Announcement

You need to create the tagging and VLAN ID in option 156 in both scopes as the phone will originally pull an ip from the data VLAN. The tagging then and vlan tag will then reconfigure the phone to pull from that vlan.

I do not believe you can include the sntp option, this should be configured as a seperate option. Although I have never tried so who knows?

I don't think the option string is case sensitive or space sensitive, but again could be wrong.

Frist a few questions.

What is doing your DHCP a windows box or something else (Switch, router or whatever).

How are you going to handle you inter-vlan routing. Do you have a layer 3 switch or are you going to do the routing on a seperate router.

The solution is a bit different depending on how you answer the first question.

Let me know and we can go from there.

basically this is generic.

Most of the time when doing this it will be from a windows DHCP server and if there will be VLAN will use a layer 3 switch

Ok

We will go with Windows DHCP server and a layer 3 switch doing the routing.

We will need two vlans one for data and one for voice. Most switch have a default vlan of one and most of the time that is what I use for data. You will need to create a second vlan on your switch and assign it to the proper ports. Traffic will need to be tagged vlan 2 as it ingresses into the port, if not the traffic will be tagged with the default vlan. So basically traffic can ingress untagged on vlan 1 and tagged on vlan 2.

The most often over looked part of the design is DHCP. For vlan 1 you will not need to make any changes and you data end points will get their addresses normally. The concern is the phones and vlan 2. You need to exclude the DHCP server form vlan 2 and then add an IP helper command to your switch or router to forward the DORA request to the DHCP server. If you don’t exclude vlan 2 your DHCP server will give the phones an address on the default vlan. Windows boxes don’t understand vlan tagging.

The ports to your SG switch and the server should be set to untagged vlan 2 and the ports default vlan should be set to the voice vlan and vlan 1 should be excluded.

The nice thing about windows DHCP is you can set the options globally or locally to the scope. Most installs just use the same options in DHCP for all of their sites.

A word of caution about not setting the vlan in the phone and setting it in DHCP. Lets say you have 150 pc and 150 phones and you have a power outage that takes down your phones and your PCs. When everything reboots it is all going to request an address form the data vlan. If you are running a class C subnet you are going to run out of address and some of the PC or phones will not be able to get an address. For the installs that I did we put the option in the data vlan and set the vlan tagging in the phone. That way if a new phone was brought out it would work if someone did not enter the tagging and we would not have the DHCP lease issue.

haha, I found that one out the hard way after a release upgrade!

Which Vlan should be default?

Right now we have a Cisco IP phone system and my ports are default Vlan 1 and voice Vlan 2. The Cisco phones auto tag their traffic so that the cisco switches can route their traffic to the correct vlan.

I have been told that in order to get the shoretel phones on the correct vlan, they all have to traverse my default vlan to get the settings for the voice vlan.

Is this true? Can you set the phones to keep the tagging and vlan settings and still have them use dhcp?

My scope is not big enough for a power outage if all computers and phones need an ip address.

Thank you

Your Cisco phones use cdp to talk to the switch to find out what vlan to get on dynamically. Shoretel can't do that, you either hae to have enough space on your default vlan in dhcp or hard code the phones to the voice vlans.

Ok, they use cdp. I thought it had to do with tagging. Thank you for clearing that up.

Is it possible to hard code the vlan on the phones and still use dhcp?

Thanks

YEs you can still use DHCP and set the tagging in the phone.

Cisco phones do use tagging, but they don't use DHCP to set the tagging.

If you do set the Tagging in the phone you you would set your option 156 in DHCP as if your where handing out tagging on the voice vlan, and not have an option 156 on your data vlan.

If a phone was plugged into the network without setting the tagging in the phone and not in the default vlan its still going to grab an address in the default vlan it just will not find the server. This way then the users phone dose not work you will know about, and then you can set it manually.

I find most place set the tag manually and put the 156 option is both scopes. That way the phones always come up and will ponly boot to the default vlan if someone did not set the phone up correctly. You just have to check you DHCP server to see if you have phones coming up in the default vlan and then moving over. If you lease is short, like 1 day you may never notice.

You are a great help. I was told by the Shoretel engineers that are trying to sell this to me that you couldn't set the tagging and vlan manually if you are using dhcp because those settings get erased everytime the phone boots.

I just tried setting tagging and vlan manually with dhcp on and the phone went directly to my voice vlan. I did have to remove the 156 that they configured from my default dhcp scope.

NOW....I have two other sites that I want to add. Both are different vlans than what I have working. Both get their dhcp from different servers/routers.

The one site (the building next door) gets it's dhcp from a server over there.

I took a phone over there and set it up just like the one here and removed the 156 that they had me put on that scope. All of the trunk ports are set up identical and all go into one core switch. The only thing I see different about the setup over there and the one here is this:

Working port:

interface FastEthernet0/2
switchport voice vlan 5
spanning-tree portfast

Not working port:

interface FastEthernet0/2
switchport access vlan 2
switchport voice vlan 5
spanning-tree portfast

my data1 vlan and voice vlan share a dhcp server (with an ip helper address assigned to to the voice vlan)

my data2 vlan has a separate dhcp server. Is this a dhcp problem or a routing problem?

Is it easier to understand this way?

In our other building (Vlan2) we have phones (cisco currently) that can cdp? and access VLAN 5 (voice for whole company) and obtain IP addresses from the dhcp server for VLAN5.

When I plug in a shoretel phone, it gets a Vlan2 ip address and can not contact the ftp server (on VLAN5) Even if I hard code the tagging and VLANID on the phone, it still pulls a VLAN2 IP address and can not contact the ftp server.

Any ideas?

THank you!!!

By the way, we always manually configure the VLAN on phones when deploying the phone inline with the pc (seperate data/voice vlans) . This has worked great for a very long time across many large installations.

We typically work with Foundry, HP and Extreme more then Cisco equipment but the concepts are the same.

If you are just plugging a phone in by itself to a port, you only need to configure that port on the switch to be an "access" port on the voice vlan. Nothing needs to change on the phone.

If you are plugging a phone in and a PC will hang off the phone and they have seperate vlans, you will configure the switch differently. You will setup your switch with the access vlan to be set to your data vlan (i.e. VLAN 1) and then also set the port to allow a TAGGED vlan (802.1Q) on the port as well (say VLAN 10). You then configure the phone to enable VLAN tagging and set the VLANID to = 10. Works like a charm! Never had a problem with the phones losing their settings.

If you need additional help, just let me know.


Chris Burgy
Archer Technology
[email protected]

...I need help...lol

I have the ports set up as access vlan2 and tagging was manually set on the phone for vlan5.

Unfortunately, when the port is set as:

interface FastEthernet0/2
switchport access vlan 2
switchport voice vlan 5
spanning-tree portfast

The phone will not grab a vlan5 ip address even if I have tagging and vlan manually set on the phone. If I turn dhcp off, and manually set everything, it will work.

If I set up the port like this:

interface FastEthernet0/2
switchport voice vlan 5
spanning-tree portfast

I have no problem getting the phone to work no matter how I have it set up. If I use default settings, it will grab a vlan2 ip and the grab the option 156 info and boot up on the right vlan. If I manually set the tagging and vlan it will go directly to vlan 5.

I AM REALLY STUMPED.......is it a routing problem between vlan 2 and vlan 5? I am using vtp for all of my switches.

thank you for your time,

Marc

Did you try the IP Helper command on the VLAN interface on your switch? If you are able to do it manually and everything works it would not be routing problems.

I have an IP helper address on the VLAN 5 interface. I think I am getting closer.

The switchport access option disables all trunking. I believe this is what was causing my phone to just stay in VLAN2.

Now, I guess the question is, is there a way to make the port default Vlan2 without that option?

Thank you for your time.