04-18-2015 11:54 AM - edited 03-07-2019 11:37 PM
Hi,
I have a 3850 stack (core & access - server or user) and a couple 3750 switches ("user" access) I'm setting up to support a VOIP install. The 3750s are trunked to the 3850 stack. All are at current recommended or greater IOS.
Currently I'm trying to determine if the settings I plan on using for ports is correct. I still have routing to button down but I need the ports proper first. I'm a IOS/Cisco newb so please be patient.
Pertinent info:
There are 3 VLANs, VLAN1 - management, VLAN2 - Data, and VLAN10 - voice. VLAN10 will be marked as the voice VLAN on the switch.
The "user" access devices I will connect to a port are either a PC, a Yealink phone, or a Yealink phone+PC. PC traffic arrives untagged. Yealinks will send a untagged DHCP request, receive a DHCP data, reissue a DHCP request with a VLAN10 tag, and all future communication will be vlan10 tagged.
Here's what I have put together so far for the "user" access ports. Command is for one port (I'll use interface range when I actually do this):
config t
: #--clear all settings on port
default interface G1/0/1
: #-- enter interface setup
interface G1/0/1
description VoiceData
: #-- set port to trunk mode
switchport mode trunk
: #-- set port to 802.1q which allows tagged traffic (phone)
switchport trunk encapsulation dot1q
: #--we only allow tagged 10, all else is untagged & switch tagged to vlan 2.
switchport trunk allow vlan 10
switchport trunk native vlan 2
: #--speed port init with portfast
spanning-tree portfast
end
Am I on the right track? Other commands I should include? Will the switch prioritize the VLAN 10 traffic automatically since I have VLAN10 set as voice or do I need to issue a switchport voice vlan 10 command for the port?
TIA
Solved! Go to Solution.
04-18-2015 02:12 PM
Hi Dennis,
Old IOS required creating switchports with phone and data as trunk ports. Newer IOS allows you to create switchports as access ports.
Int g0/1
switch mode acc
switchport access vlan 2
switchport voice vlan 10
spanning-tree portfast
Hope this helps.
Please remember to rate helpful posts.
Thanks.
04-18-2015 02:12 PM
Hi Dennis,
Old IOS required creating switchports with phone and data as trunk ports. Newer IOS allows you to create switchports as access ports.
Int g0/1
switch mode acc
switchport access vlan 2
switchport voice vlan 10
spanning-tree portfast
Hope this helps.
Please remember to rate helpful posts.
Thanks.
05-14-2015 11:21 AM
In case anyone comes across this thread this is what I ended up with.
Port for the VMware server (this is a single 10Gb):
interface TenGigabitEthernet1/1/3
switchport trunk allowed vlan 1,10
switchport mode trunk
switchport nonegotiate
switchport voice vlan 10
macro description cisco-switch
spanning-tree portfast
spanning-tree link-type point-to-point
Ports for phones+desktops:
switchport trunk allowed vlan 1,10
switchport mode trunk
switchport voice vlan 10
spanning-tree portfast trunk
04-20-2015 11:01 AM
Thanks Charles, that appears to be working. Until I get this fully working I'm not going to split management & data, so vlan1 & 10 is all for now.
I'm now trying to get connectivity to the server (VMWare VM). I don't seem to be able to get any communication when it is set to static in the vlan10 subnet (10.10.1.1/24). With the NIC in vlan1 subnet (dhcp) it works perfectly. I tried smartport desktop, smartport trunk, the settings above (both of them) and nothing seems to work. The server will need to talk in both subnets/vlans.
Server cannot ping out and the switch cannot ping it. Initially I thought it was a routing issue. Settings look good though (core switch):
ip address 10.1.4.254 255.255.0.0
interface Vlan1
description Mgmt+Data
ip address 10.1.4.254 255.255.0.0
ip helper-address 10.1.1.13
!
interface Vlan10
description Voice
ip address 10.10.1.254 255.255.255.0
ip helper-address 10.10.1.1
!
ip default-gateway 10.1.4.3
ip http server
ip http secure-server
ip route 0.0.0.0 0.0.0.0 10.1.4.3
I did some dhcp debugging for a phone and it communicates with the vlan1 dhcp server but when it then tries to talk to 10.10.1.1 (VM server) there's no response.
I then figured I had a NIC problem, but with it working perfectly fine with the vlan1 subnet setup my OS appears good.
All this leads me to believe I don't have the port set up properly.
Ideas?
04-20-2015 11:16 AM
Disclaimer
The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
Liability Disclaimer
In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
Posting
How's the port configured to the VM sever? Usually, they are configured as trunks.
04-20-2015 11:31 AM
Current port settings:
interface TenGigabitEthernet1/1/3
switchport trunk allowed vlan 1,10
switchport mode trunk
switchport voice vlan 10
auto qos trust
macro description cisco-switch
spanning-tree portfast
spanning-tree link-type point-to-point
VM Can't ping 10.10.1.254 or 10.1.1.254. Switch can't ping 10.10.1.1 but can ping 10.1.1.254 & 10.10.1.254
04-20-2015 11:39 AM
Also - firewall is off on the VM and the interface isn't shut down (ran no sh).
CDP for the VM adapter:
Cisco Discovery Protocol
Version 2
Timeout 0
Time to live 141
Samples 2957
Device ID SW-Core.1.***.local
IP address 10.1.4.254
Port ID TenGigabitEthernet1/1/3
Software version Cisco IOS Software, IOS-XE Software, Catalyst L3 Switch Software (CAT3K_CAA-UNIVERSALK9-M), Version 03.03.05SE RELEASE SOFTWARE
Hardware platform cisco WS-C3850-24P
IP prefix 0.0.0.0
IP prefix length 0
VLAN 1
Full Duplex Enabled
MTU 0
System name
System OId
Management address 10.1.4.254
Location
Peer device capability
Router Enabled
Transparent bridge Disabled
Source route bridge Disabled
Network switch Enabled
Host Disabled
IGMP Enabled
Repeater Disabled
04-21-2015 05:35 PM
Disclaimer
The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
Liability Disclaimer
In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
Posting
You shouldn't need to mix trunk port with switchport VLAN 10. (Unsure whether the combination would cause any problem, though.)
Normal port-fast doesn't apply to trunk ports (although your link type might enable it - recall there's a different STP command to enable port-fast for trunk ports, that are edge ports).
Is your /16 mask correct on vlan 1?
You shouldn't need helpers pointing to IPs on same subnet as interface.
04-22-2015 07:51 AM
I did try the settings I used for the phone port but I get no communication using 10.10.1.0/24. Sometimes when I run the portfast command I get a warning that it won't be applied in all cases.
Yes, the /16 mask is correct. I'm considering splitting it into several /24 subnets but I need to get the core/access switches going 1st.
Does having a helper on vlan1 hurt? Against recommended setup?
04-22-2015 05:29 PM
Disclaimer
The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
Liability Disclaimer
In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
Posting
I don't think your helper will hurt, but again, for a DCHP server on the same subnet, they shouldn't be needed.
An important variable is how your VM is configured. You haven't posted that, and even if you do, I don't have experience configuring VM servers. (Someone else reading these posts might, though.)
04-23-2015 07:43 AM
I suspect I have something munged up. I found this page on the Vmware site on a recommended setup:
And with those settings it didn't work. I have a support case w/Cisco open. I'll see where that goes and if they can't get it going I'll reset the stack and start over.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide