In many cases clients would like to have their employee’s PC connected directly to the 3-port switch on the back of the Cisco IP phone sitting on the desk. This greatly simplifies deployments of end-user stations since one Ethernet cable drop can accommodate the IP Phone (voice) and end-user PC (data) connectivity back to the access layer switch closet. The deployments are further simplified by having this drop powered (i.e. PoE).
In the past (and sometimes even now depending on vintage of hardware) if you wanted to separate voice and data (PC) traffic coming into a switch port a 802.1Q trunk had to be created/configured on the Cisco data switch. However Cisco has a more effective way of configuring the separation of voice and data traffic coming into today’s Cisco switch ports. It is by configuring Voice VLANs.
You may hear it referred to as a mini-trunk however the configuration of this ‘mini-trunk’ has been greatly simplified using the “voice VLAN” command within the Cisco IOS CLI.
The following few lines provide the command syntax to carry-out the configuration of (one) Cisco switch port for this sort of IP Phone / PC (data) configuration.
Define the VLANs on the switch
Optional: Issue the portfast command on the port which instructs the switch to bring the switch port up right away and not wait for the normal spanning-tree interval (of up to 1 min) to place it into the forwarding state so the IP phone is not left hanging.
Note: The Port Fast feature is automatically enabled when voice VLAN is configured. When you disable voice VLAN, the Port Fast feature is not automatically disabled.
The following command will ensure that the 802.1p CoS markings (default ’5′) on the voice traffic sent from the IP phones are honored and that the incoming traffic is classified and prioritized accordingly.
Switch(config-if)#mls qos trust cos
Note: Before configuring the port trust state, you must first globally enable QoS by using the mls qos global configuration command.
Just remember that although there’s a possibility that the data traffic sent from the end-user PC could also be sent with 802.1p priority bits set (maybe even with a higher priority of ’6′ or ’7′ by a saavy/malicious user) the IP phone by default will remark that CoS value to “0″ before forwarding on to the Catalyst data switch port.
This is based on the default switch port configuration of “no switchport priority extend trust“. If the trust boundary had to be extended beyond the IP Phone then the “switchport priority extend trust” command would have to be issued. This would leave the CoS markings intact on the incoming data (PC) traffic.
Place the port into the DATA VLAN
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 10
Place the port into the VOICE VLAN
Switch(config-if)#switchport voice vlan 20
Notice the above options which are available with the switchport voice vlan command. Although they are typically not used I will describe them for interest’s sake.
You can configure a Catalyst switch port connected to the Cisco IP Phone to send CDP packets to the phone to configure the way in which the phone sends voice traffic.
<1-4094> - This is the Voice VLAN ID which will be communicated to the Cisco IP Phone via CDP. The IP phone will send voice traffic to the switch in this configured voice VLAN tagged with a Layer 2 CoS priority value (by default is “5″) using the IEEE 802.1P/Q standard.
dot1p – This option configures the Cisco IP phone to send voice traffic to the switch in the access VLAN tagged with a Layer 2 CoS priority value. In other words, it will configure the phone to use IEEE 802.1p priority tagging for voice traffic and to use the default (native) access VLAN (VLAN 0) to carry all traffic. By default, the Cisco IP Phone forwards the voice traffic with an IEEE 802.1p priority of 5. Therefore both the PC (data) traffic and the voice traffic will enter the Catalyst data switch port as part of the same access VLAN however the voice frames will have their priority bits configured which will allow the switch to classify and prioritize the voice traffic over the PC traffic. Note: This configuration implies that the IP phone and attached PC are in the same subnet (in other words the access VLAN) since there is no explicit 802.1Q VLAN ID tag on the voice frames.
none – Normally the Cisco switch will (by default) communicate the IP Phone’s Voice VLAN value using CDP. This option can be used to disable this behavior and allow the phone to use its (own) manual configuration to send untagged traffic to the switch.
untagged – Using this option will explicitly instruct the Cisco IP phone to send untagged Voice traffic in the access VLAN (no Layer 2 CoS priority value).
Note: In all configurations, the voice traffic carries a Layer 3 IP precedence value (the default is 5 for voice traffic and 3 for voice control traffic).
The following commands can be used to verify the VLAN configuration:
Switch#show int fa0/10 switchport
Switch#show run int fa0/10