Solved: How does the Cisco IP Phone work?

emilyforcisco1 · ‎07-05-2016

So the 2 ports on the back of the phone, one goes to the switch and one goes to the PC. How the heck does the PC get onto a different Vlan than the phone!? Is the port to the switch a trunk port!?

Ryan Huff · ‎07-05-2016

The most direct answer to your question is yes, and no! :)

In most modern Cisco switches what you'll typically do is put the switchport in access mode and specify the data (or PC) vlan as the access vlan (this will essentially deliver IP packets to whatever is connected to the switchport, without the 802.1Q header or the VLAN ID). Although some Network Interface Cards do support 802.1Q headers, it is general practice to deliver "un-tagged packets" (or packets without the 802.1Q header) to PC desktop/laptop NICs.

In order for the voice (or phone) VLAN to also work at the same time in the port, you would additionally configure the per-port command, "switchport voice vlan xxx", which specifies the voice VLAN ID. This command essentially passes the the packet WITH the 802.1Q header. Now you might think this is a trunk port, but it is not -at least in the traditional sense. This is a pseudo-trunk.

At this point you may ask, "how does the phone know what the voice VLAN ID would be if I'm passing tagged packets"? In order for this magic to happen, you could manually set the VLAN ID on each phone .... but who wants to do that? As long as the port / switch has CDP (Cisco Discovery Protocol) running (which it generally does by default); the phone will use CDP to discover this special voice vlan that is specified by the switchport voice vlan command (the phone uses CDP to discover the 802.1Q header in the tagged packets coming through the port).

In the OLD days (Example, CatOS / 3524), you didn't have the switchport voice vlan command, however, the modern Cisco IP phone still expected to be able to use CDP to "discover" tagged packets on the port it was plugged into. So, in those cases, what you would do is make the port a trunk and allow the voice vlan on the trunk (either with trunk allow vlan all or restrict to VLAN ID). To also have an "un-tagged" vlan in this port for your data (or PC) vlan you would specify a trunk native vlan (which would remove the 802.1Q header from the packet prior to delivery). If you were restricting VLANs on the trunk, you would need to allow the native vlan and the voice vlan in the trunk allow list. Some Cisco SMB switches still function this way too.

I either case, functioning (or enabled) CDP is a requirement. Now, there is a whole other world/topic called, "LLDP" (Link Layer Discovery Protocol) which is the non Cisco-proprietary / vendor agnostic alternative to CDP. However, if you are using a Cisco switch, I highly recommend just sticking with CDP as it works right out of the gate and has no question of support with older Cisco phone models.

Thanks,

Ryan

(.. Please rate helpful posts ..)

View solution in original post

Jaime Valencia · ‎07-05-2016

http://www.cisco.com/c/en/us/support/docs/switches/catalyst-4500-series-switches/69632-configuring-cat-ip-phone.html

HTH

java

if this helps, please rate

Ryan Huff · ‎07-05-2016

The most direct answer to your question is yes, and no! :)

In most modern Cisco switches what you'll typically do is put the switchport in access mode and specify the data (or PC) vlan as the access vlan (this will essentially deliver IP packets to whatever is connected to the switchport, without the 802.1Q header or the VLAN ID). Although some Network Interface Cards do support 802.1Q headers, it is general practice to deliver "un-tagged packets" (or packets without the 802.1Q header) to PC desktop/laptop NICs.

In order for the voice (or phone) VLAN to also work at the same time in the port, you would additionally configure the per-port command, "switchport voice vlan xxx", which specifies the voice VLAN ID. This command essentially passes the the packet WITH the 802.1Q header. Now you might think this is a trunk port, but it is not -at least in the traditional sense. This is a pseudo-trunk.

At this point you may ask, "how does the phone know what the voice VLAN ID would be if I'm passing tagged packets"? In order for this magic to happen, you could manually set the VLAN ID on each phone .... but who wants to do that? As long as the port / switch has CDP (Cisco Discovery Protocol) running (which it generally does by default); the phone will use CDP to discover this special voice vlan that is specified by the switchport voice vlan command (the phone uses CDP to discover the 802.1Q header in the tagged packets coming through the port).

In the OLD days (Example, CatOS / 3524), you didn't have the switchport voice vlan command, however, the modern Cisco IP phone still expected to be able to use CDP to "discover" tagged packets on the port it was plugged into. So, in those cases, what you would do is make the port a trunk and allow the voice vlan on the trunk (either with trunk allow vlan all or restrict to VLAN ID). To also have an "un-tagged" vlan in this port for your data (or PC) vlan you would specify a trunk native vlan (which would remove the 802.1Q header from the packet prior to delivery). If you were restricting VLANs on the trunk, you would need to allow the native vlan and the voice vlan in the trunk allow list. Some Cisco SMB switches still function this way too.

I either case, functioning (or enabled) CDP is a requirement. Now, there is a whole other world/topic called, "LLDP" (Link Layer Discovery Protocol) which is the non Cisco-proprietary / vendor agnostic alternative to CDP. However, if you are using a Cisco switch, I highly recommend just sticking with CDP as it works right out of the gate and has no question of support with older Cisco phone models.

Thanks,

Ryan

(.. Please rate helpful posts ..)

mag0ne · ‎12-26-2019

I came across this question wondering how an IP phone can apply a CoS tag to traffic if it's connected to an access port. "Pseudo trunk" explains it perfectly.