RE: IP Phones and trunks.

From: Avner Izhar (aizhar@ccbootcamp.com)
Date: Tue Mar 18 2008 - 03:28:21 ART

• Next message: Ahsan Mohiuddin: "ie core lab 3 / task 4.5"
• Previous message: Hoogen: "Re: OT Cisco loses to riverbed in wan optimization"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi Emil,
 
The recommended way to configure a voice port is in access mode, static access.
Dynamic of any sort means a potential hacker can use a phone port to negotiate a trunk and get access to more resources.
 
Vlan 0 is a way to map tagged traffic into the untagged (native) vlan, since dot1p is actually the 3 bits cos field in the 802.1q header, a tag is needed, but it should not have any vlan info in it.

How do you configure an SVI for dot1p (not that I recommend using it ...), it should be the same as your native vlan (per that trunk), which is 1 by default.

HTH,
-------------------------------------------
thanks,
Avner Izhar
CCIE#15999 (Voice), CCVP, CCSI# 31623
Technical Training Manager
CCBOOTCAMP - A Cisco Sponsored Organization (SO)
Email: aizhar@ccbootcamp.com
Toll Free: 877-654-2243
Direct: +1-702-968-5100 = Outside the USA
FAX: +1-702-446-8012
YES! We take Cisco Learning Credits!
Training And Remote Racks: http://www.ccbootcamp.com

________________________________

From: YourPal [mailto:dearprudence28@gmail.com]
Sent: Monday, March 17, 2008 22:48
To: Avner Izhar
Cc: Daniel Valle; ccielab@groupstudy.com
Subject: Re: IP Phones and trunks.

Hi Avner,

If we configure the command "switchport voice vlan <VVID>", what mode should we configure? Understand that 3550 defaults to "dynamic desirable" and 3560 defaults to "dynamic auto". Leave it to the default?

I'm confused with the different types of voice vlan config. Say, I configure "switchport voice vlan dot1p". According to DocCD, this command configures the phone to use IEEE 802.1p priority tagging for voice traffic and to use the default native VLAN (VLAN 0) to carry all traffic.

VLAN 0? How do I configure an SVI to provide a gateway to the voice subnet and data subnet?

Thank you.

BR,
Emil

On 1/26/08, Avner Izhar <aizhar@ccbootcamp.com> wrote:

        Hi Daniel,
        
        As far as I know, the Cisco ip phones do not support DTP or VTP.
        
        If you connect a phone to a switch that has DTP in dynamic desirable, it will not negotiate a trunk.
        
        The recommended way is to configure an access mode port with a single tagged vlan,
        using the 'switchport voice vlan xx' command.
        
        That way you prevent floods, but allow separate vlan for voice and for data.
        
        Some old switches will require a trunk (the XL family of switches), on them it is a good idea to manually allow only two vlans.
        
        HTH,
        -------------------------------------------
        thanks,
        Avner Izhar
        CCIE#15999 (Voice), CCVP, CCSI# 31623
        Technical Training Manager
        CCBOOTCAMP - A Cisco Sponsored Organization (SO)
        Email: aizhar@ccbootcamp.com
        Toll Free: 877-654-2243
        Direct: +1-702-968-5100 = Outside the USA
        FAX: +1-702-446-8012
        YES! We take Cisco Learning Credits!
        Training And Remote Racks: http://www.ccbootcamp.com
        
        
        
        -----Original Message-----
        From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of Daniel Valle
        Sent: Thursday, January 24, 2008 16:02
        To: ccielab@groupstudy.com
        Subject: IP Phones and trunks.
        
        Hi GS,
        
        I have a question: when an IP phone connects to a switch, by default,
        the switch will automatically establish a trunk with the IPphone.
        Good. I didn' check that yet, but this makes me conclude tha DTP is
        working in the IP phone. Does it also supports VTP ?
        
        To be clearer, If I configure vtp prunning in my switch domain and
        later on I plug a IP phone in an interface, is that new trunked
        interface prunned by default or will it be receiving
        floods/broadcast/multicast unnecessarily ( and so to solve it I make
        tune the vlan allowed list )?
        
        
        Thanks !
        
        Daniel
        
        _______________________________________________________________________
        Subscription information may be found at:
        http://www.groupstudy.com/list/CCIELab.html
        
        No virus found in this incoming message.
        Checked by AVG Free Edition.
        Version: 7.5.516 / Virus Database: 269.19.11/1243 - Release Date: 1/25/2008 11:24
        
        
        No virus found in this outgoing message.
        Checked by AVG Free Edition.
        Version: 7.5.516 / Virus Database: 269.19.11/1243 - Release Date: 1/25/2008 11:24
        
        _______________________________________________________________________
        Subscription information may be found at:
        http://www.groupstudy.com/list/CCIELab.html
        

No virus found in this incoming message.
Checked by AVG.
Version: 7.5.519 / Virus Database: 269.21.7/1332 - Release Date: 3/17/2008 10:48

No virus found in this outgoing message.
Checked by AVG.
Version: 7.5.519 / Virus Database: 269.21.7/1332 - Release Date: 3/17/2008 10:48

• Next message: Ahsan Mohiuddin: "ie core lab 3 / task 4.5"
• Previous message: Hoogen: "Re: OT Cisco loses to riverbed in wan optimization"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Tue Apr 01 2008 - 07:53:53 ART