PCs and IP Phone Connectivity

Unanswered Question
Mar 31st, 2010

Hi everyone:

I just want to make sure I understand how PCs and IP phones connect to an external access switch and how they are configured.

Typically, an IP phone has a 3-port internal switch.

One port on the internal IP phone switch is configured as an access port to be placed in the data vlan that is defined in the access switch. The PC connects to this port. The PC is typically configured for DHCP.

Another port on the internal IP phone switch is configured to be placed in the voice vlan that is defined on the access switch. This is the internal port that faces the phone's ASIC. The IP phone will also be configured for DHCP.

Lastly, the 3rd port on the internal IP phone switch, which will be the uplink to the external access switch port, is configured as a dot1q trunk that will carry the voice and data vlan traffic. This port is connected to the external access switch.

I have never configured these ports on an IP phone, but I imagine its done through a scrolling-type drop down menu on the phone itself.

As for the external access switch port, it is configured with a data access vlan and a voice vlan as an MVAP, a multi-vlan access port, which for all intents and purposes is a dot1q trunk, but is not defined as such on the switch to avoid running STP instances for the PC and phone. You know, keep cpu utilization down...

Is all this correct?

Is there a pretty good document out there that covers all this concisely?

Thank you

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (3 ratings)
Loading.
Giuseppe Larosa Wed, 03/31/2010 - 12:44

Hello Joe,

your understanding is correct just some details are different

>> I have never configured these ports on an IP phone, but I  imagine its done through a scrolling-type drop down menu on the phone  itself.

Actually, the IP phone 3 port LAN switch is configured in the case of cisco IP phones by CDP protocol: the LAN switch instructs the switch on how to deal with ethernet frames of Data Vlan and Voice vlan.

the settings of switchport voice vlan command decides how to behave:

switchport voice vlan X  ----> voice frames tagged with vlan-id X and appropriate CoS in 802.1p

switchport voice vlan dot1p ----> voice frames tagged with vlan-id 0 to carry the 802.1p field implies a single IP subnet shared for data and voice

there are the options untagged and none.

Clearly the first solution is the best one.

the use of PC port can be disabled from Call manager web pages or using settings on the IP phone.

other options are possible like avoiding to have voice frames replicated to PC port (useful for capturing traffic or for monitoring phone activity with some legal issues for example in a call center) or avoiding to have tagged frames replicated to the PC port.

These options are dependent from Cisco IP phone model and are used for phone hardening.

Also local settings on the phone can be disabled by Call manager interface.

Edit:

to be more correct when phone first comes up it  speaks and listen to native vlan so phone MAC address is first learned on data vlan.

Then after the CDP exchange the phone will restart in the voice vlan

At this point phone MAC address is learned in voice vlan

Hope to help

Giuseppe

ex-engineer Wed, 03/31/2010 - 13:10

Giuseppe:

to be more correct when phone first comes up it  speaks and listen to native vlan so phone MAC address is first learned on data vlan.

Then after the CDP exchange the phone will restart in the voice vlan At this point phone MAC address is learned in voice vlan

On a switch whose port is configured as an MVAP, which is the native vlan? Is it vlan 1, as in the case of a port that is explicity configured as a dot1q trunk?

Why does the Cisco phone come up on the native vlan anyway and not on the voice vlan to begin with? Doesnt CDP inform the IP phone which is the voice port?

Lets say it is not a Cisco phone. In that case, does one have to manually configure the IP phone's internal switch ports as I described in my initial post?

Giuseppe Larosa Wed, 03/31/2010 - 13:42

Hello Joe,

>> Why does the Cisco phone come up on the native vlan anyway and not on  the voice vlan to begin with? Doesnt CDP inform the IP phone which is  the voice port?

the native vlan is the data vlan on the MVA port not vlan 1 the other switch command is

switchport access vlan Y

POE has its role: first the phone is powered by POE, and then later it will talk CDP with the switch so it cannot use the voice vlan before receiving CDP message from switch port.

I've seen this in our network if I shut the switch port the IP phone is powered off. when the switch port is enabled first I see phone MAC address on data vlan then on voice vlan

>> Lets say it is not a Cisco phone. In that case, does one have to  manually configure the IP phone's internal switch ports as I described  in my initial post?

I have no direct experience but from some threads other vendors use some DHCP parameters to pass the information.

Also  there is a standards based equivalent of CDP that is called LLDP.

So other vendors may require the use of LLDP that is supported in recent IOS images of cisco LAN switches.

The objective is  to avoid to have to configure manually the phone.

Hope to help

Giuseppe

ex-engineer Wed, 03/31/2010 - 15:42

Thanks, Giuseppe:

One last question:

If I have 2 PCs and I want to connect them to the network, I should be able to connect both PCs to a hub, and then connect the hub uplink to the IP phones data port, right?

Both PCs should be able to get an IP address via DHCP on the data vlan...

Aaron Harrison Wed, 03/31/2010 - 16:50

Hi

Yes, that works.. as long as you don't have anything to prevent it on the switch (e.g. port security limiting the number of MAC addresses etc).

Aaron

Please rate helpful posts..

Actions

This Discussion