Support for Cisco's "Voice VLAN"
Submitted by leroyplock on Fri, 07/13/2007 - 11:12am.
Greetings.
We have been evaluating endpoints to use with our imminent Trixbox rollout, and are leaning heavily towards Aastra hardphones. The performance/price ratio seems better than the other phones we've tried.
One thing that could steer us away from the Aastras and towards Polycoms or Ciscos is support for the "voice vlan" feature of Cisco switches. This allows you to carry two VLANs (one for VoIP, one for the PC attached to the phone's switch) on one access port. The phone talks to the switch via CDP (Cisco Discovery Protocol) and automatically configures the voice and data VLANs.
Without support for this feature, we must set the Cisco switch ports to "trunk," which means they have to be reconfigured to "accesss" should you need to plug a PC directly to the port w/o the phone in between. Just an extra step when requirements change.
Question 1: Are there any plans for Aastra phones to support this feature of Cisco switches?
Question 2: Can anyone suggest a different way to achieve the same effect? (The issue is needing to reconfig the Cisco switch port when changing from phone to pc or vice versa.)
Thanks!
 
CDP is proprietary, I think...
Tue, 07/17/2007 - 6:31am
I don't think it would be possible for Aastra to "support" CDP since, I think, it's a proprietary protocole and I guess Cisco isn't gonna licence it to other vendor.
 
mode dynamic
Tue, 07/17/2007 - 6:46am
I'm not a Cisco expert but is it possible to use the dynamic mode like this?
switchport mode dynamic desirable
or
switchport mode dynamic auto
If the phone can send DTP signal, I think the port would become a trunk automaticaly.
Let me know the results.
 
Polycom phones do CDP
Tue, 07/17/2007 - 7:23am
I have no idea whether they had to license it from Cisco.
 
LinkSys phones do CDP also
Tue, 07/17/2007 - 12:10pm
Not that surprising, since they're a subsidiary of Cisco.
 
mode dynamic
Tue, 07/17/2007 - 12:14pm
Good suggestion on setting the trunk to dynamic. Unfortunately I tried this and haven't been able to make it work. Need to try this with additional combinations of phone and switchport settings still, won't get it done until tomorrow. Will post results here, but I don't expect results. As you say the phone must do DTP, which is generally found only on Cisco switches.
 
DTP = proprietary
Tue, 07/17/2007 - 12:38pm
I just found out that DTP is a Cisco proprietary protocole also.
Too bad
 
native vlans?
Wed, 07/25/2007 - 7:30pm
I've not tried this, but could you not use the port in trunking mode, and just set the voice vlan to be something other than the native vlan.
If only a PC is connected, then untagged packets would be dumped into the native vlan.
Just an idea.
A.
 
No way to make it work. No CDP, no DTP, native vlan doesn't help
Mon, 07/30/2007 - 12:54pm
I've tried every way I can think of to make this work, and it just doesn't.
If you want to run the PC and phone on different VLANs, then you have to force the Cisco switch port to trunk. Then when you pull the phone out of the chain, you have to set the port to access or dynamic.
Using native vlan doesn't work, because the switch will forward all traffic for that VLAN _untagged_. If the phone is in trunk mode ("VLAN enabled") then it ignores the packet because there's no tag, it never goes out of the phone to the PC.
I've tried setting the switchport to "mode dynamic auto" and "mode dynamic desirable." The phone won't go into trunk with either setting. As far as I can tell it is purely trunk or purely access, based on the setting you choose.
This is a significant issue in our endpoint selection. We don't necessarily care whether it supports CDP, DTP, or any other Cisco protocol specifically. We just want to be able to pull the phone out the daisy chain and run directly from switch to PC w/o re-configuring the switch port, however that might be accomplished.
Would anyone from Aastra care to weigh in on this? We really like the phones other than this issue, but it's a significant one.
Thanks!
 
I have my cisco switch set
Mon, 07/30/2007 - 5:30pm
I have my cisco switch set to Trunk and it works fine with my phones on their vlan and the pc's on their vlan. If I plug just a pc into the port I get the access vlan which I set to my data vlan. On the phone I had to set the phone to use the voice vlan and it works like a charm (tried this with aastra and even grandstream phones). I can even plug a pc into the pc port on the phone and have access to my data vlan.
 
???????
Tue, 07/31/2007 - 7:32am
What phone and switch are you working with? Would you be willing to post your switchport configuration? I don't see how you're getting the access vlan directly to the PC without changing the mode to access or dynamic?
I'm testing with an Aastra 57i and a Catalyst 3560G. My switchport config is like this:
interface GigabitEthernet0/9
switchport access vlan 89
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 89,189
switchport mode trunk
end
89 is my data vlan and 189 is my voice vlan. This works fine with the PC daisy-chained from the phone, but if you try to plug a PC directly into the port, you won't get anything. This is how it's supposed to work, because the port is set to trunk (definitely, unequivocally, un-dynamically trunk). Trying to set the mode to dynamic trunking doesn't work with this phone.
The only way I know to attach a PC directly to a trunk port is to set the native vlan. With the native vlan defined, I can attach a phone to the port, I can attach a PC to the port, but I can't daisy-chain a PC off the phone. The phone doesn't seem to know what to do with the un-tagged traffic, because it's set to trunk mode.
I can see how it would work with 3 vlans:
interface GigabitEthernet0/9
switchport access vlan 89
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 89,189
switchport trunk native vlan 11
switchport mode trunk
end
Now, when you have the PC daisy-chained, you would get 89 on the phone and 189 on the PC, and when you plug the PC directly you would get vlan 11. But this is just goofy.
Thanks for your help.
 
SOLUTION
Mon, 08/13/2007 - 4:09pm
I finally got this working so it solved the main issue which is: "How can I set things up so that I can have separate VLANS for data and voice, and either daisy-chain a PC from the phone or plug the PC directly into the port, w/o reconfiguring the port."
The answer, as others said, was to set the port as a trunk but also set the native vlan. I was just missing a couple of details:
- Get the latest Aastra firmware (2.02 or higher?)
- Set the phone's PC port to 4095. 4095 is a flag indicating that un-tagged packets should be forwarded out the PC port.
Your switchport configuration should look something like this:
interface GigabitEthernet0/20
switchport trunk encapsulation dot1q
switchport trunk native vlan xx
switchport trunk allowed vlan xx,yy
switchport mode trunk
"xx" is your data vlan
"yy" is your voice vlan
Once you set the VLAN for the phone's "main" port, everything else can be configured through the config files on the tftp server.
Thanks for the help, everyone.
 
Member Since:
2007-06-08