Best-practice config for ports connecting to IP phones
Cucumber
Member Posts: 192
According to all what I have read the way to set up a switch port to connect a cisco ip phone (with an attached pc) is the following:
switchport mode access
switchport access vlan x
switchport voice vlan y
(Im avoiding other configs like mls qos trust, port security, etc)
Now I have come across this network where the dude that configured the ports said the best-practice config is the following
switchport mode trunk
switchport native vlan x
switchport voice vlan y
Both ways work, but what is the preferred way according to cisco?
The latter seems rather odd to me, not to mention quite risky!
switchport mode access
switchport access vlan x
switchport voice vlan y
(Im avoiding other configs like mls qos trust, port security, etc)
Now I have come across this network where the dude that configured the ports said the best-practice config is the following
switchport mode trunk
switchport native vlan x
switchport voice vlan y
Both ways work, but what is the preferred way according to cisco?
The latter seems rather odd to me, not to mention quite risky!
I hate pandas
Comments
-
dtlokee Member Posts: 2,378 ■■■■□□□□□□No his config is way off. If the interface is configured as trunk CDP does not sent the voice VLAN configuration to the switch. I suspect all the traffic from the phone is being sent on the native VLAN untagged, same as if you set an access port to "switchport voice vlan none"
http://www.cisco.com/univercd/cc/td/doc/product/lan/cat3560/12225see/scg/swvoip.htm#wp1030825
"Voice VLAN is only supported on access ports and not on trunk ports, even though the configuration is allowed."The only easy day was yesterday! -
Johnny 5 Member Posts: 24 ■□□□□□□□□□I had the exact same situation a few months ago...
What's funny is despite Cisco's documentation, a phone will correctly use the voice VLAN on a trunk port.
The bigger problem for me with doing it this way was spanning tree. This network had over 100 VLANs, and without using "allowed vlan" you would end up with tons of BDPUs being sent that would drive up the CPU load on the switches. When I went through the campus and changed the ports from trunk to access, the average CPU went from 20% to 5%.