Re: Voice Vlan
From: Ivan (ivan@iip.net)
Date: Sat Sep 30 2006 - 18:07:15 ART
let's CISCO hardware answer on this question
SW1(config)#interface fastEthernet 0/21
SW1(config-if)#macro apply cisco-phone $access_vlan 10 $voice_vlan 200
SW1#sh running-config interface fastEthernet 0/21
Building configuration...
Current configuration : 734 bytes
!
interface FastEthernet0/21
�switchport access vlan 10
�switchport mode access
�switchport voice vlan 200
�switchport port-security maximum 3
�switchport port-security
�switchport port-security aging time 2
�switchport port-security violation restrict
�switchport port-security aging type inactivity
�mls qos trust device cisco-phone
�mls qos trust cos
�macro description cisco-phone
�auto qos voip cisco-phone
�wrr-queue bandwidth 10 20 70 1
�wrr-queue min-reserve 1 5
�wrr-queue min-reserve 2 6
�wrr-queue min-reserve 3 7
�wrr-queue min-reserve 4 8
�wrr-queue cos-map 1 0 1
�wrr-queue cos-map 2 2 4
�wrr-queue cos-map 3 3 6 7
�wrr-queue cos-map 4 5
�priority-queue out
�spanning-tree portfast
�spanning-tree bpduguard enable
On Sunday 01 October 2006 00:43, Alexei Monastyrnyi wrote:
> a bit of confusion with dot1p priority tagging.. strange message pops up
> on my 3560 switch "M-2-VLAN_ADD: Failed to add VLAN 0 - VLAN not found".
>
> And this passage regarding VLAN 0 (from the document mentioned) I don't
> get.
>
> "Instruct the switch port to use 802.1P priority tagging for voice
> traffic and to use the default native VLAN (VLAN 0) to carry all traffic."
>
> "sh inter .... switchport" looks quite OK after the steps below, but the
> message...
>
> SW2(config)#in fa 0/8
> SW2(config-if)# switchport voice vlan dot1p
> % Voice VLAN does not exist. Creating vlan 0
> SW2(config-if)#
> 09:23:29: %PM-2-VLAN_ADD: Failed to add VLAN 0 - VLAN not found.
> SW2(config-if)#do sh run in fa 0/8
> Building configuration...
>
> Current configuration : 129 bytes
> !
> interface FastEthernet0/8
> switchport mode access
> switchport voice vlan dot1p
> mls qos trust cos
> spanning-tree portfast
> end
>
> SW2(config-if)#do sh ver | in image
> System image file is
> "flash:c3560-advipservicesk9-mz.122-25.SEE1/c3560-advipservicesk9-mz.122-25
>.SEE1.bin"
>
> A.
>
> DBehrens@logosinc.com wrote:
> > Jan,
> >
> > When Cisco says 'Dynamic Access Port' they DO NOT mean 'switchport mode
> > desirable'
> >
> > They are referring to Dynamic VLAN Membership, as in 'switchport access
> > vlan dynamic' using VMPS.
> >
> > Configuring your ports as 'switchport mode trunk' or 'switchport mode
> > desirable' will WORK, however Cisco does not support it. There is a
> > distinction in this case between the best practice and what will make it
> > work.
> >
> > On the LAB, I'm pretty sure we should configure 3550 ports like this:
> >
> > Switchport mode access
> > Switchport access vlan <datavlan>
> > Switchport voice vlan <voicevlan>
> > Spanning-tree portfast
> > <insert QoS commands>
> >
> >
> > (3550's are configured the same as 3560's. Here's the Config Guide that
> > shows IOS 12.1EA's Voice VLAN Feature)
> > http://www.cisco.com/en/US/products/hw/switches/ps646/products_configurat
> >ion_guide_chapter09186a00801cdf35.html
> >
> > Dennis
> >
> > ________________________________________
> > From: jan vdb [mailto:jvdbro@yahoo.com]
> > Sent: Saturday, September 30, 2006 1:11 PM
> > To: Dennis Behrens; deckland@gmail.com; magmax@bigpond.net.au
> > Cc: ccielab@groupstudy.com
> > Subject: Re: Voice Vlan
> >
> > Hello Dennis,
> >
> > If I read the config guide of the 3560 your indeed 100% right, though I
> > do not understand it very well since all our Cat3560 are configured as
> > Trunks to an IP-phone with a static dot1q trunk as described before.
> > This is what the config guide exactly mentions (voice VLAN is not
> > supported on trunk ports)!!!
> >
> > We run "flash:c3560-i9-mz.122-20.EX/c3560-i9-mz.122-20.EX.bin
> > interface FastEthernet0/3
> > switchport trunk encapsulation dot1q
> > switchport trunk native vlan 5
> > switchport trunk allowed vlan 5,64
> > switchport mode trunk
> > switchport voice vlan 64
> > srr-queue bandwidth share 10 10 60 20
> > srr-queue bandwidth shape 10 0 0 0
> > priority-queue out
> > no snmp trap link-status
> > mls qos trust device cisco-phone
> > mls qos trust cos
> > no mdix auto
> > auto qos voip cisco-phone
> > spanning-tree portfast trunk
> >
> > If I look into the config guide of a 3550, they mention
> > Voice VLAN ports can also be these port types:
> > -Dynamic access port.
> > - Secure ports
> > - IEEE dot1x ports.
> >
> > So for the EXAM I propose to configure it on dynamic port to be sure.
> >
> > CU,
> >
> > Jan
> >
> >
> > DBehrens@logosinc.com wrote:
> > All,
> >
> > This is an interesting topic. Cisco suggests that Radoslav is correct
> > for 3550's, 3560's, 3750's, etc. You are NOT supposed to make the port
> > a TRUNK. Refer to this document:
> >
> > http://www.cisco.com/en/US/products/hw/switches/ps5528/products_configur
> > ation_guide_chapter09186a00805b57d7.html
> >
> > However, you NEED to make it a trunk if you want a separate voice vlan
> > when using a 3500XL. I don't have that document handy, but it's
> > definitely in the config guide as a pre-requisite for configuring Voice
> > VLAN on a 3500XL. This is the same for some other switches, such as
> > NM-16ESW modules.
> >
> > Both methods will work on the 3550's, 3560's, 3750's, etc if you
> > configure it that way. I believe Cisco probably changed the best
> > practice in order to limit the STP and VTP traffic sent to each phone.
> > Security is also a concern because a trunk port can allow access to
> > other VLANS. (These can be mitigated by using 'switchport trunk allowed
> > vlans', but that line can be easily forgotten). Can anyone verify the
> > merit of this? Are there any other valid reasons why this change was
> > made?
> >
> > Dennis Behrens
> >
> > -----Original Message-----
> > From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
> > jan vdb
> > Sent: Saturday, September 30, 2006 9:04 AM
> > To: Radoslav Vasilev; Magmax
> > Cc: ccielab@groupstudy.com
> > Subject: [SPAM] - Re: Voice Vlan - Email has different SMTP TO: and MIME
> > TO: fields in the email addresses
> >
> > Hello,
> >
> > I think both methods are OK.
> > Forced or dynamic trunk, it won't matter as long as it is a trunk.
> >
> > This is an example of a live VOIP network where we configured it via
> > "forced" trunks!!
> > Example
> > interface GigabitEthernet1/0/1
> > switchport trunk encapsulation dot1q (Trunking encap method)
> > switchport trunk native vlan 37 (Your data Vlan as native (when
> > port stop to trunk)
> > switchport trunk allowed vlan 37,64 (Vlan's allowed on
> > your trunk)
> > switchport mode trunk (Forced the port
> > to TRUNK)
> > switchport voice vlan 64 (Your VOICE Vlan
> > => No need for Dot1p)
> > srr-queue bandwidth share 10 10 60 20 (Cat4k Q'ing)
> > srr-queue bandwidth shape 10 0 0 0
> > queue-set 2
> > priority-queue out
> > no snmp trap link-status
> > mls qos trust device cisco-phone
> > mls qos trust cos
> > no mdix auto
> > auto qos voip cisco-phone
> > spanning-tree portfast trunk
> >
> > First method is also OK since the port is by default dynamic desirable
> > and it will be negotiated to trunk via the switch in the IP-Phone.
> >
> > You only need dot1p if you phone uses Dot1p priority tags.
> > switchport voive vlan dot1p (Packets are transported in vlan0).
> >
> > Regards,
> >
> > Jan
> >
> >
> > Radoslav Vasilev wrote:
> > Hi,
> >
> > The second one is incorrect.
> >
> > The Voice VLAN feature can be configured on static access or dynamic
> > access ports.
> > Therefor configuring the port as dot1q is an incorrect. Now, once we
> > agree that the physical swtich port should be in access mode, we have
> > the following options for the additional voice vlan:
> >
> > 1. make the phone and the switch port carry the voice vlan in dot1q
> > frames (you don't need to configure the port as trunk !!!):
> >
> > switchport voice vlan
> >
> > don't forget to create the vlan on the vtp server/locally.
> > check the status with: show interface ... switchport
> >
> > 2. make the phone and the switch carry the voice vlan in dot1p frames
> > (traffic is CoS marked but uses the default vlan 0).
> >
> > switchport voice vlan dot1p
> > check the status with: show interface ... switchport
> >
> > Rado
> >
> > On 9/30/06, Magmax wrote:
> >> Guys,
> >>
> >>
> >>
> >>
> >>
> >> Let say I am configuring voice port on 3550.Is there any difference in
> >
> > these
> >
> >> two methods. In think both should be ok .
> >>
> >>
> >>
> >> Method 1
> >>
> >> mls qos
> >>
> >> interface FastEthernet0/19
> >>
> >> switchport access vlan XX
> >>
> >> switchport voice vlan XX
> >>
> >>
> >>
> >>
> >>
> >> Final config
> >>
> >>
> >>
> >>
> >>
> >> mls qos
> >>
> >> interface FastEthernet0/19
> >>
> >> switchport access vlan XX
> >>
> >> switchport voice vlan XX
> >>
> >> switchport mode dynamic desirable
> >>
> >> spanning-tree portfast
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >> Method 2
> >>
> >>
> >>
> >> mls qos
> >>
> >> interface FastEthernet0/7
> >>
> >> switchport voice vlan XX
> >>
> >> switchport trunk encapsulation dot1q
> >>
> >> switchport mode trunk
> >>
> >> switchport trunk native vlan XX
> >>
> >> mls qos trust cos
> >>
> >>
> >>
> >>
> >>
> >> Final config
> >>
> >>
> >>
> >> mls qos
> >>
> >> interface FastEthernet0/7
> >>
> >> switchport voice vlan XX
> >>
> >> switchport trunk encapsulation dot1q
> >>
> >> switchport mode trunk
> >>
> >> switchport trunk native vlan XX
> >>
> >> mls qos trust cos
> >>
> >> spanning-tree portfast
> >
> > _______________________________________________________________________
> >
> >> Subscription information may be found at:
> >> http://www.groupstudy.com/list/CCIELab.html
> >
> > _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
> >
> >
> >
> >
> >
> > ---------------------------------
> > How low will we go? Check out Yahoo! Messenger�s low PC-to-Phone call
> > rates.
> >
> > _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
> >
> > _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
> >
> >
> > ________________________________________
> > Talk is cheap. Use Yahoo! Messenger to make PC-to-Phone calls. Great
> > rates starting at 1"/min.
> >
> > _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
--
Ivan
This archive was generated by hypermail 2.1.4
: Sun Oct 01 2006 - 16:55:42 ART