Data and Voice VLANs
All data devices typically reside on data VLANs in the traditional switched scenario. You might need a separate voice VLAN when you combine the voice network into the data network. Although you can think of it as a voice VLAN, in the future, other types of nondata devices will reside in the voice VLAN.
Note
The Cisco Catalyst software (CatOS) refers to this new voice VLAN as the auxiliary VLAN for configuration purposes.
The placement of nondata devices (such as IP Phones) in a voice VLAN makes it easier for customers to automate the process of deploying IP Phones. IP Phones will boot and reside in the voice VLAN if you configure the switch to support them, just as data devices boot and reside in the access (data) VLAN. The IP Phone communicates with the switch via Cisco Discovery Protocol when it powers up. The switch provides the telephone with the appropriate VLAN ID.
Note
Although a voice VLAN is not required, it is encouraged by Cisco to isolate voice traffic for QoS and security purposes. It might also be impossible to put more devices on the existing data VLAN due to address space depletion in the data subnet DHCP scope, in which case, the voice VLAN becomes imperative.
Administrators can implement multiple VLANs on the same port by configuring trunk port. A tagging mechanism must exist to distinguish among VLANs on the same port. 802.1Q is the IEEE standard for tagging frames with a VLAN ID number. The IP Phone sends tagged 802.1Q frames. The PC sends untagged frames and the switch adds the access VLAN tag before forwarding toward the network. When the switch receives a frame from the network destined for the PC, it removes the access VLAN tag before forwarding the frame to the PC.
There are some advantages in implementing dual VLANs:
- This solution allows for scalability of the network from an addressing perspective. IP subnets usually have more than 50 percent (often more than 80 percent) of their IP addresses allocated. A separate VLAN (separate IP subnet) to carry the voice traffic allows you to introduce a large number of new devices, such as IP Phones, into the network without extensive modifications to the IP addressing scheme.
- This solution allows for the logical separation of data and voice traffic, which have different characteristics. This separation allows the network to handle these two traffic types individually.
- This solution allows you to connect two devices to the switch using only one physical port and one Ethernet cable between the wiring closet and the IP Phone or PC location.
Configuring and Verifying Dual VLANs Using the CatOS
Configure auxiliary VLAN ports in Cisco Catalyst software 5.5 and later using the set port auxiliaryvlan command to configure the auxiliary VLAN ports:
set port auxiliaryvlan [mod/port] {vlan | untagged | dot1p | none}
Table 8-3 provides a brief description of the syntax.
|
Syntax |
Description |
|---|---|
|
[mod/port] |
Number of the module and (optional) ports |
|
vlan |
Number of the VLAN; valid values are from 1 to 1000 |
|
untagged |
Keyword to specify that the IP Phone 7960 sends untagged packets without 802.1p priority |
|
dot1p |
Keyword to specify that the IP Phone 7960 sends packets with 802.1p priority |
|
none |
Keyword to turn off auxiliary VLAN tagging |
For example, if you want to configure a 6500 switch using the CatOS with a voice VLAN of 222 for all 48 ports on Module 7, you can use the command in Example 8-1.
Example 8-1. Auxiliary VLAN configuration (CatOS)
|
CatOS>(enable) set port auxiliaryvlan 7/1-48 222 Auxiliaryvlan 222 configuration successful. AuxiliaryVlan AuxVlanStatus Mod/Ports ------------- ------------- ---------------------- 222 active 7/1-48 |
You can check the status of the auxiliary VLAN on a port or module in one of two ways:
- Use the show port auxiliaryvlan vlan-id command to show the status of that auxiliary VLAN and the module and ports where it is active.
- Use the show port [module[/port]] command to show the module, port, and the auxiliary VLAN and the status of the port.
Configuring and Verifying Dual VLANs Using the NativeOS
Use the commands in Example 8-2 to configure voice and data VLANs on the single-port interface of a switch that is running native Cisco IOS software. These commands apply the same functionality as setting a port to use an auxiliary VLAN on a Cisco Catalyst switch that is running Cisco Catalyst software.
Example 8-2. Voice VLAN configuration (NativeIOS)
|
NativeIOS(config)#interface FastEthernet0/1 NativeIOS(config-if)#switchport mode access NativeIOS(config-if)#switchport voice vlan 261 NativeIOS(config-if)#switchport access vlan 262 NativeIOS(config-if)#spanning-tree portfast |
Table 8-4 provides a brief description of these commands.
|
Command |
Description |
|---|---|
|
switchport mode access |
Configures the switchport to be an access (nontrunking) port. |
|
switchport voice vlan voice-VLAN_ID |
Configures the switchport with the voice VLAN (261 in this example) to be used for voice traffic. The range is 1 to 4094. |
|
switchport access vlan data_VLAN_ID |
Configures the interface as a static access port with the access VLAN ID (262 in this example); the range is 1 to 4094. |
|
spanning-tree portfast |
Causes a port to enter the spanning-tree forwarding state immediately, bypassing the listening and learning states. You can use PortFast on switch ports that are connected to a single workstation or server (as opposed to another switch or network device) to allow those devices to connect to the network immediately. |
You can verify your voice VLAN configuration on the Cisco Catalyst switches that are running native Cisco IOS software by using the show interfaces mod/port switchport command, as displayed in Example 8-3.
Example 8-3. Voice VLAN Verification (NativeIOS)
|
NativeIOS#show interfaces fa0/4 switchport Name: Fa0/4 Switchport: Enabled Administrative Mode: static access Operational Mode: static access Administrative Trunking Encapsulation: negotiate Operational Trunking Encapsulation: native Negotiation of Trunking: Off Access Mode VLAN: 262 (VLAN0262) Trunking Native Mode VLAN: 1 (default) Voice VLAN: 261 (VLAN0261) |
Configuring Class of Service
|