Voice VLAN

Thank you so much for replying!

If I wanted to have a phone connected a switch and wanted to use the command:

switchport voice vlan dot1p

I understand this command is for the switch and not the phone. If this is applied on a switch interface, how would the phone send the ethernet frame with 802.1q tag with a VLAN 0 and some priority bits set up in the PCP section? Are there commands that are put on to the phone directly? Because I’m only aware of the commands that I mentioned previously that go on to a switch and not a phone.

Thank you!

Hello Grant

In the case of a Cisco IP phone with a Cisco switch, when you configure the command switchport voice vlan 10 for example, the switch and the phone will use CDP to communicate to obtain the information they need to function. Under such circumstances, a phone will send it’s voice frames with a VLAN tag of 10 (info that has been received using CDP), and any frames received from a connected PC would be sent without a tag, and the switch would interpret them as frames on the access VLAN configured on the switchport.

In the event that you use the switchport voice vlan dot1p command, the switch will tell the phone using CDP of this configuration. The phone will then send all voice frames tagged but with a VLAN of 0, and send all data traffic from any connected PC without a tag. The result is that the switch will place both voice and data frames on the access VLAN configured on the port, but will retain the QoS info in the tag for the voice frame, and use it accordingly.

Now if you’re not using a Cisco phone, then you don’t have the benefit of CDP, so you will then have to manually configure the phone to use the appropriate VLAN tag for voice, for both of the above scenarios.

I hope this has been helpful!

Laz

Thank you so much Lazaros for explaining!!

Hello Team,

I made a setup on l3 switch with the same VLAN for voice and data. When I test the PC is working fine but the phone can not register.

interface GigabitEthernet0/1
description Workstation
switchport access vlan 55
switchport mode access
switchport voice vlan 55
load-interval 30
spanning-tree portfast

I can not figure this out, do I maybe miss some configuration? On this VLAN SVI I’m using DHCP helper address.
Thank you in advance.

BR

Hello Milan

First of all, the best practice is to have a different voice VLAN and a different data VLAN. This way you can ensure that security features are in place that will not allow someone on the VLAN to eavesdrop on conversations, as well as being able to apply QoS features on the VLAN tag of the Voice VLAN such that proper priorities are being set.

Now having said that, it is possible to configure the switch as you have it in your post, even if it is not recommended. If the phone is not registering, then the problem is probably not the voice VLAN. For phone registration problems, take a look at the following:

1. Make sure the DHCP server is reachable from that VLAN
2. Make sure Option 150 on the DHCP server is configured and provides the correct TFTP server
3. Make sure the TFTP server is reachable from the voice VLAN.

I hope this has been helpful!

Laz

Hello,

If the data vlan traffic is untagged, how does the switch know in which vlan it belongs to?
I suppose it knows because the switchport is configured with the vlan 100, but does the data traffic get tagged once it arrives in the switchport?

Thanks,
Chris

Hello Christos

When you configure a port to be used with an IP phone and a workstation together, you configure it like so:

SW1(config)#interface GigabitEthernet 0/1
SW1(config-if)#switchport mode access
SW1(config-if)#switchport access vlan 100
SW1(config-if)#switchport voice vlan 101
SW1(config-if)#exit

Where VLAN 100 is the data VLAN, and VLAN 101 is the voice VLAN.

What does this tell the switch? Well, first notice that the mode is access. This means that we can expect untagged frames on this port. But what VLAN will these untagged frames be placed on? Well, the switchport access vlan 100 command tells us that untagged frames will be placed on VLAN 100.

So far, the configuration we’ve talked about is the same as that of any access port on a switch, as shown in this lesson.

All the magic happens with the next and final command of switchport voice vlan 101. This tells the switch that it can expect tagged frames with a VLAN tag of 101 on this port.

This behavior is similar to a trunk port that has been configured with a native VLAN. Take a look at this:

SW1(config)#interface GigabitEthernet 0/1
SW1(config-if)#switchport mode trunk
SW1(config-if)#switchport trunk allowed vlan 101
SW1(config-if)#switchport trunk native vlan 100
SW1(config-if)#exit

This configuration works exactly the same way as the voice VLAN configuration. Untagged frames are placed on the configured native VLAN of 100 while tagged frames with an ID of 101 are also accepted by the port.

So why do we use the voice VLAN configuration? Because it automatically configures additional parameters that are unique to IP phones, and in particular, to Cisco IP phones. It enables CDP communication between the switch and the phone that allows the devices to negotiate various parameters such as PoE and QoS. But fundamentally, the connectivity, VLANs, and tags work the same way for both configurations above.

I hope this has been helpful!

Laz

Hello,

I understand it now. Thanks again for the detailed explanation.

Chris

Hi Laz
If for some reason have to disable CDP. Does Voice VLAN still work?

Hello TE-EN LIN

CDP will inform the IP phone of the voice VLAN and will also let it know about the CoS values the phone should configure for its voice traffic. If you disable CDP, then you must manually configure the voice VLAN on the IP phone. It will still work, but you need to take that extra step of manual configuration on the IP phone.

If you’re using a non-Cisco phone that doesn’t speak CDP, then you will have to configure the voice VLAN on the phone anyway.

I hope this has been helpful!

Laz

Thanks Laz. You’re very kind.
May I ask how to configure if disable CDP or connect to Non-CISCO device.

Hello TE-EN LIN

That depends upon the manufacturer of the phone. Some phones have a web interface that you can connect to via their IP address where you can configure Voice VLAN and other parameters as well. Others allow you to make the change on the physical screen of the phone, either using a touchscreen or using specific menu keys. You’ll have to check out each manufacturer’s instruction manual.

For Cisco phones, most can be configured manually via the web interface, or the phone’s menus.

I hope this has been helpful!

Laz

What is the process if you’re adding a Voice VLAN on a router connected to a Switch interface? Would that config be under an interface of the router?

Hello Lewis

A voice VLAN can only be configured on a switch. Remember, it is used to separate the voice and data on a particular switchport. The voice is placed on a voice VLAN, which corresponds to a particular network segment or subnet, while the data is placed on a data VLAN, which also corresponds to another particular network segment or subnet.

A router may act as the default gateway for a particular voice VLAN to route its traffic to its destination, however, you don’t need any specialized VLAN configuration on the router for such scenarios.

In particular, keep in mind that the voice VLAN configuration should only be applied on switchports that connect to IP phones. It should never be applied to switchports connecting to routers or other switches. Does that make sense?

I hope this has been helpful!

Laz

Hi Rene,

You wrote:

Behind the scenes, we have a trunk between our switch and IP phone. The port on the IP phone that connects to the computer is an access port.

Then afterward you wrote during the configuration:

SW1(config)#interface GigabitEthernet 0/1
SW1(config-if)#switchport mode access
SW1(config-if)#switchport access vlan 100
SW1(config-if)#switchport voice vlan 101

Why mode access if you said we have a trunk?

Thank you

Hello Vladimir,

I understand the confusion. This is however how we configure an IP phone on a Cisco switch.

In reality (behind the scenes), it’s the same as a trunk because it’s using VLAN tagging to separate the data VLAN from the voice VLAN.

Rene

Hi Rene

thank you understood ,
you mean that the mode of the port is an access mode meaning does not do any tagging right?
but the port itself is: Operational Trunking Encapsulation: dot1q

Hello Vladimir

When you configure a port to function using a Voice VLAN, you configure it as an access port on a particular VLAN. If you then configure a voice VLAN on that port using the voice vlan X command (where X is the voice VLAN ID) then only those frames on VLAN X will be tagged when being sent on that port. The phone on the other end of the link will also operate in the same way, sending tagged traffic only on VLAN X and untagged traffic on the access VLAN configured.

The result is that the port itself is not a trunk, it is an access port, but Rene is saying that it is acting like a trunk, but only for the voice VLAN. You can see in the output of the show interface switchport command, that it says operational trunking encapsulation: native. This means that frames forwarded out of that specific port will not have any trunking header appended in them (i.e., the frames are untagged and are treated as if they are in a dot1q native vlan, hence the status of “native”).

So ultimately, the port is still considered an access port, but it functions as a trunk only for the voice VLAN. Does that make sense?

I hope this has been helpful!

Laz