VLAN Networking

I am somewhat inexperienced with networking and have been tasked with setting up a separate subnet and VLAN for our IP phone system.  In addition to our default VLAN (1), I've setup a new voice VLAN (6).  We need for our phone server and associated hardware to all live on VLAN 6.  The phone hardware all connects to a single switch (we'll call switch A) dedicated to phone hardware.  That switch connects to a second switch (we'll call switch B) which includes a mix of VLAN 1 and 6 traffic.  Switch B connects to a switch on our server rack (we'll call switch C) which lastly has two connections to our gateway, one for each subnet.

I think that I have things configured correctly, but would appreciate confirmation that no traffic from the default VLAN should be affecting the phone hardware.  I have the following in place:

Switch A:
- uplink to B: VLAN 1 untagged, VLAN 6 tagged
- all other ports (for phone equipment): VLAN 6 untagged

Switch B:
- all ports: VLAN 1 untagged, VLAN 6 tagged

Switch C:
- downlink to B: VLAN 1 untagged, VLAN 6 tagged
- uplink to gateway (subnet .6.x): VLAN 6 untagged

If I have all phone equipment plugged into VLAN 6 untagged ports, does that ensure that this traffic is exclusive to that VLAN?  Also, should the connections between switches not pass via VLAN 6 untagged ports?

Thanks in advance, and please let me know if I can clarify anything.
Dan CarpIT DirectorAsked:
Who is Participating?
nociConnect With a Mentor Software EngineerCommented:
w.r.t. switch ports, the method really needs to be the same on both ends of a cable, ie the interfaces should be matching.
this is for all aspects... being in a trunk or not,  auto negotiate, speed, duplex, LACP,   802.1q tagging.

And capabilities needs to match specification of equipment connected to a switch. So don't use tagging to a device that doesn't support it.
(Some phones CAN do tagging, so VOIP and local ports can be in different VLAN's  meaning fewer wall outlets are needed in workspaces.).

Tagging means no less then adding 32bits to every frame indicating 1) the tag, 2) the VLAN (802.1q)/priority-class (802.1p) values for the packet.
the receiving ends needs to be capable of handling such "oversized" frames, and if capable, also do something with the info.
nociConnect With a Mentor Software EngineerCommented:
Yes VLAN 6 will be separate,
tagging on Switch B is optional, you can also use VLAN 6 untagged ports.
(I assume that switch B only has  2 ports...., for normal phone equipment you need untagged VLAN 6 ports.)

(Untagged for switches means the packet has no 802.1q tag in the frame, but internal in the switch does have the tag as set on the port).
Dan CarpIT DirectorAuthor Commented:
Thanks very much for the quick response, noci.  If I understand correctly, I could have the path from A to B to C flow either over tagged VLAN 6 ports OR untagged VLAN 6 ports - presumably they would all have to be configured one way or the other but not a mix (e.g. untagged VLAN 6 on Switch A to tagged VLAN 6 on Switch B)?

I think this is where I have often gotten confused.  When a device that cannot specify VLAN tagging independently is plugged into an untagged port, you're saying that traffic within the switch will automatically be tagged.  Does that tag carry over when the data is transmitted to the next switch up the line?

To answer your question about Switch B, it is a 24 port switch.  In addition to passing VLAN 6 data between switches A and C, it also passes large amounts of data on VLAN 1 between switches.  There's no phone equipment plugged directly into switch B so as I understand it shouldn't require untagged VLAN 6 ports.

Thanks again for your explanation.
Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

Natty GregConnect With a Mentor In Theory (IT)Commented:
On switch A where the phones are connected to, you need to untagged those ports that you physically plug the phones into but those ports still need to be members of Vlan 6,
Dan CarpIT DirectorAuthor Commented:
Thanks Natty Greg & noci.  Last quick questions then I'm good.  Since we only use a single cable connecting Switch B to Switch C for the transfer of both VLAN 1 and VLAN 6 traffic, we need to stick with the untagged VLAN 1 / tagged VLAN 6 approach, correct?  Alternately would we run two connections between switches, one for untagged traffic from each VLAN - and if so, would that be advantageous?
nociConnect With a Mentor Software EngineerCommented:
yes untagged VLAN 1 & tagged VLAN 6 would be sufficient....

the separate cables would only help in extending bandwidth capacity. (eg. if your switch ports are 1Gbps, then two sets of ports would be 2 * 1Gbps (1 Gbps for each  VLAN).  
Bottom line are you down to the bandwidth limit on the connection?...

A better approach might be a LACP bundle / Trunk of two wires , (portchannel in Cisco speak) that would make 2Gbps total available shared by the LAN.s
Natty GregIn Theory (IT)Commented:
To answer your second question is what Noci said
Dan CarpIT DirectorAuthor Commented:
Thank you both very much - feeling much more confident about the setup now.
Natty GregIn Theory (IT)Commented:
You're welcome, I'm glad we could help
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.