VLAN Networking

I am somewhat inexperienced with networking and have been tasked with setting up a separate subnet and VLAN for our IP phone system.  In addition to our default VLAN (1), I've setup a new voice VLAN (6).  We need for our phone server and associated hardware to all live on VLAN 6.  The phone hardware all connects to a single switch (we'll call switch A) dedicated to phone hardware.  That switch connects to a second switch (we'll call switch B) which includes a mix of VLAN 1 and 6 traffic.  Switch B connects to a switch on our server rack (we'll call switch C) which lastly has two connections to our gateway, one for each subnet.

I think that I have things configured correctly, but would appreciate confirmation that no traffic from the default VLAN should be affecting the phone hardware.  I have the following in place:

Switch A:
- uplink to B: VLAN 1 untagged, VLAN 6 tagged
- all other ports (for phone equipment): VLAN 6 untagged

Switch B:
- all ports: VLAN 1 untagged, VLAN 6 tagged

Switch C:
- downlink to B: VLAN 1 untagged, VLAN 6 tagged
- uplink to gateway (subnet .6.x): VLAN 6 untagged

If I have all phone equipment plugged into VLAN 6 untagged ports, does that ensure that this traffic is exclusive to that VLAN?  Also, should the connections between switches not pass via VLAN 6 untagged ports?

Thanks in advance, and please let me know if I can clarify anything.
Dan CarpIT DirectorAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

nociSoftware EngineerCommented:
Yes VLAN 6 will be separate,
tagging on Switch B is optional, you can also use VLAN 6 untagged ports.
(I assume that switch B only has  2 ports...., for normal phone equipment you need untagged VLAN 6 ports.)

(Untagged for switches means the packet has no 802.1q tag in the frame, but internal in the switch does have the tag as set on the port).
1
Dan CarpIT DirectorAuthor Commented:
Thanks very much for the quick response, noci.  If I understand correctly, I could have the path from A to B to C flow either over tagged VLAN 6 ports OR untagged VLAN 6 ports - presumably they would all have to be configured one way or the other but not a mix (e.g. untagged VLAN 6 on Switch A to tagged VLAN 6 on Switch B)?

I think this is where I have often gotten confused.  When a device that cannot specify VLAN tagging independently is plugged into an untagged port, you're saying that traffic within the switch will automatically be tagged.  Does that tag carry over when the data is transmitted to the next switch up the line?

To answer your question about Switch B, it is a 24 port switch.  In addition to passing VLAN 6 data between switches A and C, it also passes large amounts of data on VLAN 1 between switches.  There's no phone equipment plugged directly into switch B so as I understand it shouldn't require untagged VLAN 6 ports.

Thanks again for your explanation.
0
Natty GregIn Theory (IT)Commented:
On switch A where the phones are connected to, you need to untagged those ports that you physically plug the phones into but those ports still need to be members of Vlan 6,
1
Powerful Yet Easy-to-Use Network Monitoring

Identify excessive bandwidth utilization or unexpected application traffic with SolarWinds Bandwidth Analyzer Pack.

nociSoftware EngineerCommented:
w.r.t. switch ports, the method really needs to be the same on both ends of a cable, ie the interfaces should be matching.
this is for all aspects... being in a trunk or not,  auto negotiate, speed, duplex, LACP,   802.1q tagging.

And capabilities needs to match specification of equipment connected to a switch. So don't use tagging to a device that doesn't support it.
(Some phones CAN do tagging, so VOIP and local ports can be in different VLAN's  meaning fewer wall outlets are needed in workspaces.).

Tagging means no less then adding 32bits to every frame indicating 1) the tag, 2) the VLAN (802.1q)/priority-class (802.1p) values for the packet.
the receiving ends needs to be capable of handling such "oversized" frames, and if capable, also do something with the info.
1

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Dan CarpIT DirectorAuthor Commented:
Thanks Natty Greg & noci.  Last quick questions then I'm good.  Since we only use a single cable connecting Switch B to Switch C for the transfer of both VLAN 1 and VLAN 6 traffic, we need to stick with the untagged VLAN 1 / tagged VLAN 6 approach, correct?  Alternately would we run two connections between switches, one for untagged traffic from each VLAN - and if so, would that be advantageous?
0
nociSoftware EngineerCommented:
yes untagged VLAN 1 & tagged VLAN 6 would be sufficient....

the separate cables would only help in extending bandwidth capacity. (eg. if your switch ports are 1Gbps, then two sets of ports would be 2 * 1Gbps (1 Gbps for each  VLAN).  
Bottom line are you down to the bandwidth limit on the connection?...

A better approach might be a LACP bundle / Trunk of two wires , (portchannel in Cisco speak) that would make 2Gbps total available shared by the LAN.s
1
Natty GregIn Theory (IT)Commented:
To answer your second question is what Noci said
1
Dan CarpIT DirectorAuthor Commented:
Thank you both very much - feeling much more confident about the setup now.
0
Natty GregIn Theory (IT)Commented:
You're welcome, I'm glad we could help
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
VLAN

From novice to tech pro — start learning today.