Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1340
Views
10
Helpful
4
Replies

Data and Voice VLAN configuration

motiar
Level 1
Level 1

‎01-03-2018 04:47 AM - edited ‎03-08-2019 01:17 PM

Hello Cisco Experts,

I am quite confused with the configuration of Data and Voice VLAN. VLAN 10 is for data and VLAN 20 is for Voice. My previous colleague has configured two switchs, SW01 & SW02, as follows:

SW01#
interface range GigabitEthernet0/1-47
switchport access vlan 10
switchport trunk encapsulation dot1q
switchport trunk native vlan 10
network-policy 1
spanning-tree portfast
spanning-tree bpduguard enable
ip dhcp snooping limit rate 20

!
interface GigabitEthernet1/1
description uplink
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 10,20
switchport mode trunk
ip dhcp snooping trust
-----------------------------------

SW02#

interface range GigabitEthernet1/0/1-47
switchport trunk native vlan 10
switchport trunk allowed vlan 10,20
switchport mode trunk
switchport voice vlan 20
no logging event link-status
no logging event power-inline-status
no snmp trap link-status
spanning-tree portfast
!
interface GigabitEthernet1/0/48
description Uplink_to_HP_Switch
switchport mode trunk
no logging event link-status
no logging event power-inline-status
no snmp trap link-status
spanning-tree portfast
ip dhcp snooping trust

-------------------------------

The Switchs are deployed to different locations.

My question is:

1. whether the switchs are configured correctly. SW01 is in full operation, but no devices are connected to SW02 yet, therefore I could figure it out whether it is also functional.

2. Which switchport mode is currently active on interface range GigabitEthernet0/1-47 to SW01?

---

My configuration would be following for either switchs and whether it is also correct:

interface range GigabitEthernet0/1-47

switchport mode access
switchport access vlan 10

Switchport voice vlan 20
network-policy 1
spanning-tree portfast
spanning-tree bpduguard enable
ip dhcp snooping limit rate 20

!
interface GigabitEthernet1/1
description uplink
switchport trunk encapsulation dot1q

switchport mode trunk
switchport trunk allowed vlan 10,20

switchport trunk native vlan10

Switchport nonegotiate
ip dhcp snooping trust

 

I would be thankful to your reply.

Motiar

Labels:
0 Helpful
4 Replies 4

Mark Malone
VIP Alumni
VIP Alumni

‎01-03-2018 05:50 AM

2. Which switchport mode is currently active on interface range GigabitEthernet0/1-47 to SW01?
To see that use command show int gx/x switchport

Your config in 2nd section is what I use is much more recent and recommended , back in the day before voice vlan command you would trunk the access port when voice was added too , not really anymore would be considered a bit legacy

Joseph W. Doherty
Hall of Fame
Hall of Fame

‎01-03-2018 06:19 AM

As Mark has already noted, your later configuration for a data/VoIP access port is the "modern" way of doing it.

BTW, your interface spanning-tree options often are supported as global settings, which reduces the "clutter" of the access port interface configs.

I also see on your later configuration, you set the native VLAN (to 10). Is there a reason for this?

motiar
Level 1
Level 1
In response to Joseph W. Doherty

‎01-03-2018 12:34 PM

Thank you Joseph & Mark for your  quick response.

Firstly, by applying the command sh int gx/x switchport I have ascertained that the connected ports on SW01 are access mode, and therefore the pcs are operational (I assume). But to SW02 (if you have a look again), the ports are statically configured as trunk. Therefore, I ask you again, why the end devices like PCs should work to SW02. As I told you, the SW02 is in remote location and no end devices have been connected yet to test.

Secondly, all ports (Gi0/1-47) on SW01 are associated with both data vlan 10 and voice vlan 20. But to SW02, the voice vlan 20 is associated with all the ports, but none of the ports are associated with data vlan10, and all ports are still in default vlan 1 (by applying show vlan brief). Then here is the question again, why the PCs should be working if connect to the SW02, as the ports are not associated with the data vlan? Both of the Switchs are c3560 and the SW02 is configured few weeks ago. Somehow I talked to my ex-colleague and he confirmed me that he testet an IP phone with the SW02.

 

Please help me to my confusion.

 

0 Helpful

Joseph W. Doherty
Hall of Fame
Hall of Fame
In response to motiar

‎01-03-2018 01:00 PM

The ports should work alike because both ports use untagged frames for VLAN 10 and tagged frames for VLAN 20.

As to sw02 showing all ports in VLAN1, that's an artifact because the ports are trunk ports, not access ports.
0 Helpful
Customers Also Viewed These Support Documents