cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2709
Views
15
Helpful
6
Replies

voice and access VLAN for same Mac

Hi,

I'm experiencing some problems with one of our 2960X switches.

My voice vlan is 42, my data vlan 40.

 

What is working:

- phone gets an DHCP IP in voice vlan

- laptop get an DHCP IP in data vlan

 

Whats wrong:

When i perform a show mac I get the following result:
---- ----------- -------- -----
40 3c2c.xxxx.xxxx DYNAMIC Gi1/0/5
40 706b.1234.5678 DYNAMIC Gi1/0/5
42 706b.1234.5678 DYNAMIC Gi1/0/5

 

Mac 706b.1234.5678 is in both vlans, 40 and 42.

 

Port config:

switchport access vlan 40
switchport mode access
switchport voice vlan 42
mls qos trust device cisco-phone
mls qos trust cos
spanning-tree portfast
spanning-tree bpduguard enable

 

sh arp shows that 706b.1234.5678 has only an IP in vlan 42.

 

Can anyone explain why my Cisco phone is on both vlans 40 and 42? Can't explain myself what's happening here.

 

Thanks.

1 Accepted Solution

Accepted Solutions

I am not sure that what you are observing is a bug, and in fact not sure that it is a problem. Note that in show mac that there is a unique mac for your pc and a mac for your phone, which shows up in both vlans

40 3c2c.xxxx.xxxx DYNAMIC Gi1/0/5 (not sure why you block out some pars of the mac address, but pretty sure that this is your PC)
40 706b.1234.5678 DYNAMIC Gi1/0/5 (this is the mac for your phone)
42 706b.1234.5678 DYNAMIC Gi1/0/5

 

It is perhaps unexpected to have the phone mac in both vlans. But it is not a problem. Remember that a mac address only needs to be unique within its broadcast domain/vlan) Having the same mac address show up in 2 vlans does not cause a problem in either of the vlans.

 

Am I correct in assuming that the physical cable from your switch connects to the phone, and a cable from the phone connects to the PC? In that case the phone is the device that is directly connected to vlan 40 and so it is not a problem that its mac would show up in vlan 40.

HTH

Rick

View solution in original post

6 Replies 6

marce1000
VIP
VIP

 

 - Check this info :

           https://community.cisco.com/t5/ip-telephony-and-phones/why-do-switches-maintain-phone-mac-in-data-vlan-in-mac-table/td-p/2461387

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

Hello

Possible bug, suggest to upgrade switch software.


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

I am not sure that what you are observing is a bug, and in fact not sure that it is a problem. Note that in show mac that there is a unique mac for your pc and a mac for your phone, which shows up in both vlans

40 3c2c.xxxx.xxxx DYNAMIC Gi1/0/5 (not sure why you block out some pars of the mac address, but pretty sure that this is your PC)
40 706b.1234.5678 DYNAMIC Gi1/0/5 (this is the mac for your phone)
42 706b.1234.5678 DYNAMIC Gi1/0/5

 

It is perhaps unexpected to have the phone mac in both vlans. But it is not a problem. Remember that a mac address only needs to be unique within its broadcast domain/vlan) Having the same mac address show up in 2 vlans does not cause a problem in either of the vlans.

 

Am I correct in assuming that the physical cable from your switch connects to the phone, and a cable from the phone connects to the PC? In that case the phone is the device that is directly connected to vlan 40 and so it is not a problem that its mac would show up in vlan 40.

HTH

Rick

Thanks for your detailed answer.

You are right - switch to phone to PC.

 

The problem is:

We use a NAC solution and I assume that this error is related to my description above:

 

Jan 11 06:35:33.307: %DOT1X_SWITCH-5-ERR_VLAN_EQ_VVLAN: Data VLAN 42 on port GigabitEthernet1/0/5 cannot be equivalent to the Voice VLAN AuditSessionID C0A82314000000140EFE983F

 

Vlan Mac Address Type Ports
---- ----------- -------- -----
40 706b.b925.8840 DYNAMIC Drop
42 706b.b925.8840 DYNAMIC Drop

 

 

Already tried to upgrade switch firmware to 15.2(7)E3, but it didn't improve the situation.

Sorry I'm stupid.

Jan 11 06:35:33.307: %DOT1X_SWITCH-5-ERR_VLAN_EQ_VVLAN: Data VLAN 42 on port GigabitEthernet1/0/5 cannot be equivalent to the Voice VLAN AuditSessionID C0A82314000000140EFE983F

 

was an error in my NAC configuration.

 

I think I'll just ignore that the mac is shown in both VLANs.

Thanks for the update. Glad that you have resolved the issue and that our suggestions have been helpful. Thank you for marking this question as solved. This will help other participants in the community to identify discussions which have helpful information. This community is an excellent place to ask questions and to learn about networking. I hope to see you continue to be active in the community.

HTH

Rick

Review Cisco Networking for a $25 gift card