VLAN is a Layer 2 feature that basically emulates physically separate networks over a common physical medium. Think of two switches, each with devices connected to switchports, but the two switches are not connected to each other. In that sense, you would have two discreet networks; hosts on switch A cannot communicate with hosts on switch B. VLAN in its most basic implementation might be configuring a 1234 so that ports 1-12 provide access to VLAN 1, while ports 13-24 access VLAN 5. Hosts in ports 1-12 cannot communicate with hosts in 13-24. In other words, VLANs provide a way to segregate traffic in a way similar to separate switches.
When you share one cable from desk to switch, the devices at each end (switchport and phone) must create an 802.1Q VLAN trunk. This way, two or more VLANs can traverse one physical link. The switch normally considers VLAN 1 default, which means untagged Ethernet frames. Traffic to/from the PC will be untagged. The phone will add a "VLAN 5" tag to its own Ethernet frames and the switch will forward that traffic in VLAN 5.
There are various ways to achieve this design, but I normally prefer to:
- Choose one or more switchports where the PBX and other voice 'main equipment' will connect; hard-set them to VLAN 5 (untagged, native).
interface switchport 0/24
switchport access vlan 5
- Assuming your Polycom phones support the feature, configure LLDP-MED on other switchports where phones will connect. This will automatically configure your phones to be aware of VLAN 5 and use it for voice traffic, as well as setup an 802.1Q VLAN trunk to allow the PC to pass through untagged. You can probably configure each phone's VLAN assignment manually, but who wants to do that?
interface switchport 0/1
switchport voice vlan 5 dscp 46
Repeat for each phone-facing switchport, or use command interface range switchport 0/1-24 and then enter the common parameters to configure a range all at once.
- Configure uplink ports between switches (typically gigabit) for VLAN trunking (all of them).
interface gigabit-switchport 0/1
switchport mode trunk
Some reading material:
1 of 1 people found this helpful
Chris did an excellent job explaining the VLANs very good explanation Chris. I wanted to touch on a couple of other things to be aware from the voice side. First you have to do one of two things either directly on each phone you have to manually configure the voice VLAN or you have to add to the DHCP server the specific option the phones need in order to get their VLAN ID and configuration server setting. Second big issue is where is the routing occurring for the phones? If it and DHCP are being handled by a device Comcast puts on site then from the switch side you do not need to do any routing so turn it off on the switch, and VLAN 5 would have no IP address, also make sure you do no ip route. Only IP address on the switch should be the management IP address of the switch itself on whatever the management VLAN is which I will assume VLAN 1 based on the configs. If it is a completely hosted system and you are handling DHCP for both networks and routing from the private network then there would be some additional design needed to be done but that would be on a router not at the switch level.
I went ahead and flagged the "Correct Answer" on this post to make it more visible and help other members of the community find solutions more easily. If you don't feel like the answer I marked was correct, feel free to come back to this post and unmark it, and select another in its place, with the applicable buttons.