Dell VLAN Question

I don't find "rash port" referenced in the Dell documentation.....??

A separate VLAN for each port seems odd.  What is it you're wanting to do?

My bad......fat fingers.... I meant each port. I have a 6248 Switch that feeds seven floors with multiple clients on each floor.  I am seeking a good way to completely isolate each client from the other.

I'm unclear as to whether this is a VOIP issue or a more common networking issue that's not so related to VOIP?
Normally, everyone is on the same LAN of course.
And, in some instances, groups might be on a VLAN each.
And, I suppose this could be extended to a VLAN per port if the switch has the capacity for that.
So, if the VLANs are kept separate upstream then that should work I should think.
Not something I've ever tried to do...

As far as VOIP is concerned, there can be a VLAN just for VOIP which can coexist with all the others on the same ports.
But I've run into phone initialization where local DHCP service is needed at least for the first boot of a phone which has been "reset".
So, that may be a consideration.

It's always easier to have the VOIP on the same LAN as everytyhing else because services like DHCP are often just "assumed" by the phone service provider.  But then, some will argue that isolation isn't perfect, etc.

This is sort of a mess due to not being able to supply adequate wiring to each client. We have to deal with only one Network cable to each office on each floor.
We have a Mikrotik CCR that ties our 5Gb fiber network and gives out all the network configuration. There are 35 customers in this building and Each has phones and data.
That is why I am looking at using switches and VLANS.

Much remains to be defined.  How many phone service providers is but one question.

Common configuration is to put all voice on one vlan and all data on another. The phone would be used to tag the vlan traffic as the computer would plug into the phone and the phone then into the wall jack. You can't isolate each one on their own vlan or you will then need to have 35 vlans that can route amongst themselves as the users will probably need to call each other. Data can be layer 3 and the VoIP can be layer two unless there is some underlying reason why it needs to communicate with something else on the network.

I believe that If I make a drawing it would help explain my question.

Here is a little drawing I put together to help explain my question. I hope it helps.
VLAN-on-DELL-6248.pdf

OK.  Yes, that helps!  Questions for you to consider remain:

It is *very* common practice to put the phones and the computers on the same LAN with no VLANs.  In this case that might well be the computers and phones for one company on one VLAN each.  And, that is all.  This avoids issues with phone initialization, DHCP, etc.  I sense for your situation, this may well be preferable.

At issue for me is how you are planning to acquire and manage the telephone service?
Are you planning a single phone service provider and dole out telephone numbers to the companies?
Are the companies (or you) planning to have separate phone service providers for each company?
(This may be best as why would you want to be a middleman re: the phone services?).

1) Some phone service companies like to sell internet service to match their needs, etc.
2) Other phone service companies just use the primary internet service.  This means one firewall or one firewall per company and perhaps a few tweaks for the VOIP in the firewall.
If the phone service company provides their own internet service then you need to figure out how to provide firewalling capability for two internet connections.
I prefer #2 unless you have very stringent data firewalling needs and WANT to keep VOIP and Data separate altogether.

Thanks to you both for the great pointers.

I would be extremely hesitant about putting data and voice on the same vlan. If you have 10-15 users, probably not a problem. But if you starting getting much more than that it can start to degrade call quality when using VoIP and data on the same vlan. Keep in mind that VoIP is not TCP but UDP so if anything interrupts transmission that packet doesn't get resent and your call quality starts to degrade. Multiple separate vlans will also require routing to the call manager since it will be on a different subnet which in turn will also add latency to the call.

If they are all using the same phone system then I would highly suggest putting the VoIP traffic on it's own vlan and you can do whatever you want with the data. You also need to make sure that if you have multiple hops on the network to get to the call manager that you enable QoS also. If you do it the way your thinking, I would be extremely surprised at some point you don't have the offices complaining that their call quality sucks.

I am going to build a separate VLAN for each customer and one vlan for the phones. They will have QOS setup and working thru our Phone system. This should provide a level of separation between customer offices and allow phone service of a good quality to be provided.

Do I want to set the Dell 6248 up as all ports "ACCESS WITH VLAN ALLOWED FOR PHONE AND PORT VLAN?

will the phones be wired separate from the desktops or will they share?

There is only one data cable to each office. In some cases the data and phones are separate and in some they share.

Then you will want to create a voice vlan on the 6248 so the phones get that vlan, assuming LLDP-MED is supported, and the desktops get whatever the access vlan is.

Thanks

Good job! You got it!

I'll let you guys know how it comes out setting up the Dell. I have the vlans setup in the router and the switch should be able to handle 35 clients.