Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

VLAN Tag for chained network device.

Posted on 2016-09-19
11
Medium Priority
?
89 Views
Last Modified: 2016-09-21
Hi Experts!!! I have another dilemma with vlan configuration. I have vlan 1 for data and vlan 20 for other. I have port has two devices daisy chained. 1st device need to be at vlan 1 and other device needs to be vlan 20. If I untagged for vlan 20 and tagged vlan 1, the device vlan 1 is not able to talk. How that work?  What is best way to handle this? Thanks in advance!!
0
Comment
Question by:MoonLive
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 5
11 Comments
 
LVL 31

Expert Comment

by:Predrag
ID: 41804963
If devices are PC and phone it is easy - tag traffic to phone and untag PC traffic.
Servers can talk "taggish" and can route, so basically, maybe, you can use server to route traffic for you (one of the tags here is Windows server). Or add switch if needed.
Otherwise, if one of devices (phone, server etc) can't do tricky part for other device I guess you will have to add switch somewhere (or hub - but hubs are half duplex, so it is not recommended solution).
0
 

Author Comment

by:MoonLive
ID: 41805155
Good to hear from you Predrag Jovic!.  

Well it is phone and PC! vlan 1 with voice, vlan 20 with security camera. I did untagg vlan 20 and tagged vlan 1, but i can't ping vlan 1 device when i do that.  PC needs to be connect to server for security camera connection.  how does device know which device is tagged or untagged?
0
 
LVL 31

Expert Comment

by:Predrag
ID: 41805346
Hi MoonLive, :)
how does device know which device is tagged or untagged?
That is the biggest issue.
Typically end devices do not know tags at all. Some devices (phones and switches etc) understand tags, but generally end devices do not understand frames with dot1q tag and simply drop frame if tag is present. So, typically, for end devices that don't understand frames with tags some other device (switch, phone) must remove tag from frame before frame is sent to that device (e.g PC, camera). Most of IP phones typically have built in 2 port switch for that purpose, but for some vendors you need to manually assign on phone what is voice VLAN (tagged). There are also implementations where both VLANs are untagged, actually Cisco have 4 ways  to implement VoIP and PC on one port.
Cisco's recommended port configuration on switch port is not including tagging at all:

 interface fastethernet 2/5
  switchport mode access
  switchport access vlan 10
  switchport voice vlan 20

You need to check how port is configured and also how phone vendor implementation.
I am sorry, but there are many ways that can this be implemented, so I can't give you solution.
0
Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 
LVL 47

Expert Comment

by:Craig Beck
ID: 41807887
Please be clear though... what is connecting to the port, and how?  Is it a phone connecting to the port and a device connecting to the phone?

Assuming it's a phone connected to the switch and a device connected to the phone, can the phone do CDP?  If so just do this on the port:

switchport mode access
switchport access vlan 20
switchport voice vlan 1

Open in new window

0
 

Author Comment

by:MoonLive
ID: 41808626
We are using HP Procurve Switch. The switch connected with ShoreTel phone and PC (security camera client).
I am now sure HP switch have command as Cisco does. if you or anyone knows please let me know.

PC vlan 20
voice vlan 1

i am planning to put voice vlan in the future once I can figure out this type of situation.
Thanks
0
 
LVL 31

Expert Comment

by:Predrag
ID: 41808920
Typically that kind of setup depends on phone needs. You can find configuration details on link below (including Cisco, Juniper and HP (HP Procurve – 2520G-24-POE Example - page 21)).
Data Network Best Practices for ShoreTel VoIP
0
 

Author Comment

by:MoonLive
ID: 41808989
On the document example show all dscp-map priority. if this command is entered in all switches, i don't need voice vlan to setup?  Did i understood correctly?  
Or do i need to setup voice vlan on all switch and tagged all ports that has phone and set those priority?  
I just want clear understanding of this. Thanks
0
 
LVL 31

Accepted Solution

by:
Predrag earned 2000 total points
ID: 41809042
You need voice VLAN and PC VLAN setup.
On page 22 you have example how to configure HP ports.

HP is VLAN centric - you assign ports under VLAN.
vlan 10
name voice
 voice
 tagged 1-20, 27
vlan 20
 name office
 untagged 1-20, 27

Above config would be configuration of ports for both voice 1- 20 tagged and untagged PC traffic on port 1 - 20, port 27 would be example of uplink to L3 switch.
This should be useful if you are familiar with Cisco - HP Cisco commands reference guide
Also ports to phones and PCs should be configured as edge ports. I did not, so far, configured ShoreTel phones, so I will not be big help with this one.
I found this one, looks useful - HP ShoreTel configuration.
0
 

Author Comment

by:MoonLive
ID: 41809159
As always. you are helpful!!! do i still need qos dscp-map statement?
0
 
LVL 31

Assisted Solution

by:Predrag
Predrag earned 2000 total points
ID: 41809177
You typically need QoS for voice, so yes.
However congestion is typically on WAN link and you need it at least at that point, but anyway - end-to-end QoS is highly recommended.
0
 

Author Closing Comment

by:MoonLive
ID: 41809186
Thanks for the all the respond and useful link.
0

Featured Post

Prepare for your VMware VCP6-DCV exam.

Josh Coen and Jason Langer have prepared the latest edition of VCP study guide. Both authors have been working in the IT field for more than a decade, and both hold VMware certifications. This 163-page guide covers all 10 of the exam blueprint sections.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
In this article, WatchGuard's Director of Security Strategy and Research Teri Radichel, takes a look at insider threats, the risk they can pose to your organization, and the best ways to defend against them.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

604 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question