Confusion about voice vlan

April 27, 2013 6 Comments


Confusion about voice vlan !! ???

The main reason why I decide to create posts like this one despite the fact that there are millions if not more similar posts, explanations and websites out there on the internet is mainly because I simply enjoy gathering all relevant information from various sources then combine it all into a single unit so we do not have to jump from one website to another in order to find whatever we’re after, this relates to Cisco and Cisco only of course 🙂

This set up is most definitely how it all looks like in your office environment, go ahead and first check and see how your PC connects with your desk phone then from the phone trace the cable which most likely connects to RJ45 floor port which most likely is located under your desk then it all goes through the walls of your company all the way back to your Company’s Comms Room (Data Centre) where it connects into a patch panel in one of the network cabinets and from there directly to L2 switch which then goes to your business’s L3 Core switches, routers,firewalls etc …

voice

 

I have spent really long hours on this one, especially the one that involves  802.1p tag

I have been looking into this like a madman and must admit that Voice combined with QOS is not the easiest to understand.

The reason why it takes so long top prepare for the LAB is because you never know what Cisco is going to ask you to configure or troubleshoot and this is because we need to know and understand it all !!

The upstream switch communicates with the Cisco IP phone using CDP to set up an interconnection link that allows the Cisco IP phone to send VoIP packets on its uplink port back to the switch, either in the VoIP VLAN or in the data VLAN

So there are 4 modes to set up a switch port you expect to plug a phone into (Interface Ethernet 4/0 connects to the phone)

===============================================================================
===============================================================================
1. First you can just use a regular access port. In this mode, both the phone traffic and pc data both land on the same access vlan and there is no way to distinguish between the two. Two things to note, because the traffic will use the same vlan then you have a security risk as well as having no ability to provide QOS priority to only the phone. Any QOS is applied to ALL traffic coming in that switch port.

Rack5SW2(config)#int ethernet 4/0
Rack5SW2(config-if)#switchport mode access
Rack5SW2(config-if)#switchport access vlan 79

or

Rack5SW2(config)#int ethernet 4/0
Rack5SW2(config-if)#switchport mode access
Rack5SW2(config-if)#switchport voice vlan none

 

 

 

 

===============================================================================
===============================================================================
2. Now we see the special 802.1Q trunk where CDP is required. The second mode is referred to as “untagged”. Now cisco doesn’t use the term untagged too often but when you create a dot1Q trunk, every packet entering the switch needs to have a vlan tag to specify what vlan number it belongs to. Any packets entering the trunk port without a vlan tag, is dumped into the untagged vlan, or as cisco calls it a native vlan.
By default this is vlan 1, so you probably need to specify a untagged vlan for this method.

Rack5SW2(config)#int ethernet 4/0
Rack5SW2(config-if)#switchport trunk encapsulation dot1q
Rack5SW2(config-if)#switchport mode trunk
Rack5SW2(config-if)#switchport trunk native vlan 146
Rack5SW2(config-if)#switchport trunk allowed vlan 79,146 (This is optional and Vlan 79 is for data)
Rack5SW2(config-if)#switchport voice vlan untagged

 

 

 

 

===============================================================================
===============================================================================
3. Third we have the dot1p mode. In this mode just like in the first method but this time you gain the qos abilities by adding 802.1p COS tag. The phone will actually tag it’s own voice traffic with vlan id equal to 0, and send it with a 802.1p priority of 5 by default. (call control gets a priority of 3). The benefit of this mode is that you get QOS abilities without needing a separate voice vlan created on your switches and routers. The PC traffic should be the default priority of 0 or best effort.

Rack5SW2(config)#int ethernet 4/0
Rack5SW2(config-if)#switchport mode access
Rack5SW2(config-if)#switchport access vlan 79
Rack5SW2(config-if)#switchport voice vlan dot1p

 

 

 

 

===============================================================================
===============================================================================
4. Fourth is the most common method the vlan-id option and it is most likely used in your office.
Create a vlan on your routers and switches that will be used just for phones. The phone will now send voice packets tagged with your voice vlan ID to the switch, with Layer 3 IP precedence and Layer 2 CoS values, which are both set to 5 by default, while the data packets are sent along untagged to the access vlan.

Rack5SW2(config)#int ethernet 4/0
Rack5SW2(config-if)#switchport mode access
Rack5SW2(config-if)#switchport access vlan 79
Rack5SW2(config-if)#switchport voice vlan 146

Note that spanning-tree portfast is automatically enabled as soon as “switchport voice vlan ID” is applied

 

 

 

 

 

Now log on to few access switches in your company and check switchports configuration and compare with all above examples also if and ONLY if you have an opportunity and you’re convinced you will not affect any of your business daily operations go ahead and lab it up , I guess for that you could use your own office desk phone just to minimise risk , well I’ll leave it for you to decide 🙂

If  have come across any other switchport configuration for Voice and Data please go ahead and post a comment so we can all learn from one another.
Enjoy !

Tom

 

 

 

 

 

 

 

 

 

 

 

 

 

Filed under QOS

Older posts