028

OmniPCX Enterprise
COMMANDS
6. PC port management
6.1. PC port management (pcport)
The ‘pcport’ function allows to get the current PC port security status and the state stored for the
next startup.
pcport
status = off or blocking or voice vlan filtering

The PC port command is incompatible with the port mirroring feature. Consequently, when the PC
port security is active, the mirror command is disable.
The PC port is not available on Z phone model.
7. 802.1x AUTHENTICATION
7.1. 802.1x authentication (dot1x)
The ‘dot1x’ function allows to get the current 802.1x configuration and status. This command is
available since the Release 6.
dot1x
• The “MAC Addr” information is only displayed if the “MAC Use” is set to “ON”. MAC
address is expressed in hexadecimal (6 digits).
Ed. 08 / 07 January 2011 43 TG0028

OmniPCX Enterprise
COMMANDS
Ed. 08 / 07 January 2011 44 TG0028

OmniPCX Enterprise
IP TOUCH ISSUES IP TOUCH RESET CAUSE
IP TOUCH RESET CAUSE
When the terminal must be reset (software anomaly or call server request), the reset cause is logged
in flash memory (date + message).
During the reset phase, the internal switch becomes not operational during 3 s.
The cause of the reset of an IP Touch can be obtained via the embedded command "defence " (see
Appendix 4).
The table below gives the different causes:
TG0028 1 Ed. 08 / 07 January 2011

OmniPCX Enterprise
IP TOUCH ISSUES IP TOUCH RESET CAUSE
Hereafter, an example of result of the command "defence 99" which shows two cases of reset.
An other example, in case of reset because of duplicated IP address
The cause of reset is also reported in the system incident 426 at OXE level.
Example:
03/03/05 23:05:50 000001M|00/00/0/000|=4:0426=NOE terminal reset
13,(0,0),00:80:9f:56:74:b8:00,
TG0028 2 Ed. 08 / 07 January 2011

OmniPCX Enterprise
IP TOUCH ISSUES SNIFFER TRACES
SNIFFER TRACES
WireShark (New name for Ethereal) is an open source IP network sniffer and protocol analyzer.
It is available at http://www.wireshark.org/ for free download.
Normally an IP Sniffer trace is done behind a Hub (or tap) to capture all the traffic from OXE to the
IP Touch, or thanks to mirroring on the Switch.
With the IP Touch, there is a third solution using the mirroring feature of the internal IP Touch Switch
Trace with a Hub Trace with Switch Mirroring Trace with IP Touch Mirroring
After authorization of IP Touch telnet function, the ’mirror’ function allows to get the actual ports
mirroring state and to set the mirroring state on these ports (copy port traffic towards PC port)
(available in release 2 or more).
syntax: mirror [set lan | smp | idle ]
The switch behavior will be such that the frames are mirrored with the tag unchanged.
The PC port is still participating in the bridging while the mirroring feature is set. Some traffic
received on PC port will be received twice and may need to be filtered in the application on
the PC/probe sets on that port for trace. This is true only to the packets that have not been
learned by the ARL (Address Resolution Logic) table yet.
TG0028 1 Ed. 08 / 07 January 2011

OmniPCX Enterprise
IP TOUCH ISSUES SNIFFER TRACES
TG0028 2 Ed. 08 / 07 January 2011

Tg0028-Ed.08 Ip Touch Issues - en

Încărcat de

Informații document

Titlu original

Drepturi de autor

Formate disponibile

Partajați acest document

Partajați sau inserați document

Opțiuni de partajare

Vi se pare util acest document?

Este necorespunzător acest conținut?

Drepturi de autor:

Formate disponibile

Tg0028-Ed.08 Ip Touch Issues - en

Încărcat de

Drepturi de autor:

Formate disponibile

TROUBLESHOOTING GUIDE No. TG0028 Ed.

OmniPCX Enterprise Nb of pages : 144 Date : 07 January 2011

SUBJECT : IP TOUCH ISSUES

4. ABBREVIATIONS AND NOTATIONS .............................................8

5. SIGNALING LINK BOARD.............................................................9

6. IP-TOUCH GLOBAL MECHANISM...............................................13

7. DESCRIPTION OF THE IP-TOUCH INITIALIZATION PHASES........15

8. IP-TOUCH AND IP PHONE INITIALIZATION AND DOWNLOAD TEST

11. TROUBLESHOOTING IP-TOUCH ISSUES.....................................45

12. FREQUENTLY ASKED QUESTIONS..............................................48

13. BEFORE CALLING ALCATEL’S SUPPORT CENTER ........................61

APPENDIX 1 - STATUS OF THE IP LINK

APPENDIX 2 - ERROR MESSAGES IN STARTING PHASE

APPENDIX 3 - ADD ON MODULE

APPENDIX 4 - EMBEDDED IP-TOUCH SERVICE COMMANDS

APPENDIX 5 - IP-TOUCH RESET CAUSE

APPENDIX 6 - SNIFFER TRACES

1.2. IP-Touch Version

IP-Touch Release Binary Version (Export) Binary Version

Ed. 08 / 07 January 2011 5 TG0028

TG0028 6 Ed. 08 / 07 January 2011

♦ TC0768: IP Phones sets don’t start on a secured system

Ed. 08 / 07 January 2011 7 TG0028

4. ABBREVIATIONS AND NOTATIONS

TG0028 8 Ed. 08 / 07 January 2011

5. SIGNALING LINK BOARD

5.2. From Release R7.0

5.3. Up to Release R7.0

Ed. 08 / 07 January 2011 9 TG0028

5.3.2. Signaling board search mechanism

TG0028 10 Ed. 08 / 07 January 2011

INTIPA GD (3)(4) GA (3)(4)

X domain •(5) •(2) •(1)

X domain •(5) •(2) •(1)

Ed. 08 / 07 January 2011 11 TG0028

System -> Other System Parameter -> System Parameters

TG0028 12 Ed. 08 / 07 January 2011

6. IP-TOUCH GLOBAL MECHANISM

6.2. Overview of IP-Touch phases

6.3. Spatial redundancy

Ed. 08 / 07 January 2011 13 TG0028

6.5. Running phase

TG0028 14 Ed. 08 / 07 January 2011

7. DESCRIPTION OF THE IP-TOUCH INITIALIZATION PHASES

7.1. Special modes

Ed. 08 / 07 January 2011 15 TG0028

7.2. Step 1: Network initialization

TG0028 16 Ed. 08 / 07 January 2011

7.3. Step 2: IP parameters acquisition and checking

Ed. 08 / 07 January 2011 17 TG0028

7.3.2. Acquisition in survivability mode

7.3.3. DHCP mechanism

7.3.3.1. DHCP discover message processing

As soon as a response is received (DHCPOFFER message), the terminal stops sending

TG0028 18 Ed. 08 / 07 January 2011

7.3.4. DHCP Offer Message Processing

7.3.4.1. DHCP Request message processing

7.3.4.2. DHCP Ack message processing

7.3.4.4. Standards conformance

Ed. 08 / 07 January 2011 19 TG0028

7.3.5. AVA feature

TG0028 20 Ed. 08 / 07 January 2011

7.3.5.2. Procedure example

VERSION: Protocol version, current version is 1.