- Preface
- Using the Command-Line Interface
-
- Configuring Spanning Tree Protocol
- Configuring Multiple Spanning-Tree Protocol
- Configuring Optional Spanning-Tree Features
- Configuring EtherChannels
- Configuring Link-State Tracking
- Configuring Flex Links and the MAC Address-Table Move Update Feature
- Configuring UniDirectional Link Detection
- Configuring Resilient Ethernet Protocol
-
- Security Features Overview
- Preventing Unauthorized Access
- Controlling Switch Access with Passwords and Privilege Levels
- Configuring TACACS+
- Configuring RADIUS
- Configuring Kerberos
- Configuring Local Authentication and Authorization
- Configuring Secure Shell (SSH)
- Configuring Secure Socket Layer HTTP
- Configuring IPv4 ACLs
- Configuring IPv6 ACLs
- Configuring DHCP
- Configuring IP Source Guard
- Configuring Dynamic ARP Inspection
- Configuring IEEE 802.1x Port-Based Authentication
- Configuring Web-Based Authentication
- Configuring Port-Based Traffic Control
- Configuring IPv6 First Hop Security
- Configuring Cisco TrustSec
- Configuring FIPS
- Index
Configuring Voice VLANs
- Finding Feature Information
- Prerequisites for Voice VLANs
- Restrictions for Voice VLANs
- Information About Voice VLAN
- How to Configure Voice VLAN
- Monitoring Voice VLAN
- Configuration Examples for Voice VLANs
- Where to Go Next
- Additional References
- Feature History and Information for Voice VLAN
Finding Feature Information
Your software release may not support all the features documented in this module. For the latest caveats and feature information, see Bug Search Tool and the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the feature information table at the end of this module.
Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn. An account on Cisco.com is not required.
Prerequisites for Voice VLANs
The following are the prerequisites for voice VLANs:
Voice VLAN configuration is only supported on switch access ports; voice VLAN configuration is not supported on trunk ports.
NoteTrunk ports can carry any number of voice VLANs, similar to regular VLANs. The configuration of voice VLANs is not supported on trunk ports.
Before you enable voice VLAN, we recommend that you enable QoS on the switch by entering the mls qos global configuration command and configure the port trust state to trust by entering the mls qos trust cos interface configuration command. If you use the auto-QoS feature, these settings are automatically configured.
You must enable CDP on the switch port connected to the Cisco IP Phone to send the configuration to the phone. (CDP is globally enabled by default on all switch interfaces.)
Restrictions for Voice VLANs
The following are the restrictions for voice VLANs:
Information About Voice VLAN
Voice VLANs
The voice VLAN feature enables access ports to carry IP voice traffic from an IP phone. When the switch is connected to a Cisco 7960 IP Phone, the phone sends voice traffic with Layer 3 IP precedence and Layer 2 class of service (CoS) values, which are both set to 5 by default. Because the sound quality of an IP phone call can deteriorate if the data is unevenly sent, the switch supports quality of service (QoS) based on IEEE 802.1p CoS. QoS uses classification and scheduling to send network traffic from the switch in a predictable manner.
The Cisco 7960 IP Phone is a configurable device, and you can configure it to forward traffic with an IEEE 802.1p priority. You can configure the switch to trust or override the traffic priority assigned by a Cisco IP Phone.
This network configuration is one way to connect a Cisco 7960 IP Phone.
The Cisco IP Phone contains an integrated three-port 10/100 switch. The ports provide dedicated connections to these devices:
Cisco IP Phone Voice Traffic
You can configure an access port with an attached Cisco IP Phone to use one VLAN for voice traffic and another VLAN for data traffic from a device attached to the phone. You can configure access ports on the switch to send Cisco Discovery Protocol (CDP) packets that instruct an attached phone to send voice traffic to the switch in any of these ways:
Note | In all configurations, the voice traffic carries a Layer 3 IP precedence value (the default is 5 for voice traffic and 3 for voice control traffic). |
Cisco IP Phone Data Traffic
The switch can also process tagged data traffic (traffic in IEEE 802.1Q or IEEE 802.1p frame types) from the device attached to the access port on the Cisco IP Phone. You can configure Layer 2 access ports on the switch to send CDP packets that instruct the attached phone to configure the phone access port in one of these modes:
In trusted mode, all traffic received through the access port on the Cisco IP Phone passes through the phone unchanged.
In untrusted mode, all traffic in IEEE 802.1Q or IEEE 802.1p frames received through the access port on the Cisco IP Phone receive a configured Layer 2 CoS value. The default Layer 2 CoS value is 0. Untrusted mode is the default.
Note | Untagged traffic from the device attached to the Cisco IP Phone passes through the phone unchanged, regardless of the trust state of the access port on the phone. |
Voice VLAN Configuration Guidelines
-
Because a Cisco 7960 IP Phone also supports a connection to a PC or other device, a port connecting the switch to a Cisco IP Phone can carry mixed traffic. You can configure a port to decide how the Cisco IP Phone carries voice traffic and data traffic.
-
The voice VLAN should be present and active on the switch for the IP phone to correctly communicate on the voice VLAN. Use the show vlan privileged EXEC command to see if the VLAN is present (listed in the display). If the VLAN is not listed, create the voice VLAN.
-
The Power over Ethernet (PoE) switches are capable of automatically providing power to Cisco pre-standard and IEEE 802.3af-compliant powered devices if they are not being powered by an AC power source.
-
The Port Fast feature is automatically enabled when voice VLAN is configured. When you disable voice VLAN, the Port Fast feature is not automatically disabled.
-
If the Cisco IP Phone and a device attached to the phone are in the same VLAN, they must be in the same IP subnet. These conditions indicate that they are in the same VLAN:
-
The Cisco IP Phone and a device attached to the phone cannot communicate if they are in the same VLAN and subnet but use different frame types because traffic in the same subnet is not routed (routing would eliminate the frame type difference).
-
Voice VLAN ports can also be these port types:
-
IEEE 802.1x authenticated port.
Note
If you enable IEEE 802.1x on an access port on which a voice VLAN is configured and to which a Cisco IP Phone is connected, the phone loses connectivity to the switch for up to 30 seconds.
Default Voice VLAN Configuration
The voice VLAN feature is disabled by default.
When the voice VLAN feature is enabled, all untagged traffic is sent according to the default CoS priority of the port.
The CoS value is not trusted for IEEE 802.1p or IEEE 802.1Q tagged traffic.
How to Configure Voice VLAN
Configuring Cisco IP Phone Voice Traffic
You can configure a port connected to the Cisco IP Phone to send CDP packets to the phone to configure the way in which the phone sends voice traffic. The phone can carry voice traffic in IEEE 802.1Q frames for a specified voice VLAN with a Layer 2 CoS value. It can use IEEE 802.1p priority tagging to give voice traffic a higher priority and forward all voice traffic through the native (access) VLAN. The Cisco IP Phone can also send untagged voice traffic or use its own configuration to send voice traffic in the access VLAN. In all configurations, the voice traffic carries a Layer 3 IP precedence value (the default is 5).
DETAILED STEPS
Configuring the Priority of Incoming Data Frames
You can connect a PC or other data device to a Cisco IP Phone port. To process tagged data traffic (in IEEE 802.1Q or IEEE 802.1p frames), you can configure the switch to send CDP packets to instruct the phone how to send data packets from the device attached to the access port on the Cisco IP Phone. The PC can generate packets with an assigned CoS value. You can configure the phone to not change (trust) or to override (not trust) the priority of frames arriving on the phone port from connected devices.
Follow these steps to set the priority of data traffic received from the non-voice port on the Cisco IP Phone:
1.
enable
4.
switchport priority
extend {cos
value |
trust}
DETAILED STEPS
Command or Action | Purpose | |||
---|---|---|---|---|
Step 1 |
enable
Example:
Switch> enable
|
Enables privileged EXEC mode. Enter your password if prompted. | ||
Step 2 | configure
terminal
Example: Switch# configure terminal | |||
Step 3 | interface
interface-id
Example: Switch(config)# interface gigabitethernet1/0/1 |
Specifies the interface connected to the Cisco IP Phone, and enters interface configuration mode. | ||
Step 4 | switchport priority
extend {cos
value |
trust}
Example: Switch(config-if)# switchport priority extend trust |
Sets the priority of data traffic received from the Cisco IP Phone access port:
| ||
Step 5 | end
Example: Switch(config-if)# end | |||
Step 6 | show
interfaces
interface-id
switchport
Example: Switch# show interfaces gigabitethernet1/0/1 switchport | |||
Step 7 | copy
running-config startup-config
Example: Switch# copy running-config startup-config |
Monitoring Voice VLAN
To display voice VLAN configuration for an interface, use the show interfaces interface-id switchport privileged EXEC command.
Configuration Examples for Voice VLANs
Example: Configuring Cisco IP Phone Voice Traffic
This example shows how to configure a port connected to a Cisco IP Phone to use the CoS value to classify incoming traffic and to accept voice and data priority traffic tagged with VLAN ID 0:
Switch# configure terminal Enter configuration commands, one per line. End with CNTL/Z. Switch(config)# interface gigabitethernet1/0/1 Switch(config-if)# mls qos trust cos Switch(config-if)# switchport voice vlan dot1p Switch(config-if)# end
To return the port to its default setting, use the no switchport voice vlan interface configuration command.
This example shows how to enable switch port voice detect on a Cisco IP Phone:
Switch# configure terminal Enter configuration commands, one per line. End with CNTL/Z. Switch(config)# interface gigabitethernet 1/0/1 Switch(config-if)# switchport voice? detect detection enhancement keyword vlan VLAN for voice traffic Switch(config-if)# switchport voice detect? cisco-phone Cisco IP Phone Switch(config-if)# switchport voice detect cisco-phone? full-duplex Cisco IP Phone Switch(config-if)# switchport voice detect cisco-phone full-duplex full-duplex full duplex keyword Switch(config-if)# end
This example shows how to disable switchport voice detect on a Cisco IP Phone:
Switch# configure terminal Enter configuration commands, one per line. End with CNTL/Z. Switch(config)# interface gigabitethernet 1/0/1 Switch(config-if)# no switchport voice detect cisco-phone Switch(config-if)# no switchport voice detect cisco-phone full-duplex
Example: Configuring a Port Connected to an IP Phone Not to Change Frame Priority
This example shows how to configure a port connected to a Cisco IP Phone to not change the priority of frames received from the PC or the attached device:
Switch# configure terminal Enter configuration commands, one per line. End with CNTL/Z. Switch(config)# interface gigabitethernet1/0/1 Switch(config-if)# switchport priority extend trust Switch(config-if)# end
Where to Go Next
After configuring voice VLANs, you can configure the following:
Additional References
Related Documents
Related Topic | Document Title |
---|---|
For complete syntax and usage information for the commands used in this chapter. |
Standards and RFCs
Standard/RFC | Title |
---|---|
— |
— |
MIBs
MIB | MIBs Link |
---|---|
All supported MIBs for this release. |
To locate and download MIBs for selected platforms, Cisco IOS releases, and feature sets, use Cisco MIB Locator found at the following URL: |
Technical Assistance
Description | Link |
---|---|
The Cisco Support website provides extensive online resources, including documentation and tools for troubleshooting and resolving technical issues with Cisco products and technologies. To receive security and technical information about your products, you can subscribe to various services, such as the Product Alert Tool (accessed from Field Notices), the Cisco Technical Services Newsletter, and Really Simple Syndication (RSS) Feeds. Access to most tools on the Cisco Support website requires a Cisco.com user ID and password. |
Feature History and Information for Voice VLAN
Release | Modification |
---|---|
Cisco IOS 15.0(2)EX1 |
This feature was introduced. |