Thanks again Rick.  so if i have ports that need to access multiple vlans, other than vlav 20, do i need to set those ones up as trunk ports

I want to be careful in understanding what you are really asking when you say need to access multiple vlans. One way of understanding that is that a device in vlan 10 needs to send data to devices in vlans 20 and 30 and 40. For this you need to send the data through a device that is performing layer 3 inter vlan routing and not necessarily a trunk. The other way of understanding it is that the switch port needs to actively participate in vlans 10 and 20 and 30 and 40. For that you would need to configure the port as a trunk.

HTH

Rick

i think option B better describes my setup.  Computer (such as mine on VLAN 10) need to be able to access things that are on different VLANS such as the WiFi, Storage, ect,  i can take other port info from another switch but after the last issue i'm afraid to.  if you know what i mean.  

I think that I do know what you mean. As you get a bit more experience with Cisco networking it gets easier to sort some of these things out.

If you are really more in option B then you would need a trunk. But one of the ways to think about the question that you are asking in this thread is to think about the device that will connect on this port and how it will work. Does your PC need to be in the same subnet as WiFi and to be able to ARP for devices in WiFi and communicate directly with them? Does your PC also need to be in the same subnet as Storage and to be able to ARP for devices in Storage and communicate directly with them? If so then you need a trunk (and you need multiple IP addresses on your PC). Most PC have a single IP address and are best connected to an access port and not to a trunk port.

HTH

Rick

OK i think i understand what you are saying.  Is it safe to say that uplink ports  are set to trunk and not very many other ports?

As a rule of the thumb, yes.

VoIP handsets are uplinks typically, as they contain switches, hence the access ports need to be configured as trunks.

With Cisco you have the 'switchport voice vlan' command as Richard mentions, but you need Cisco phones to use this.

Martin

These are NOT Cisco phones.

If they are not Cisco phones and you need the switch port to access the data vlan and the phone vlan then it would need to be a trunk.

As I tried to explain in a previous post it frequently helps if you consider what will connect to the switch port and how that device functions. Most PCs have a single NIC with a single IP address and they would typically be on an access port. Many servers have a single NIC with a single IP address and they would typically be on an access port. But some servers support multiple NICs, or virtual NICs with support for dot 1 Q trunking and they would be on trunk ports. Your PC and phone would be on a trunk if the phones are not Cisco. If it will be connecting to a switch then it depends on how that switch is configured (if the other switch port is access then your switch would use access and if the other switch was trunk then your switch would be trunk), if connecting to a typical router physical interface then your switch port would typically be access, but if connecting to a router interface configured with subinterfaces then your switch would use trunk.

HTH

Rick 

Rick,

Sorry to be a PITA but it's just a bit confusing to me.  All these ports on this switch will be going directly to a desktop computer.  Some of those computers will be hanging off of a MITEL phone (due to lack of wall jacks.  That being said then does that mean i am going to set them all up for trunk ports??  Sorry it's taking me so long to get all this but i'm really not that stupid i promise.  LOL  Thanks again for all the help! 

The desktops should be access ports. The interfaces where the phones connect need to be trunks (and for security purposes you should only allow the required VLAN's to traverse them). i.e. VOIP and Data. The reason is, like I say above, the handsets contain switches, where the PC's will connect.

I assume you know you can configure a range of ports?

Martin

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages wha2tsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

With Cisco you have the 'switchport voice vlan' command as Richard mentions, but you need Cisco phones to use this.

Not necessarily.  (We use both Cisco and Brand "A" VoIP phone on such configured ports.)  What the switchport voice vlan command does is allow a second VLAN on the port, the second VLAN using tags.  (Basically, that command configures the port like a trunk port with two allowed VLANs, a native VLAN and one tagged VLAN.)

In our case, our non-Cisco VoIP phones join the network on the untagged VLAN, and we pass them a DHCP option that indicates the Voice VLAN they should use.  The phone then starts using the VLAN tag for its traffic, while passing any downstream PC traffic, still untagged.

Our non-Cisco phones, I believe, could also be hard coded to use a tagged VLAN, I believe, but as noted above, they support obtaining the VLAN they are to use from a DHCP option.

One advantage of using the voice VLAN command, a Cisco switch will still consider the port an access port rather than a trunk port, which has considerations for using something like portfast for access ports.

Rick,

If i;m not sure what ports are going to need the switchport voice vlan 20, is it ok to make that setting on all the ports or is that a bad thing?  

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages wha2tsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

It does place the voice VLAN's broadcast and  unknown unicast (and possibly its multicast) traffic on the port.  So it's "bad" in that respect.  However, that's usually not a lot of traffic.