01-29-2014 09:19 AM - edited 03-07-2019 05:53 PM
If you have VLAN 10 on a switch which is meant to carry your data traffic, and VLAN 20 which is meant to carry your voice traffic, and a switch port is default vlan 10, and tagged for vlan 20, but the PC hangs off a port on the phone, are you actually gaining anything? In other words is the traffic truly segregated?
Thanks.
Solved! Go to Solution.
01-29-2014 09:41 AM
Disclaimer
The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
Liability Disclaimer
In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
Posting
There's some benefit. The phone acts as mini switch. VLAN traffic to the PC, is forwarded to the PC without the phone's need to further examine the packet. VLAN traffic to the phone is not sent to the PC.
With separation of VLANs, you can also much easier implement security to control traffic to/from each VLAN.
01-29-2014 09:41 AM
Disclaimer
The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
Liability Disclaimer
In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
Posting
There's some benefit. The phone acts as mini switch. VLAN traffic to the PC, is forwarded to the PC without the phone's need to further examine the packet. VLAN traffic to the phone is not sent to the PC.
With separation of VLANs, you can also much easier implement security to control traffic to/from each VLAN.
02-05-2014 07:00 AM
Just got into a discussion with someone abotu it and wanted another perspective. There's a thought that in the exact situation where the PC hangs off the phone, since it's the same cable coming down from the switch, that both devices are seeing all the traffic. Thank you.
02-05-2014 05:51 PM
If both devices were on the same VLAN, that would be the case.
Using a different VLAN for Data/Voice means the switch in the phone can differentiate between the two so it forwards voice frames to the phone and Data frames to the PC.
The PC and the phone cannot communicate directly at the ethernet layer - traffic between the two would have to be routed between the two VLANs on your Layer3 switch/router.
The benefits of using two different VLANs include:
- Voice frames can be more easily identified and prioritised over Data using QoS.
- The Voice devices don't see Data broadcasts and vice-versa
- network access between the two subnets can be controlled at the Layer3 switch/router.
02-06-2014 03:06 AM
Disclaimer
The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
Liability Disclaimer
In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
Posting
Matthew Collaery wrote:
If both devices were on the same VLAN, that would be the case.
I think the OP's concern is the shared link, and it's bandwidth usage, to the VoIP phone. This link is acting as a trunk (of two VLANs).
BTW, in some Avaya VoIP documentation, they recommend up to about 256 VoIP phones, when there's a downstream PC on such links, but if the VoIP phone and PC are on dedicated/individual links (still with different VLANs) they also note the number of VoIP phones, per the voice VLAN, can be doubled. So, there's a negative impact to sharing the link to VoIP phone and PC.
The OP, I believe, was wondering when the VoIP phone and PC share the same link, whether there's any advantage of still having each device type in its own VLAN. Again, there are still advantages, but bandwidth isolation is no longer one of them.
- Voice frames can be more easily identified and prioritised over Data using QoS.
Indeed and actually extremely important on the link to the VoIP phone if there's also a downstream PC attached to it. Otherwise, downstream PC data can delay and/or drop VoIP traffic.
- Voice frames can be more easily identified and prioritised over Data using QoS.
Yes and no. The VoIP phone does see all traffic coming down the "trunk". However, (hopefully) the mini switch portion of the VoIP phone filters out the PC traffic from the logical VoIP phone.
PS:
Also BTW, we've found some (older) Cisco VoIP phones very much degrade the PCs performance. Our guess is their mini-switch was poorly designed.
02-08-2014 09:02 AM
Thanks guys. I just wanted a feel for others thoughts/experiences. We actually had an experience with a remote "IT" user that didn't or wouldn't grasp the concept of vlans. And on this new VoIP installation was dead convinced that although i put voice and data on different vlans, there was no difference in performance than if they were on the same vlan.
This is part of a larger issue with this client, their lan is a 10/8 over 15+ sites, some fiber runs between sites in excess of 20 miles (yes a giant geographic broadcast domain), broadcast storms a nearly daily occurrence, and with no metrics, making a comparison to a dated digital phone pbx.
The bandwidth is an interesting point that I hadn't dived into yet, but yes thats a concern as well.
Thanks again.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide