RE: 3550 - Voice Trunks?

From: Marcus Jensen (marcus@pobox.com)
Date: Mon Jul 28 2003 - 03:18:16 GMT-3

Tim,

You are right, that is a mistake. I was up late last night, so errors were
highly possible. Let's start over.

Results this time were I could get all phones calling each other and all PCs
pinging each other with both options below. I think option 1 is the easier
since it doesn't require native vlan commands or dot1q commands.

Phone A and B each have PC connected to them. The PCs are in a different
subnet than the Phones. 3rd single PC on its on switchport in same subnet as
the other two PCs.
-------------------
Combination 1

sw1#show run int fast 0/19
Building configuration...
interface FastEthernet0/19 <----Phone A with PC connected to it. Phone B
port is identical.
 switchport access vlan 100 <---vlan for data
 switchport mode access
 switchport voice vlan 200 <-----tells phone to forward voice traffic
tagged dot1q vlan id 200
 no ip address
 spanning-tree portfast
end

sw1#show run int fast 0/5 <---single PC
Building configuration...
interface FastEthernet0/5
 description Port to single PC
 switchport access vlan 100
 switchport mode access
 no ip address
 spanning-tree portfast
end

        Both phones can call and pings work between all PCs.

-----------------------
Combination 2

sw1#show run int fast 0/19 <----Phone A with PC connected to it. Phone B
port is identical.
interface FastEthernet0/19
 switchport trunk encapsulation dot1q
 switchport trunk native vlan 100
 switchport mode trunk <---------------key command in this combination
 switchport voice vlan 200
 no ip address
 spanning-tree portfast
end

sw1#show run int fast 0/5 <----3rd PC
interface FastEthernet0/5
 description Port to single PC
 switchport access vlan 100
 switchport mode access
 no ip address
 spanning-tree portfast
end

        Both phones can call and pings work between all PCs.

------------

The effect of the command "encap dot1q" is not really important since voice
vlan already encaps dot1q. The difference lies in using "sw mode trunk" or
not. If you use it, then "native" vlan is used for data. If you don't use
it, then "access" vlan is used for data. And you MUST specify it. The
following would be wrong for example.

interface FastEthernet0/19
 switchport trunk native vlan 100 <------untagged data does NOT use this
vlan
 switchport voice vlan 200
 no ip address
 spanning-tree portfast
end

In the above example, both PCs off the phones can ping each other, so you
think it works. But, "sw mode trunk" is not specified so data relies on the
access vlan.

sw1#show int fast 0/19 sw | inc VLAN:
Access Mode VLAN: 1 (default) <--------this is the vlan it uses for
untagged data
Trunking Native Mode VLAN: 100 (Data100)
Voice VLAN: 200 (Voice200)
sw1#

The access vlan is 1, and since both ports default to this, it works for the
PCs off the phones. But, if we ping from the PC on int fast 0/5...

sw1#show int fast 0/5 sw | inc VLAN:
Access Mode VLAN: 100 (Data100) <------this is its vlan, ping won't work
Trunking Native Mode VLAN: 101 (Vlan101)
Voice VLAN: none (Inactive)
sw1#

r3#ping 150.1.1.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 150.1.1.1, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
r3#

Let's fix it.

sw1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
sw1(config)#int range fast 0/19 -20
sw1(config-if-range)#sw access vlan 100
sw1(config-if-range)#end
sw1#

        Now the ping should work.

r3#ping 150.1.1.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 150.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/8 ms
r3#

So, use the "show int fast 0/X switchport" command to verify the access port
for your voice vlan configs if you don't specify "sw mode trunk" and use to
to verify native vlan if you do specify sw mode trunk.

Marcus

> -----Original Message-----
> From: Timothy Snow [mailto:timsnow@cogeco.ca]
> Sent: Monday, July 28, 2003 2:17 AM
> To: marcus@pobox.com
> Subject: Re: 3550 - Voice Trunks?
>
>
> Excellent write up. That was great.
>
> The only one question that I have from that is the last
> testing. When you had
> the switch setup for dot1q trunk and the native was vlan 100
> and voice vlan 200
> for the phones. You weren't able to ping from the router
> that was just in a
> standalone data vlan of 100 and actually had to go make that
> port a "trunk" ?
> Wow, that doesn't seem right at all.
>
> Thanks for the work on that.
>
> Tim
> 3 days to go
>
>
> Marcus Jensen wrote:
>
> > Timothy,
> >
> > I don't think you need to use the the encap dot1q and
> native vlan commands
> > for setting voice vlans with IP phones. I see often configs
> with these extra
> > commands posted, but here is some testing I did without
> using native vlan or
> > encap dot1q commands.
> >
> > Two 7960 phones connected to 3550 set up for dhcp. Factory
> reset, config
> > erased.
> > 3 Hosts, 150.1.1.1/2/3. Two are connected to the phones,
> one is on its own
> > port on the switch.
> > Call manager set up as dhcp server as well connected to
> 3550 using different
> > subnet 192.168.0.254
> > (All PCs are routers with no ip routing)
> >
> > First, just the PCs configured for connectivity, no voice
> vlans, all static
> > access ports.
> >
> > ------sw1
> > en
> > vlan data
> > vtp server
> > vtp domain VTP
> > vlan 200 name PreferredVoice200
> > vlan 100 name PreferredData100
> > exit
> >
> > conf t
> >
> > int fast 0/5
> > description Port to single PC
> > sw mode access
> > sw access vlan 100
> > spann portfast
> >
> > int fast 0/19
> > description port to Phone A with PC off its Access Port
> > sw mode access
> > sw access vlan 100
> > spann portfast
> >
> > int fast 0/20
> > description Phone B with PC off its Access Port
> > sw mode access
> > sw access vlan 100
> > spann portfast
> > end
> > -----------------------
> > Power up phones. I look at the phones and they endlessely
> search for ip
> > address and won't resolve a vlan from the switch either in
> the network
> > settings. But the hosts all have connectivity. (I should
> mention that if I
> > put the dhcp server in the same vlan 100, then the phones
> would resolve an
> > address, but we're talking about separating the voice and
> data traffic into
> > different vlans here).
> >
> > r1#p 150.1.1.2
> > Type escape sequence to abort.
> > Sending 5, 100-byte ICMP Echos to 150.1.1.2, timeout is 2 seconds:
> > !!!!!
> >
> > r1#p 150.1.1.3
> > Type escape sequence to abort.
> > Sending 5, 100-byte ICMP Echos to 150.1.1.2, timeout is 2 seconds:
> > !!!!!
> > ----------------------
> > r2#p 150.1.1.1
> > Type escape sequence to abort.
> > Sending 5, 100-byte ICMP Echos to 150.1.1.1, timeout is 2 seconds:
> > !!!!!
> > r2#p 150.1.1.3
> > Type escape sequence to abort.
> > Sending 5, 100-byte ICMP Echos to 150.1.1.3, timeout is 2 seconds:
> > !!!!!
> >
> > -----------------
> > r3#p 150.1.1.1
> > Type escape sequence to abort.
> > Sending 5, 100-byte ICMP Echos to 150.1.1.1, timeout is 2 seconds:
> > !!!!!
> > Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4 ms
> > r3#p 150.1.1.2
> > Type escape sequence to abort.
> > Sending 5, 100-byte ICMP Echos to 150.1.1.2, timeout is 2 seconds:
> > !!!!!
> >
> > ------------
> > Now add in the voice vlans.
> >
> > conf t
> > int fast 0/19
> > description port to Phone A with PC off its Access Port
> > sw mode access
> > sw access vlan 100
> > sw voice vlan 200 <---only command added
> > spann portfast
> >
> > int fast 0/20
> > description Phone B with PC off its Access Port
> > sw mode access
> > sw access vlan 100
> > sw voice vlan 200 <---only command added
> > spann portfast
> >
> > int fast 0/4
> > description This is port to CALL Manager also acting as dhcp server
> > sw mode access
> > spann portfast
> > sw access vlan 200 <--needs access to the vlan 200 to
> control phones, but
> > call manager regular PC so access vlan, not voice vlan
> >
> > end
> >
> > -----------------
> > Before these config additions int fast 0/19, 0/20 were in
> access mode so any
> > encapsulated frames would have been dropped, but when we
> add the voice vlan
> > command, it does two things as far as I can tell. It tells
> the switch to
> > not drop vlan 200 tagged frames. And also tells the switch
> to instruct the
> > phone to send voice related packets (including dhcp
> requests for the phone)
> > encapsulated as dot1q tagged vlan 200. This also shows up
> as "operational
> > vlan id 200" in the network settings panel on the phone.
> >
> > At this point, the phones resolve an address from dhcp
> server, and register
> > themselves automatically with call manager. I can then make
> phone calls
> > between the phones, and still ping from any to any host.
> >
> > r1#p 150.1.1.3
> > Type escape sequence to abort.
> > Sending 5, 100-byte ICMP Echos to 150.1.1.2, timeout is 2 seconds:
> > !!!!!
> > ----------------------
> >
> > r2#p 150.1.1.3
> > Type escape sequence to abort.
> > Sending 5, 100-byte ICMP Echos to 150.1.1.3, timeout is 2 seconds:
> > !!!!!
> >
> > -----------------
> > r3#p 150.1.1.1
> > Type escape sequence to abort.
> > Sending 5, 100-byte ICMP Echos to 150.1.1.1, timeout is 2 seconds:
> > !!!!!
> >
> > Now test the dot1q config. If I erase the switch config and do this,
> >
> > conf t
> > default int fast 0/19
> > default int fast 0/20
> >
> > int range fast 0/19 -20
> > sw trunk encap dot1q
> > sw trunk native vlan 100
> > sw voice vlan 200
> > sw mode trunk
> > end
> >
> > Then I can still make calls just fine, and I can ping from
> the hosts on the
> > phones to each other, but the third host on its own access
> port is now not
> > accessible.
> >
> > r1#p 150.1.1.2
> > Type escape sequence to abort.
> > Sending 5, 100-byte ICMP Echos to 150.1.1.2, timeout is 2 seconds:
> > !!!!! <-------------ping to other phone's host
> > Success rate is 100 percent (5/5), round-trip min/avg/max = 4/5/8 ms
> > r1#p 150.1.1.3
> > Type escape sequence to abort.
> > Sending 5, 100-byte ICMP Echos to 150.1.1.3, timeout is 2 seconds:
> > ..... <------------------failed ping to single host on
> its own port
> >
> > If I do this now,
> >
> > conf t
> > default int fast 0/5
> > int fast 0/5
> > sw trunk encap dot1q
> > sw trunk native vlan 100
> > sw mode trunk
> > end
> >
> > Then a ping works, but kinda a clunky solution when working
> with just access
> > ports, probably just extra voice vlan command is the way to
> go I think.
> >
> > Marcus
> >
> > > -----Original Message-----
> > > From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On
> > > Behalf Of Timothy Snow
> > > Sent: Saturday, July 26, 2003 1:50 AM
> > > To: ccielab@groupstudy.com
> > > Subject: 3550 - Voice Trunks?
> > >
> > >
> > > I was wondering if anyone could explain the difference between the
> > > following two voice enabled ports. The require on this lab
> > > stated to do
> > > it this way, and it appears that my config matches the
> > > solution but I'm
> > > wondering if the interface fa0/11 would work as it's not
> defined as a
> > > trunk???
> > >
> > >
> > > interface FastEthernet0/11
> > > switchport access vlan 102
> > > switchport voice vlan 101
> > > switchport trunk encapsulation dot1q
> > > !
> > > interface FastEthernet0/12
> > > switchport trunk encapsulation dot1q
> > > switchport trunk native vlan 202
> > > switchport mode trunk
> > > switchport voice vlan 201
> > > !
> > >
> > >
> > > Tim
> > >
> > >
> > > ______________________________________________________________
> > > _________
> > > You are subscribed to the GroupStudy.com CCIE R&S
> Discussion Group.
> > >
> > > Subscription information may be found at:
> > > http://www.groupstudy.com/list/CCIELab.html

This archive was generated by hypermail 2.1.4 : Wed Aug 06 2003 - 06:52:55 GMT-3