Data and Voice VLANs 1

certskills
By certskills June 3, 2016 09:05

Creating a VLAN is simple: just configure the vlan number command. However, even in a small network with four switches, like the one used in this next lab, a VLAN config lab can give you a few things to think about beyond just creating the VLAN. This next lab asks you to configure a couple of VLANs, one for data, and one for IP phones (a voice VLAN). (And yes, that voice VLAN idea is part of the new exam topics; check here for all the blog posts about the changes in May 2016.) As usual, if you’ve already seen the commands, this exercises should take you 5-10 minutes on paper. Enjoy!

Requirements

The network uses four layer 2 switches: two distribution switches, and two access switches. The access switches connect to a number of user desktops, with each desktop having an IP phone, which in turn connects to a desktop PC. Your job is to configure the two VLANs (a data VLAN and a voice VLAN), placing all phones in the voice VLAN, and all PCs in the data VLAN. And you need to make the VLANs work so that they can send and receive traffic off-site through the WAN router shown at the top of the figure.

The specific rules for this lab are:

  • Assign the PCs in the figure to use VLAN 10 as their data VLAN
  • Assign the IP Phones in the figure to use VLAN 20 as their voice VLAN
  • Configure VLANs correctly so that traffic in both VLAN 10 and 20 can flow through all four switches and up to the router (which acts as their default gateway)
  • Assumptions:
    • All device interfaces shown in the lab are up and working
    • VLAN trunking is working between the switches
    • VTP is in transparent mode or off
    • All four switches are acting as layer 2 switches, and not as layer 3 switches
    • The WAN router is already configured for router-on-a-stick (see initial configuration)

 

Figure 1: Basic Switched IP Phone Topology

 

Initial Configuration

Examples 1, 2, 3 and 4 show the beginning configuration state of Dist1, Dist2, Access1 and Access2.

Example 1: Dist1 Config

 

Example 2: Dist2 Config

 

Example 3: Access1 Config

 

Example 4: Access2 Config

 

Example 5: (Relevant) WAN Router Config

 

Answer on Paper, or Maybe Test in Lab

Next, write your answer on paper. Or if you have some real gear, or other tools, configure the lab with those tools.

To test your solution if you happen to try it with VIRL or real gear, the easiest way to verify the configuration is to use the show interfaces interface switchport command on the access switches using the interfaces connected to the PCs and IP Phones. This command’s output will list the configured data and voice VLAN.

 

Do this Lab with Cisco’s VIRL

You can do these labs on paper and still get a lot out of the lab. As an extra help, we have added files for the Virtual Internet Routing Lab (VIRL) software as well. The .VIRL file found here is a file that when used with VIRL will load a lab topology similar to this lab’s topology, with the initial configuration shown in the lab as well. This section lists any differences between the lab exercise and the .VIRL file’s topology and configuration.

Download this lab’s VIRL file!

All interfaces in topology match the lab figure.

Network Device Info:

The switches used in the lab are Cisco IOS layer 2 switches. Note that if you happen to have a layer 3 switch, to use the initial configurations as shown in this lab, issue to no ip routing command on the switch. This command will disable the routing of IPv4 packets, making the layer 3 switch act only as a layer 2 switch.

Also, when using VIRL, the IOS layer 2 switch image supports both the older ISL and the preferred 802.1Q VLAN trunking protocols. As a result, to make VLAN trunks work, add the switchport trunk encapsulation dot1q command on each interface that should trunk, in addition to the initial configuration shown in this lab.

(The .VIRL file that you can download already has these commands added to the switch configurations.)

Host device info:

This lab includes four server hosts in the positions of PC1, PC2, PC3, and PC4 in the figure for this lab. It does not include any simulated IP phones. The PCs use the IP addresses listed in this table, pre-configured in VIRL. The information is not required in lab but may be useful to you.

 

Device IP Address User/password
PC1 10.1.1.1 cisco/cisco
PC2 10.1.1.2 cisco/cisco
PC3 10.1.1.3 cisco/cisco
PC4 10.1.1.4 cisco/cisco

 

Handy Host Commands:

To see PC IP address: ifconfig eth1

Ping example: ping -c 4 10.1.1.1

Trace example: tracepath 10.1.1.1

To connect to another node within the topology: telnet 10.1.1.1

Peering Back at the History of CCNA Routing and Switching
Answers: Data and Voice VLAN 1
certskills
By certskills June 3, 2016 09:05
Write a comment

7 Comments

  1. RN May 19, 16:10

    Hi Wendell,

    The design seems to be a little confusing.

    The router have to interfaces used, with two connections, but the router is configured as router-on-a-stick, with only one interface in use.

    Notice that in the configuration example you provided you only configured one interface.

    Thanks,

    RN

    Reply to this comment
  2. kalpi July 22, 01:55

    hi wendell ,
    how can we know about the configurations to be made on the IP phone ?

    Reply to this comment
  3. Bav August 28, 07:44

    This design is a bit confusing Wendell. All the hosts are in the 10.1.1.0/24 subnet. One of the ROAS sub interfaces is for a subnet 10.1.20.0/24. Plus what’s happening on the 2nd interace to the WAN router?

    I’ve configured everything as per the answer config but can’t ping between PCs. PT tells me that because some of the ports on DIST are in a learning state it drops the ARP messages.

    Reply to this comment
    • CCENTSkills August 29, 11:14

      Hi Bav,
      Thanks for the feedback. Let me try and clear up the design questions you have at least. As for PT behavior, as a rule, I don’t attempt to troubleshoot how PT behaves.

      The 10.1.20.0/24 subnet is the subnet for the IP phones. I think (looking back in time) that my intent was for you to see the router’s ROAS config, see the config of VLAN 20, and the fact that the subninterface is in subnet 10.1.20.0/24, and make that connection. But the lab certainly does not explicitly state that fact – maybe I should state that fact explicitly?

      As for the 2nd router interface (the one on the right in the figure), it’s not used for the lab. Maybe better to remove it?

      I think that was it for your questions – feel free to follow up.
      Thanks,
      Wendell

      Reply to this comment
    • Carl Crockett June 6, 17:20

      I was having the same issues with this setup and spent a lot of time trying to establish coms between the devices, even checking thestatus of STP which has two ports blocked.

      Reply to this comment
  4. Aaron Tremblay August 29, 06:50

    Hi everyone, sorry I’m a bit late in time as this is 2019 and I see the post was done back in 2016. Anyways, I wanted to share my experience with this lab and how I was able to make everything work with the aide of Google and lots of reading on Ciscos community site.

    OK using PT 7.2 I set up the physical layout using 4 (2960s) 4 PCs, 4 IP Phones and one 2800 series router.

    Something I noticed from the posts is getting hung up on the IP addresses used. My solution was to use 10.x.x.x networks which frees you up on the nitty gritty. It’s a lab and it’s meant to break you a little bit so you can learn how to resolve issues as you put it together just like in real world.

    In my setup I used 10.0.0.0/24, 10.1.0.0/24 10.2.0.0/24 and 10.3.0.0/24. I used both router ports so I could actually route between networks.
    Each switch is configured identically, and in my case using 2960s they automatically use dot1q because ISL is not supported therefore you don’t have to configure the encapsulation type.

    So, on the data VLANs I used an ID of 10, and for the voice I used an ID of 20. 10.0.x.x and 10.2.x.x networks were used on the router sub interfaces for the data VLAN of 10 and 10.1.x.x and 10.3.x.x were used for VLAN 20 for voice. The switches were easy enough to configure, the challenge comes to the router and making sure you have full communications between all devices.

    My router has Fa0/0 and Fa0/1 for physical ports. As Kendell mentioned you have to configure sub interfaces on both to make it work.

    Router(config)# interface fa0/0.10
    Router(config-subif)# encapsulate dot1q
    Router(config-subif)# IP address 10.0.0.1 255.255.255.0
    Router(config-subif)# no shut
    Router(config-subif)# interface fa0/0.20
    Router(config-subif)# encapsulate dot1q
    Router(config-subif)# IP address 10.1.0.1 255.255.255.0
    Router(config-subif)# no shut

    Repeat the same configuration on the other port fa0/1 using 10.2 and 10.3

    Make sure your pc’s use the correct “Data” IP address from the 10 VLAN on the router.
    To make it interesting set 2 PCs onto one network 10.0 for the Data side and use 10.2 for the other 2 PCs.

    When I configured this the first time I ran into issues when trying to ping from one network to the other using the PCs. I then tried pinging the PCs from the router with no success. Now we go down the rabbits hole. I ended up disabling one router port and removed connections from the phones leaving me with PC to switches and one router interface to work with. I removed the IP settings on the fa0/0.20 sub int so I could focus on one. In Packet Tracer I used the simulation feature and watched the packets flow from the router, to it’s only connected switch and then watched the packets flood from the switch out each port attached to the network. Then as the other switches received the data they either dropped it because Spanning Tree had that port blocked or forwarded it to its neighbor. What I didn’t see was the data forwarding to the destination PC.

    I verified the switches had the MAC address in its MAC address-table which made me believe that data was not being sent over the data VLAN. Going back to the router I reconfigured the router sub interface, saved changes and tried again. This time it worked. I configured the second sub interface for the voice VLAN, reconnected the phones to the switch and PCs and ensured connectivity was still good.

    The next task was to turn the second interface back on and verify it’s configuration. I tried to ping the 10.0.x.x network from PC’s on the 10.2.x.x network which still failed. I quadruple checked the configs on all devices and could not find the issue, so I went hunting on Google and found a similar issue related to the PCs default gateway and to my surprise I had neglected that setting. Once they were configured properly I was able to communicate to all devices.

    I hope this helps anyone who’s studying, and if you have any comments I’d love to hear them.

    Cheers

    Reply to this comment
View comments

Write a comment

Comment; Identify w/ Social Media or Email

Subscribe

Subscribe to our mailing list and get interesting stuff and updates to your email inbox.

Thank you for subscribing.

Something went wrong.

Search

Categories