Switchport mode access command

Answered Question
Apr 6th, 2013
User Badges:

Hi,


I was curious about the switchport mode access command and its interoperability with the switchport voice vlan command.


If I configured a switchport with the switchport mode access commmand, will that make it impossible for the switchport to create a special case trunk with the IP phone? Even if I configure switchport voice vlan command?


And if so, should the port be configured as switchport mode dynamic auto? Or desirable?


Thank you, Pat

Correct Answer by fb_webuser about 4 years 1 month ago

Pat, you absolutely can configure a port as an access port, add the voice vlan config and have connect both a phone and another device. The trunk will form. With the "voice vlan" Cisco obfuscates the fact that a trunk is being formed. I don't necessarily agree with this strategy and it wasn't always that way. I remember configuring phones on a 3500XL and the ports were configured as trunks.


You got me thinking, so I issued some commands on a WS-C3560V2-48PS-S running IOS 12.2(58)SE2 that has 12 phones connected to it.


Here is the config for a port that has a phone connected:


Switch#sho run int f0/2

Building configuration...


Current configuration : 475 bytes

!

interface FastEthernet0/2

switchport access vlan 11

switchport trunk encapsulation dot1q

switchport trunk native vlan 11

switchport trunk allowed vlan 2,10-19

switchport mode access

switchport nonegotiate

switchport voice vlan 12

srr-queue bandwidth share 1 30 35 5

priority-queue out

mls qos trust device cisco-phone

mls qos trust cos

auto qos voip cisco-phone

no mdix auto

spanning-tree portfast

service-policy input AUTOQOS-SRND4-CISCOPHONE-POLICY

end


If I show the trunk status for an individual port IOS acknowledges that the port with the phone attached is actually a trunk:

Switch#sho int f0/2 trunk


Port Mode Encapsulation Status Native vlan

Fa0/2 off 802.1q not-trunking 11


Port Vlans allowed on trunk

Fa0/2 11-12


Port Vlans allowed and active in management domain

Fa0/2 11-12


Port Vlans in spanning tree forwarding state and not pruned

Fa0/2 11-12


However if I do a "sho int trunk" to show all the trunk ports on the switch IOS does not include the phone ports in the output.

Switch#sho int trunk


Port Mode Encapsulation Status Native vlan

Fa0/45 on 802.1q trunking 12

Fa0/46 on 802.1q trunking 12

Gi0/1 on 802.1q trunking 11

Gi0/2 on 802.1q trunking 11


Port Vlans allowed on trunk

Fa0/45 2,10-19

Fa0/46 2,10-19

Gi0/1 2,10-19

Gi0/2 2,10-19


Port Vlans allowed and active in management domain

Fa0/45 2,11-13,16-17

Fa0/46 2,11-13,16-17

Gi0/1 2,11-13,16-17

Gi0/2 2,11-13,16-17


Port Vlans in spanning tree forwarding state and not pruned

Fa0/45 2,11-13,16-17

Fa0/46 2,11-13,16-17

Gi0/1 2,11-13,16-17

Gi0/2 2,11-13,16-17


So on one hand IOS says "Yes, it is a trunk" and on the other it says "Nope, no trunks here!". So notice that "spanning-tree portfast" is configured on f0/2, not "spanning-tree portfast trunk". Portfast is still active on this port.


Switch#sho span int f0/2 portf

VLAN0011 enabled

VLAN0012 enabled


Conversely on port 45 we have a VG-224 connected and it is configured with "switchport mode trunk" and "spanning-tree portfast trunk". If I change that to just "spanning-tree portfast" we see this:


Switch#sho span int f0/45 portf

VLAN0002 disabled

VLAN0011 disabled

VLAN0012 disabled

VLAN0013 disabled

VLAN0016 disabled

VLAN0017 disabled

Cisco has confused the issue here. I would prefer it if we called a trunk a trunk but for whatever reason they do not.


Cheers,

-Jeff



---

Posted by WebUser Jeff Davis from Cisco Support Community App

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (6 ratings)
Loading.
Bilal Nawaz Sat, 04/06/2013 - 08:57
User Badges:
  • Red, 2250 points or more
  • Community Spotlight Award,

    Questions Answered, June 2015

Hello,

The switchport voice vlan command instructs the Cisco IP phone to forward all voice traffic through a specified VLAN. The Cisco IP phone forwards the traffic with an 802.1p priority of 5.


The switchport access vlan is the data vlan which can be on the same port as voice.


I haven't ever seen an access port for a phone and PC set up as a trunk. So I do not think the switchport mode dynamic/auto etc... command is needed. Its only used as an access port so should be switchport mode access. As far as i know, there is no trunking required to a ip phone.


I hope this helps


Please rate useful posts and remember to mark any solved questions as answered. Thank you.

skahawala Tue, 05/02/2017 - 11:29
User Badges:

To Raj, Did you configure QoS for the Voice. When QoS setup with EF class voice traffic get first priority. 

Hello Skahawala,

Thanks for your reply, basically I don't know about voice part. I didn't configure the QoS for the voice.

Please guide how can I configure the required configurations.


And also now I am facing the issue is RTP and voice ports 5060, 5061 & 5070 etc. these voice ports are my ISP already enabled but they said I need to enable the voice ports on my end. Even they didn't support for enable the voice ports on my router, that's why I am asking you.

Please guide me how can I enable the above ports on my cisco 2911 router.


Regards,

Raj

Reza Sharifi Sat, 04/06/2013 - 09:26
User Badges:
  • Super Bronze, 10000 points or more
  • Cisco Designated VIP,

    2017 LAN

Pat,


Only when you are connecting to a Cisco phone you can use access mode for both vice and data since Cisco switches use CDP to identify the phone.  If your phone is not a Cisco phone, you would need to trunk the port.


HTH

Abzal Sembay Sat, 04/06/2013 - 09:32
User Badges:
  • Silver, 250 points or more

Hi,

Actually if Cisco IP Phone is connected to access as well as PC it is a switchport voice vlan command enables to separate Voice and Data traffic. Think it as mini-trunk. IP phone connected access port and with voice vlan defined learns by CDP protocol it's VLAN id. And as Bilal mentioned there is no need any trunk configuration.

Sent from Cisco Technical Support iPhone App

Patrick McHenry Sat, 04/06/2013 - 14:07
User Badges:

Thank you


I don't want to configure a trunk. I want to dynamically create a special case trunk when the phone connects. My question is:


If I configure a port using "sw mode access" as a part of the port configuration, along with "switchport voice vlan vlan", will the switch still direct the phone to create a special case trunk, so voice is on the Voice VLAN and data is on the native VLAN.


Thank you, Pat.

Bilal Nawaz Sat, 04/06/2013 - 14:53
User Badges:
  • Red, 2250 points or more
  • Community Spotlight Award,

    Questions Answered, June 2015

Hello Patrick,

Your understanding is correct. The phones have very similar hardware as what is in the switch, so trunking capabilities are very possible, this is what the voice vlan is used for, to segregate the traffic from data traffic. The phone has the ability to tag and untag the 802.1q header, and any untagged traffic is for data.

I found the following explanation from a ccna voice - understanding concepts book. Extract:

You might call the connection between the switch and IP phone a "mini-trunk" because a typical trunk passes a large number of VLANs (if not all VLANs). In this case, the IP phone tags its own packets with the correct voice VLAN (VLAN 25, in the case of Figure 3-6). Because the switch receives this traffic on a port supporting tagged packets (our mini-trunk), the switch can read the tag and place the data in the correct VLAN. The data packets pass through the IP phone and into the switch untagged. The switch assigns these untagged packets to whatever VLAN you have configured on the switchport for data traffic.

NOTE

Traditionally, a switchport on a Cisco switch that receives tagged packets is referred to as a trunk port. However, when you configure a switchport to connect to a Cisco IP Phone, you configure it as an access port (for the untagged data from the PC) while supporting tagged traffic from the IP phone. So, think of these ports as "access ports supporting tagged voice VLAN traffic."

Hope this helps

Sent from Cisco Technical Support iPhone App

Correct Answer
fb_webuser Sat, 04/06/2013 - 14:10
User Badges:
  • Silver, 250 points or more

Pat, you absolutely can configure a port as an access port, add the voice vlan config and have connect both a phone and another device. The trunk will form. With the "voice vlan" Cisco obfuscates the fact that a trunk is being formed. I don't necessarily agree with this strategy and it wasn't always that way. I remember configuring phones on a 3500XL and the ports were configured as trunks.


You got me thinking, so I issued some commands on a WS-C3560V2-48PS-S running IOS 12.2(58)SE2 that has 12 phones connected to it.


Here is the config for a port that has a phone connected:


Switch#sho run int f0/2

Building configuration...


Current configuration : 475 bytes

!

interface FastEthernet0/2

switchport access vlan 11

switchport trunk encapsulation dot1q

switchport trunk native vlan 11

switchport trunk allowed vlan 2,10-19

switchport mode access

switchport nonegotiate

switchport voice vlan 12

srr-queue bandwidth share 1 30 35 5

priority-queue out

mls qos trust device cisco-phone

mls qos trust cos

auto qos voip cisco-phone

no mdix auto

spanning-tree portfast

service-policy input AUTOQOS-SRND4-CISCOPHONE-POLICY

end


If I show the trunk status for an individual port IOS acknowledges that the port with the phone attached is actually a trunk:

Switch#sho int f0/2 trunk


Port Mode Encapsulation Status Native vlan

Fa0/2 off 802.1q not-trunking 11


Port Vlans allowed on trunk

Fa0/2 11-12


Port Vlans allowed and active in management domain

Fa0/2 11-12


Port Vlans in spanning tree forwarding state and not pruned

Fa0/2 11-12


However if I do a "sho int trunk" to show all the trunk ports on the switch IOS does not include the phone ports in the output.

Switch#sho int trunk


Port Mode Encapsulation Status Native vlan

Fa0/45 on 802.1q trunking 12

Fa0/46 on 802.1q trunking 12

Gi0/1 on 802.1q trunking 11

Gi0/2 on 802.1q trunking 11


Port Vlans allowed on trunk

Fa0/45 2,10-19

Fa0/46 2,10-19

Gi0/1 2,10-19

Gi0/2 2,10-19


Port Vlans allowed and active in management domain

Fa0/45 2,11-13,16-17

Fa0/46 2,11-13,16-17

Gi0/1 2,11-13,16-17

Gi0/2 2,11-13,16-17


Port Vlans in spanning tree forwarding state and not pruned

Fa0/45 2,11-13,16-17

Fa0/46 2,11-13,16-17

Gi0/1 2,11-13,16-17

Gi0/2 2,11-13,16-17


So on one hand IOS says "Yes, it is a trunk" and on the other it says "Nope, no trunks here!". So notice that "spanning-tree portfast" is configured on f0/2, not "spanning-tree portfast trunk". Portfast is still active on this port.


Switch#sho span int f0/2 portf

VLAN0011 enabled

VLAN0012 enabled


Conversely on port 45 we have a VG-224 connected and it is configured with "switchport mode trunk" and "spanning-tree portfast trunk". If I change that to just "spanning-tree portfast" we see this:


Switch#sho span int f0/45 portf

VLAN0002 disabled

VLAN0011 disabled

VLAN0012 disabled

VLAN0013 disabled

VLAN0016 disabled

VLAN0017 disabled

Cisco has confused the issue here. I would prefer it if we called a trunk a trunk but for whatever reason they do not.


Cheers,

-Jeff



---

Posted by WebUser Jeff Davis from Cisco Support Community App

Patrick McHenry Sat, 04/06/2013 - 16:20
User Badges:

Great post and thanks for labbing it - Jeff!


When you did a show int fa0/2 trunk, it says it is not trunking and the mode is off. Why do you think the IOS is stating that it is a trunk?


Thanks, Pat.

Reza Sharifi Sat, 04/06/2013 - 19:14
User Badges:
  • Super Bronze, 10000 points or more
  • Cisco Designated VIP,

    2017 LAN

Pat,


Cisco switches have special feature and that is called auxiliary VLAN.  It basically let you configure 2 vlans (one data and one voice) to an access port. So, even through we have more then one vlan attached to this port and it actually trunking, Cisco does not call it trunk and call it "Multi-vlan access port" (see link below). That is why in the show interface trunk it shows the interface as not trunking


Here is another example this port is configured with 2 vlans (12 (voice) and 13 (data))

and here is the output of sh int gi1/0/23 trun


3750-Switch(config-if)#do sh int gi1/0/23 trun


Port        Mode             Encapsulation  Status        Native vlan

Gi1/0/23    off              802.1q         not-trunking  1


As you can see, it says not trunking


now, I will change the port to trunk mode:


3750-Switch(config-if)#do sh int gi1/0/23 trun                         


Port        Mode             Encapsulation  Status        Native vlan

Gi1/0/23    on               802.1q         trunking      1


https://supportforums.cisco.com/docs/DOC-4542


HTH

Hi Pat,

I am using voip services for my business, for that I am using IP phone(soft calling). But now I am getting line disturbance and voice crackling.

Exactly customer unable to here our agents voice because of some noise is there in the line.some times agents also having the same problem.

I am using the cisco 2911 router  and (SRW224G4 v1.1 business series) Switches I am using rigth now. Is there any thing to configure in switches for VIOP services.


Please let me know any suggestions, because it is very hard. every time line issue came to the picture.


Regards,

Raj

Actions

This Discussion