Solved

VLANs for Voice, Workstations and Servers

Posted on 2015-02-23
2
329 Views
Last Modified: 2016-11-23
We use Dell switches on our small network. We are planning to install a new VoIP system to replace our old digital phone system. The boss does not want to run new cabling for the new VoIP phones but wants to tether the workstations off the phone handsets; i.e. the workstations will connect to the phone VoIP handsets and that will then run to the wall plate with one network cable. He wants separate VLANs set up for the workstations, the new phones and the servers. We have two VMWare ESXi hosts on-site that each hosts a few small VM's, including a domain controller that also runs DHCP for the network.

I am familiar with setting up VLAN's using dedicated switch ports to separate VoIP and data traffic but since the workstations will be tethered to the phones I am uncertain how to proceed. Also, the DHCP server needs to be able to offer IP address leases from different IP address pools depending on which VLAN the devices belong to.

Can anyone help me by explaining how I should set up the VLANs?
1. Do I still configure VLAN's on the switches themselves? How do I assign port membership because I have two different devices linking in using the same physical port?
2. How do I define a DHCP scope specifically for use by each VLAN on the domain controller?
3. What configuration needs to happen on the workstations and server VM's to link them to the "workstation" and "server" VLANs?
4. Sake of interest: why would you use VLANs in this case and not just assign different IP subnets with DHCP MAC reservations for the devices; seems simpler?

Any help would be greatly appreciated.

Thanks!
0
Comment
Question by:Katfis
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 12

Accepted Solution

by:
Bryant Schaper earned 250 total points
ID: 40626736
Can you provide the model of phones, router and switches.

What are trying to do is not complicated assuming the hardware supports it.  The phones need to know how to find a voice vlan.  This via LLDP-MED of CDP.  It will then pickup an IP on that vlan, and the access port can be assigned to another.  We do this on our cisco phones, and works perfect, even with our juniper switches.

For your questions:

1.  Yes, you assign an access vlan and a voice vlan
2.  You need to define sites and services in AD, add add the appropriate subnet.  Your router needs to forward the dhcp request to your dns server, (IP helper-address)
3.Workstations just need to be on the right vlan and get the new IP via DHCP (dont forget printers).  Servers will need to have a new vswitch with the corrent vlan as well.
4.  Traffic isolation, security boundary.  You could still sniff the traffic and rebuild a voice call for example.  In a small shop it is probably not needed, but still best practice to isolate the voice traffic.
0
 
LVL 6

Assisted Solution

by:rgorman
rgorman earned 250 total points
ID: 40627099
With the Dell switches you might have to configure each port as an 802.1q trunk port with the workstation VLAN configured as untagged and the voice VLAN as tagged.  Then you would need to make sure your phone knows what VLAN is the voice VLAN in its config.  I don't think the Dell's have an option for voice VLAN which is why you will need to configure them as trunk ports and define the voice vlan on the phones.  Your voice VLAN would have a VLAN interface IP that the phones could route through should they need to to get to the voice servers.  You could also just stick the voice servers on the same VLAN as the phones if it is a small network and that should be fine.

As long as your workstation VLAN is configured as untagged on the trunk ports they should just work fine.

Your ESXi servers should be configured with port groups (their version of VLAN's) and connected to the switch using trunk ports too so if you have done that you shouldn't have to do much.
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Healthcare providers, insurance companies and other covered entities trust eFax Corporate to transmit their most sensitive documents. eFax Corporate can help your organization implement a HIPAA compliant cloud faxing solution.
Resolve DNS query failed errors for Exchange
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question