Best way to connect VOIP LAN and computer LAN together

I need some help with a routing problem. We have just integrated VOIP into our company for the first time. We are using a Mitel SX-200 PBX. Currently the VOIP network is physically separate from the computer LAN. Both networks have completely different subnets, the Computer LAN is and the VOIP LAN is The VOIP LAN is not connected to the internet. It still uses the old copper method (PSTN) for the carrier service. We have a Sonicwall 2040 firewall that sits out in front of the computer LAN.

I would like some advice on the best approach to linking these two LAN’s together. I would like to either use the Sonicwall 2040 to route these two networks or use the switches that are on these two separate networks and create VLAN’s to do the routing, or possibly purchase a separate router to do this. I don’t really care I just want to do it the right way. Also I have one foreseeable problem, and that is the PBX uses a DHCP server to assign the VOIP phones an IP address, and I also run DHCP on our Microsoft 2003 server to assign IP addresses to the workstations.
Who is Participating?
If you wish to use VLAN's on the switches and pass voice and data over the same switches then these switches will also have to support QOS. This means that you may require new switches.

If you have or get layer-3 switches then you can get them to route between the two vlans. Alternativly you can get a low end router and use it to route between the vlans. The router option wont be as fast but that does not matter for you.
Why would you want to tie these two networks together? They are not designed to talk to each other, and the DHCP issue requires that they remain on separate broadcast domains. The only reason I can think of would be if you are using IP Phones that also have a PC switchport built into it, or simply to access the PBX from a workstation in the other network.
Most any vlan capable switch with Layer 3 routing can connect them together and keep them in separate broadcast domains.
So could most any router with 2 interfaces. One interface connected to each currently separate network.
DMS-XAuthor Commented:
>or simply to access the PBX from a workstation in the other network.
Yes this is one reason. The PBX can be managed through a web interface and I would like to be able to do this from the Computer LAN. Currently I must have a PC on the VOIP network just to manage the PBX from the web interface. I have temporarily used the second NIC card on one of the servers to do this but its a sloppy method if you ask me. The second reason is the PBX is capable of "Forward Voice Mail to email" and "Maintenance Alarm via email". This would be a very nice feature to use.

Surely I couldn't be the first IT guy to want to tie the VOIP network to the Computer LAN for these reasons.
Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

These are certainly viable reasons for wanting to cross-connect the two networks, and no - you're not the first to want to do this.
This interconnectivity is typically designed into the infrastructure with VLAN's instead of completely separate switches.
A 2nd NIC in a server is really the same effect as putting in a router or layer 3 capable switch. Not sloppy at all, but perfectly effective because it gives you the connectivity you need and keeps the broadcast domains separated.
DMS-XAuthor Commented:
Here is a diagram I made
One thing that I am looking into is that perhaps the VOIP phones can do just BOOTP rather than DHCP. If this is the case then I may be home free.

grblades ,

>If you wish to use VLAN's on the switches and pass voice and data over the same switches then these switches will also have to support QOS.
>This means that you may require new switches.
I don't see any reason for my voice to pass over into my data network. I just need HTTP and SMTP from my voice network to pass into my data network. My existing switches are layer 3 switches and I believe they support QOS.


lrmoore ,

>This interconnectivity is typically designed into the infrastructure with VLAN's instead of completely separate switches.
I agree. At the time I was planning on keeping these two networks completely separate. The two switches (physical networks) sit close enough together that I should be able to get myself a 48 port POE switch to replace both of these. I may just consider doing this, in fact it sounds like the proper way. Rather than use separate switches on separate segmented networks to to the VLAN's. I can see how this could get very messy.

>A 2nd NIC in a server is really the same effect as putting in a router or layer 3 capable switch. Not sloppy at all...
Unless your a perfectionist.

If your existing switches are layer3 then you could use them to do the routing instead.
All you would need to do is connect a port on the POE switch to a port on the data switch. Put the data switch port in a different VLAN and configure the data switch to route between the two VLAN's. If you do it this way then you would not even need QOS as the POE switch still only has voice going over it apart from very little data.
You only really need QOS if you have data (people copying large data from a server) and voice over the same switch.

DHCP wont be an issue either way you do it.

Using a server as a router is fine. Personally I only like doing it if the server is a Linux one as windows ones want rebooting whenever a new patch comes out which can be very inconvenient at times.
Heya -
   I just would like to back GRBlades on this... Voice networks and data networks are meant to be tied together... the idea is that they are just seen as another application of a network... a piece of network premise equipment does not care if the payload of an IP packet is an RTP media stream or a SNTP packet or a HTTP packet... its just another packet on the network... This is why at every Telephony or VoIP Conference or Forum you see 10,000 signs for "converged networks"... Did you ever ask why is there a hub/switch built into 95% of IP phones?? so you do not have to recable your cat3... you can just use your data network...

So all sounds cheaky ehhh?  Not yet.. you have an issue with running sensative applications over the network... what happens if it gets bogged down and you loose packets?  what happens to your sensative application i.e. voice?  you get gaps (loss) or delays (latency) in your conversation... so what does that mean?  well, let's start with why it happens:

Voice in legacy/TDM mode over a DS1 (a sigal channel of a pri) gets 64kbs per sampling of voice.... this is what some get determined way back when... so you do not get a burst in traffic, traffic is steady... it is a constant whether there is anything to transmit or not.

Data traffic does not do this... it pushes as much as it can as fast as it can?  why does this happen?  it was designed to do so... data was meant to use a flood method called CBR (constant bit rate) that forces as much data through a link as possible and uses ack packets to confirm delivery (in the case of TCP) and in the case of UDP layer 5/6/7 apllications to control buffering when needed...

So we have decided you can loose voice packets on a network... what are your choices? well... within the IP header packet there is a ToS (type of service) tag in the first byte of a message that will priorities a packet if needed using an RFC blah blah blah called DIFFSERV... this is a layer 3 protocal that is very efficent at packet shaping/prioritization... you could also use a layer 2 QOS IEEE blah blah blah  but, unless you are a service provider or massive enterprise its probally overkill...

So with that all said why use VLAN if these two services can run on the same network with no problem using simple QOS (quality of service) methods? well, you may want to cut down on brodcast traffic or, you may want to use seperate DHCP tables or... you may not want people to be able to access the GUI on the phone... or many other reasons... one being using a VLAN to classify your COS or TOS settings...

So to avoid massive head aches... the simplest method for a medium size deployment is 802.1Q(is that the correct number?) if you phones support it... it is a dynamic vlan application that runs on layer 3 ... advantage being... your phone is set to your VLAN using a 4 number VLAN ID tag... which automatically assigns it to the given vlan no matter where it is on the network... so it does not matter what jack you plug it into... vs. using port based VLAN;s which can cause problems when people move... or unplug stuff

Finally, you can probally use the same DHCP server, it probally just forces a a config file to be download using TFTP... if u point option 66 at the IP PBX it will probally work.. maybe...

Hope this all makes sense... otherwise all of us in the convergence space are out of work  :)

Cheers -
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.