Voice Vlan
A voice VLAN is used for IP phones when running (VoIP) voice over IP. If a user has one a network drop and an IP phone, the phone will connect to the network drop while their computer will connect to the phone. If we had VLANs for VoIP and a different VLAN for data how are we able to use both?
With IP phones they can act like a little switch and we can configure the upstream switch to instruct the phone to use a special-case 802.1Q trunk link or a single VLAN. With a trunk link we can have isolate the the data from the computer and the phone which provides security and quality of service (QoS) capabilities. The switch port does not need any special trunking configuration if a trunk is wanted. A special-case trunk is automatically negotiated by the dynamic Trunking Protocol (DTP) and CDP.
Voice can travel over a unique VLAN called the voice VLAN (VVID) or it can travel over the regular data VLAN. Because this traffic does not have any 802.1Q tag, it has also been called native VLAN, or port VLAN (PVID).
Configuring Voice VLAN
The command on the interface connecting to the phone and computer would look something like:
Switch(config)# interface GigabitEthernet0/1
Switch(config-if)# switchport mode access
Switch(config-if)# switchport access vlan 10
Switch(config-if)# switchport voice vlan 20
Switch(config-if)# spanning-tree portfast
Switch(config-if)# exit
The command switchport voice vlan has a couple of additional options.
Switch(config-if)#switchport voice vlan ?
<1-4094> Vlan for voice traffic
dot1p Priority tagged on PVID
name Set VLAN when interface is in access mode
none Don't tell telephone about voice vlan
untagged Untagged on PVID
| Command | Trunk? | Voice Traffic | PC Traffic |
|---|---|---|---|
| vlan-id | YES | VLAN vlan-d | untagged |
| dot1p* | YES | VLAN 0 / Priority tag | untagged |
| untagged** | NO | untagged | untagged |
| none (default) | NO | access VLAN | access VLAN |
*With Dot1p the IP phone tags the voice traffic as VLAN ID 0, meaning it uses 802.1p priority tagging to set the the CoS bit for QoS prioritization and is technically a trunk link.
**With untagged the IP phone sends voice traffic without a VLAN tag but it can still set the CoS bits for QoS prioritization.
The most flexible setup would be to use the switchport voice vlan vlan-id command. As we can define a different VLAN for voice traffic and keep the data traffic separate. If the phone was ever disconnected and the PC is connected to the same port, the PC will still be able to access the same resources the access VLAN it's assigned to. The special trunk will be removed automatically.
Verification of Voice VLAN
You can verify if the voice VLAN is working by issuing the show interfaces interface_name switchport and looking at the voice vlan output.
Switch#show interfaces gigabitEthernet 0/1 switchport
Name: Gi0/1
Switchport: Enabled
Administrative Mode: dynamic auto
Operational Mode: static access
Administrative Trunking Encapsulation: negotiate
Operational Trunking Encapsulation: native
Negotiation of Trunking: On
Access Mode VLAN: 10
Trunking Native Mode VLAN: 1 (default)
Administrative Native VLAN tagging: enabled
Voice VLAN: 20
Another way is to look at the show spanning-tree interface command and look to see if there are two different VLANs within the output and its in a forwarding state.