Mixing
What are reasons to configure a Voice VLAN using the Auxillary VLAN feature instead of a Trunk + Native vLAN
Imagine this topology:
[PC] ------- [VOIP Phone] ------- [eth0/0 on a Switch]
And this configuration on the switch:
vlan 22
name DATA
vlan 33
name VOICE
There are two ways to have both the PC's traffic and the VOIP phone's traffic "arrive" on eth0/0 in distinct VLANs. 1. Use a Trunk port, 2. Use the Auxillary VLAN feature".
Option 1:
int eth0/0
switchport mode trunk
switchport trunk native vlan 22
switchport trunk allowed vlan 22,33
Option 2:
int eth0/0
switchport mode access
switchport access vlan 22
switchport voice vlan 33
The net effect of either of these is the same untagged traffic from the PC arrives and is accepted into VLAN 22 (the data VLAN), and tagged traffic from the VOIP phone arrives and is accepted into VLAN 33.
My question:
What are the benefits of using Option 1 or Option 2? What reasons exist that make either of these better than the other?
switch vlan switching trunk voice
edited Feb 1 at 14:57
Ron Maupin♦
68.3k1369126
asked Feb 1 at 13:39
rsicrsic
232
add a comment |
Imagine this topology:
[PC] ------- [VOIP Phone] ------- [eth0/0 on a Switch]
And this configuration on the switch:
vlan 22
name DATA
vlan 33
name VOICE
There are two ways to have both the PC's traffic and the VOIP phone's traffic "arrive" on eth0/0 in distinct VLANs. 1. Use a Trunk port, 2. Use the Auxillary VLAN feature".
Option 1:
int eth0/0
switchport mode trunk
switchport trunk native vlan 22
switchport trunk allowed vlan 22,33
Option 2:
int eth0/0
switchport mode access
switchport access vlan 22
switchport voice vlan 33
The net effect of either of these is the same untagged traffic from the PC arrives and is accepted into VLAN 22 (the data VLAN), and tagged traffic from the VOIP phone arrives and is accepted into VLAN 33.
My question:
What are the benefits of using Option 1 or Option 2? What reasons exist that make either of these better than the other?
switch vlan switching trunk voice
edited Feb 1 at 14:57
Ron Maupin♦
68.3k1369126
asked Feb 1 at 13:39
rsicrsic
232
1
with option 2 you can use "spanning-tree portfast edge" as a global command to enable Portfast on all "switchport mode access" ports. Enabling "spanning-tree portfast trunk" with Option1 will set your edge-ports to portfast, but also the Trunks to your upstream switches which might be an unwanted option.
– Andreas Schaefer
Feb 1 at 18:46
add a comment |
Imagine this topology:
[PC] ------- [VOIP Phone] ------- [eth0/0 on a Switch]
And this configuration on the switch:
vlan 22
name DATA
vlan 33
name VOICE
There are two ways to have both the PC's traffic and the VOIP phone's traffic "arrive" on eth0/0 in distinct VLANs. 1. Use a Trunk port, 2. Use the Auxillary VLAN feature".
Option 1:
int eth0/0
switchport mode trunk
switchport trunk native vlan 22
switchport trunk allowed vlan 22,33
Option 2:
int eth0/0
switchport mode access
switchport access vlan 22
switchport voice vlan 33
The net effect of either of these is the same untagged traffic from the PC arrives and is accepted into VLAN 22 (the data VLAN), and tagged traffic from the VOIP phone arrives and is accepted into VLAN 33.
My question:
What are the benefits of using Option 1 or Option 2? What reasons exist that make either of these better than the other?
switch vlan switching trunk voice
edited Feb 1 at 14:57
Ron Maupin♦
68.3k1369126
asked Feb 1 at 13:39
rsicrsic
232
Imagine this topology:
[PC] ------- [VOIP Phone] ------- [eth0/0 on a Switch]
And this configuration on the switch:
vlan 22
name DATA
vlan 33
name VOICE
There are two ways to have both the PC's traffic and the VOIP phone's traffic "arrive" on eth0/0 in distinct VLANs. 1. Use a Trunk port, 2. Use the Auxillary VLAN feature".
Option 1:
int eth0/0
switchport mode trunk
switchport trunk native vlan 22
switchport trunk allowed vlan 22,33
Option 2:
int eth0/0
switchport mode access
switchport access vlan 22
switchport voice vlan 33
The net effect of either of these is the same untagged traffic from the PC arrives and is accepted into VLAN 22 (the data VLAN), and tagged traffic from the VOIP phone arrives and is accepted into VLAN 33.
My question:
What are the benefits of using Option 1 or Option 2? What reasons exist that make either of these better than the other?
switch vlan switching trunk voice
switch vlan switching trunk voice
edited Feb 1 at 14:57
Ron Maupin♦
68.3k1369126
asked Feb 1 at 13:39
rsicrsic
232
edited Feb 1 at 14:57
Ron Maupin♦
68.3k1369126
asked Feb 1 at 13:39
rsicrsic
232
edited Feb 1 at 14:57
Ron Maupin♦
68.3k1369126
edited Feb 1 at 14:57
Ron Maupin♦
68.3k1369126
edited Feb 1 at 14:57
Ron Maupin♦
68.3k1369126
68.3k1369126
asked Feb 1 at 13:39
rsicrsic
232
asked Feb 1 at 13:39
rsicrsic
232
asked Feb 1 at 13:39
rsicrsic
232
232
1
with option 2 you can use "spanning-tree portfast edge" as a global command to enable Portfast on all "switchport mode access" ports. Enabling "spanning-tree portfast trunk" with Option1 will set your edge-ports to portfast, but also the Trunks to your upstream switches which might be an unwanted option.
– Andreas Schaefer
Feb 1 at 18:46
add a comment |
1
with option 2 you can use "spanning-tree portfast edge" as a global command to enable Portfast on all "switchport mode access" ports. Enabling "spanning-tree portfast trunk" with Option1 will set your edge-ports to portfast, but also the Trunks to your upstream switches which might be an unwanted option.
– Andreas Schaefer
Feb 1 at 18:46
1
1
with option 2 you can use "spanning-tree portfast edge" as a global command to enable Portfast on all "switchport mode access" ports. Enabling "spanning-tree portfast trunk" with Option1 will set your edge-ports to portfast, but also the Trunks to your upstream switches which might be an unwanted option.
– Andreas Schaefer
Feb 1 at 18:46
with option 2 you can use "spanning-tree portfast edge" as a global command to enable Portfast on all "switchport mode access" ports. Enabling "spanning-tree portfast trunk" with Option1 will set your edge-ports to portfast, but also the Trunks to your upstream switches which might be an unwanted option.
– Andreas Schaefer
Feb 1 at 18:46
add a comment |
1 Answer
1
active
oldest
votes
Option 1 carries some security risk because broadcast and flooded traffic for the VoIP VLAN will be sent to the interface, even if there is no phone attached. Also, most PCs do not understand VLAN tags (some can be configured to do so, which is the security risk), and they will receive what appears to be garbage, wasting bandwidth on the link.
Option 2 is preferred because the switch interface will automatically optimize for what is, or is not, attached to it.A Cisco phone and switch will use CDP to negotiate a trunk.
In some cases with a non-Cisco phone, you may be forced to use Option 1, or you may be able to use LLDP instead of CDP to negotiate the trunk.
answered Feb 1 at 14:57
Ron Maupin♦Ron Maupin
68.3k1369126
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "496"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
noCode: true, onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fnetworkengineering.stackexchange.com%2fquestions%2f56546%2fwhat-are-reasons-to-configure-a-voice-vlan-using-the-auxillary-vlan-feature-inst%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
Option 1 carries some security risk because broadcast and flooded traffic for the VoIP VLAN will be sent to the interface, even if there is no phone attached. Also, most PCs do not understand VLAN tags (some can be configured to do so, which is the security risk), and they will receive what appears to be garbage, wasting bandwidth on the link.
Option 2 is preferred because the switch interface will automatically optimize for what is, or is not, attached to it.A Cisco phone and switch will use CDP to negotiate a trunk.
In some cases with a non-Cisco phone, you may be forced to use Option 1, or you may be able to use LLDP instead of CDP to negotiate the trunk.
answered Feb 1 at 14:57
Ron Maupin♦Ron Maupin
68.3k1369126
add a comment |
Option 1 carries some security risk because broadcast and flooded traffic for the VoIP VLAN will be sent to the interface, even if there is no phone attached. Also, most PCs do not understand VLAN tags (some can be configured to do so, which is the security risk), and they will receive what appears to be garbage, wasting bandwidth on the link.
Option 2 is preferred because the switch interface will automatically optimize for what is, or is not, attached to it.A Cisco phone and switch will use CDP to negotiate a trunk.
In some cases with a non-Cisco phone, you may be forced to use Option 1, or you may be able to use LLDP instead of CDP to negotiate the trunk.
answered Feb 1 at 14:57
Ron Maupin♦Ron Maupin
68.3k1369126
add a comment |
Option 1 carries some security risk because broadcast and flooded traffic for the VoIP VLAN will be sent to the interface, even if there is no phone attached. Also, most PCs do not understand VLAN tags (some can be configured to do so, which is the security risk), and they will receive what appears to be garbage, wasting bandwidth on the link.
Option 2 is preferred because the switch interface will automatically optimize for what is, or is not, attached to it.A Cisco phone and switch will use CDP to negotiate a trunk.
In some cases with a non-Cisco phone, you may be forced to use Option 1, or you may be able to use LLDP instead of CDP to negotiate the trunk.
answered Feb 1 at 14:57
Ron Maupin♦Ron Maupin
68.3k1369126
Option 1 carries some security risk because broadcast and flooded traffic for the VoIP VLAN will be sent to the interface, even if there is no phone attached. Also, most PCs do not understand VLAN tags (some can be configured to do so, which is the security risk), and they will receive what appears to be garbage, wasting bandwidth on the link.
Option 2 is preferred because the switch interface will automatically optimize for what is, or is not, attached to it.A Cisco phone and switch will use CDP to negotiate a trunk.
In some cases with a non-Cisco phone, you may be forced to use Option 1, or you may be able to use LLDP instead of CDP to negotiate the trunk.
answered Feb 1 at 14:57
Ron Maupin♦Ron Maupin
68.3k1369126
answered Feb 1 at 14:57
Ron Maupin♦Ron Maupin
68.3k1369126
answered Feb 1 at 14:57
Ron Maupin♦Ron Maupin
68.3k1369126
answered Feb 1 at 14:57
Ron Maupin♦Ron Maupin
68.3k1369126
68.3k1369126
add a comment |
add a comment |
Thanks for contributing an answer to Network Engineering Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fnetworkengineering.stackexchange.com%2fquestions%2f56546%2fwhat-are-reasons-to-configure-a-voice-vlan-using-the-auxillary-vlan-feature-inst%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
1
with option 2 you can use "spanning-tree portfast edge" as a global command to enable Portfast on all "switchport mode access" ports. Enabling "spanning-tree portfast trunk" with Option1 will set your edge-ports to portfast, but also the Trunks to your upstream switches which might be an unwanted option.
– Andreas Schaefer
Feb 1 at 18:46