Voice and data vlans on one switch port, no vlan tagging: how does that work?

Intro
We had a Cisco video conference unit pick up an IP from a data vlan whereas we expected it to pick it up from a voice vlan, where we had assigned it a static IP. What happened?

The details
I have to admit I never paid attention to the switch ports in the offices. All these years and I didn’t really appreciate the fact that you can plug in either a PC or a Cisco phone to the same switch port, yet the PC “knows” to go onto a data vlan while the phone “knows” to put itself onto a voice vlan. How cuold that be?

Naively, just talking it out, I had this jumble of “facts” in my mind:

– sharing vlans on one switch port is done through vlan tagging
– the equipment plugged in must know the switch port is using vlan tagging or else disastrous results occur (see this post for some examples)
– if in addition you’re a PC using DHCP, how would you know which valn to go onto? How would you learn the connection is tagged?
– well, there can be a native vlan in addition to tagged vlans. Maybe they used that?

Fortunately I have some friends with access to the switch config. Here it is for one specific typical port:

interface FastEthernet0/2
description Data & Voice vlanC
switchport access vlan 103
switchport mode access
switchport voice vlan 703
...

I puzzled over that for awhile because, well, what does it mean?? In my world of servers you have two port types: access ports and truink ports. Trunk ports are the ones that have tagged vlans. Access ports provide a single unttagged vlan’s traffic to the port.

It’s pretty clearly declaring this switch port to be an access port, not a trunk port. And yet two vlans are referred to. There’s this command I’ve never seen or used before swithcport voice. How does this fit with the jumble of facts above? The jumble of facts need to be amended…

I asked another expert and he said he heard that the Cisco phones use something called LLDP – link layer discovery porotocol. From researching the predecessor protocol was CDP – Cisco Discovery protcol.

Switchport voice vlan 703 is something like introducing tagging for vlan703, if I read the Cisco documentation correctly.

The magic happens
This is often described as magic or voodoo so we will treat it like that too! A Cisco phone uses LLDP to learn from the switch that the voice vlan is 703. Then somehow it tags(?) its traffic to use only that vlan, even for its DHCP discover. A PC or any other normal host by contrast does not use LLDP and is only exposed to the data vlan 103 (the “native” vlan) so it gets an IP from doing DHCP discover on that vlan.

Do I believe my own explanation? Not really. It’s the best I got. I really should do a packet trace to confirm but who has the time?

That video conference unit? They say when they boot it a second time it jumps onto the correct vlan and picks up the desired static IP. Again, no one’s really sure why.

Conclusion
Strange DHCP behavious on the part of a Cisco video conference unit forces us to think through how data + voice on one switch port might actually be working on a typical Cisco-powered office environment. We probably – definitely – didn’t nail it, but we must be close to the essentially correct answer.

References and related
As always Wikipedia has an article somewhat explaining LLDP

This entry was posted in Network Technologies and tagged , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *