Using voice VLANs
Configuring voice VLANs separates voice traffic from data traffic and shields your voice traffic from broadcast storms.
Operating rules for voice VLANs
You must statically configure voice VLANs. GVRP and dynamic VLANs do not support voice VLAN operation.
Configure all ports in a voice VLAN as tagged members of the VLAN. This ensures retention of the QoS (Quality of Service) priority included in voice VLAN traffic moving through your network.
If a telephone connected to a voice VLAN includes a data port used for connecting other networked devices (such as PCs) to the network, then you must configure the port as a tagged member of the voice VLAN and a tagged or untagged member of the data VLAN you want the other networked device to use.
Components of voice VLAN operation
Voice VLAN: Configure one or more voice VLANs on the switch. Some reasons for having multiple voice VLANs include:
Employing telephones with different VLAN requirements
Better control of bandwidth usage
Segregating telephone groups used for different, exclusive purposes
Where multiple voice VLANs exist on the switch, you can use routing to communicate between telephones on different voice VLANs.
Tagged/Untagged VLAN Membership: If the appliances using a voice VLAN transmit tagged VLAN packets, then configure the member ports as tagged members of the VLAN. Otherwise, configure the ports as untagged members.
Voice VLAN access security
You can use port security configured on an individual port or group of ports in a voice VLAN. That is, you can allow or deny access to a phone having a particular MAC address. See chapter titled "Configuring and Monitoring Port Security" in the access security guide for your switch.
NOTE: MAC authentication is not recommended in voice VLAN applications. | |
Prioritizing voice VLAN QoS (Optional)
Without configuring the switch to prioritize voice VLAN traffic, one of the following conditions applies:
If the ports in a voice VLAN are not tagged members, the switch forwards all traffic on that VLAN at "normal" priority.
If the ports in a voice VLAN are tagged members, then the switch forwards all traffic on that VLAN at whatever priority the traffic has when received inbound on the switch.
Using the switch's QoS VLAN-ID (VID) priority option, you can change the priority of voice VLAN traffic moving through the switch. If all port memberships on the voice VLAN are tagged, the priority level you set for voice VLAN traffic is carried to the next device. With all ports on the voice VLAN configured as tagged members, you can enforce a QoS priority policy moving through the switch and through your network.
Syntax:
vlan
<vid>
qos priority<0-7>
The qos priority default setting is 0 (normal), with 1 as the lowest priority and 7 as the highest priority.
If you configure a voice VLAN with a VID of 10 and want the highest priority for all traffic on this VLAN, execute the following commands:
switch(config) #: vlan 10 qos priority 7 switch (config) #: write memoryYou also have the option of resetting the DSCP (DiffServe Codepoint) on tagged voice VLAN traffic moving through the switch. For more information, see Quality of Service (QoS): Managing bandwidth effectively.
If all port memberships on the voice VLAN are tagged:
The priority level set for voice VLAN traffic is carried to the next device.
You can enforce a QoS priority policy moving through the switch and network.
For more information, see Using voice VLANs.