http://support.huawei.com/enterprise/docinforeader!loadDocument1.action?contentId=DOC1000069472&partNo=10122#dc_cfg_vlan_0031_3
9.7.1 Configuring a MAC Address-based Voice VLAN
When the source MAC address in packets entering a switch interface matches the configured OUI, the switch sends the packets to the voice VLAN and increases the packet priority.
9.7.1.1 Enabling the Voice VLAN Function
Procedure
- Run:
system-viewThe system view is displayed.
- Run:
interface interface-type interface-number
The interface view is displayed.
- Run:
voice-vlan vlan-id enable [ include-untagged ]
A voice VLAN is configured and the voice VLAN function is enabled on the interface.
By default, the voice VLAN function is disabled on an interface. To allow IP phones to send untagged packets, specify include-untagged.
NOTE:
- VLAN 1 cannot be configured as a voice VLAN.
- To transmit different services, ensure that the voice VLAN and default VLAN on an interface are different VLANs.
- Only one voice VLAN on an interface can be configured as a voice VLAN at a time.
- After a voice VLAN is configured on an interface, VLAN mapping, VLAN stacking, or traffic policies cannot be configured on the interface.
- Do not set the VLAN ID to 0 on an IP phone.
9.7.1.2 Configuring a Mode in Which the Priority of Voice Packets Is Increased Based on MAC Addresses
Context
The switch can identify voice data flows according to the source MAC address of the received data packets. The switch considers data packets with the source MAC address matching the Organizationally Unique Identifier (OUI) as voice data flows.
Procedure
- Run:
system-viewThe system view is displayed.
- Run:
interface interface-type interface-number
The interface view is displayed.
- Run:
voice-vlan remark-mode mac-addressA mode in which the priority of voice packets is increased is configured.
By default, the priority of voice packets is increased based on VLAN IDs.
9.7.1.3 Configuring an OUI for a Voice VLAN
Context
An OUI is the first 24 bits of a MAC address. The institute of Electrical and Electronics Engineers (IEEE) assigns an OUI to each vendor. The allocated 24 bits and 24 bits assigned by a vendor form a 48-bit MAC address. You can determine packets from phones according to MAC address ranges requested by IP phone vendors.
The OUI in the voice VLAN is user-defined and different with the OUI described above. The mask of the OUI is user-defined and not necessarily 24 bits. The OUI is the result of the AND operation between the MAC address and mask in the voice-vlan mac-address command.
Procedure
- Run:
system-viewThe system view is displayed.
- Run:
voice-vlan mac-address mac-address mask oui-mask [ description text ]
An OUI is configured for a voice VLAN.
By default, no OUI address is set.
When configuring an OUI for a voice VLAN, note the following:
- The MAC address cannot be all 0s, multicast address, or broadcast address.
- The system supports a maximum of 100 OUIs. When the system is configured with 100 OUIs, subsequent configurations will not take effect.
- When you run the undo voice-vlan mac-address mac-address command to delete an OUI, set mac-address to the result of the logical AND operation between the OUI and the OUI mask that you set.
9.7.1.4 Configuring a Mode in Which an Interface Is Added to a Voice VLAN
Context
- Auto
The system adds the interface connected to a voice device to the voice VLAN if the source MAC address of packets sent from the voice device matches the OUI.
- Manual
In manual mode, the interface connected to a voice device must be added to the voice VLAN manually after the voice VLAN function is enabled on the interface. Otherwise, the voice VLAN does not take effect on the interface.
Procedure
- Run:
system-viewThe system view is displayed.
- Run:
interface interface-type interface-number
The interface view is displayed.
- Run:
port link-type hybridThe interface is configured as the hybrid interface.
- Run:
voice-vlan mode { auto | manual }A mode in which an interface is added to a voice VLAN is configured.
By default, an interface is added to a voice VLAN in manual mode.
- The automatic mode of the voice VLAN is not supported on the X1E-series boards.
- In auto mode, access, negotiation-auto, or negotiation-desirable interfaces cannot be added to a voice VLAN. To add the interface to the voice VLAN, run the port link-type command to change the link type of the interface to trunk or hybrid.
- The automatic mode takes effect only when the voice-vlan remark-mode mac-address command is configured to increase the priority of voice packets based on MAC addresses and the voice-vlan enable command without include-untagged specified is configured to enable voice VLAN on the interface and add voice VLAN IDs to only tagged packets.
- (Optional) Add an interface to a voice VLAN in manual mode according to 4.7.1.1 Configuring Interface-based VLAN Assignment (Statically Configured Interface Type).
9.7.1.5 (Optional) Configuring the Secure or Normal Mode of a Voice VLAN
Context
Based on the data filtering mechanism, a voice VLAN works in either secure or normal mode.
Table 9-2 describes the voice VLAN working modes.
| Working Mode | Scenario | Packet Processing | Configuration Note |
|---|---|---|---|
| Secure | The inbound interface enabled with the voice VLAN function allows only the voice packets in which the source MAC address matches the OUI address of the voice VLAN, and discards non-voice packets from the voice VLAN and forwards packets from other VLANs. | If the source MAC address does not match the OUI, the interface does not change the priority of voice packets and prevents the voice packets from being forwarded in the voice VLAN.
If the source MAC address matches the OUI, the interface changes the priority of voice packets and allows the voice packets to be forwarded in the voice VLAN. |
The secure mode takes effect only when the voice-vlan remark-mode mac-address command is configured to increase the priority of voice packets based on MAC addresses. |
| Normal | The inbound interface enabled with the voice VLAN function transmits both voice packets and non-voice packets. In normal mode, the interface is vulnerable to attacks from malicious data traffic. | If the source MAC address does not match the OUI, the interface does not change the priority of voice packets and allows the voice packets to be forwarded in the voice VLAN.
If the source MAC address matches the OUI, the interface changes the priority of voice packets and allows the voice packets to be forwarded in the voice VLAN. |
Transmitting voice and service data at the same time in a voice VLAN is not recommended. If a voice VLAN must transmit both voice and service data, ensure that the voice VLAN works in normal mode. |
Procedure
- Configuring the secure mode
- Configuring the normal mode
- Run:
system-viewThe system view is displayed.
- Run:
interface interface-type interface-number
The interface view is displayed.
- Run:
undo voice-vlan security enableThe voice VLAN is configured to work in normal mode.
By default, a voice VLAN works in normal mode.
- Run:
9.7.1.6 (Optional) Configuring the 802.1p Priority and DSCP Priority for a Voice VLAN
Context
By default, the 802.1p priority and DSCP priority for a voice VLAN are 6 and 46 respectively. You can dynamically configure 802.1p priority and DSCP priority to plan priorities for different voice services.
NOTE:
- The 802.1p priority is indicated by the value in the 3-bit PRI field in each 802.1Q VLAN frame. This field determines the transmission priority for data packets when a switching device is congested.
- The DSCP value is indicated by the 6 bits in the Type of Service (ToS) field in the IPv4 packet header. DSCP, as the signaling for DiffServ, is used for QoS guarantee on IP networks. The traffic controller on the network gateway takes actions merely based on the information carried by the 6 bits.
9.7.1.7 Checking the Configuration
Procedure
- Run the display voice-vlan [ vlan-id ] status command to check information about a voice VLAN, including the status, working mode, 802.1p priority and DSCP priority of the voice VLAN, and interface enabled with voice VLAN.
- Run the display voice-vlan oui command to check the organizationally unique identifier (OUI), OUI mask, and OUI description of the voice VLAN.
9.7.2 Configuring a VLAN ID-based Voice VLAN
If the VLAN ID in packets received by a switch interface is the same as the voice VLAN ID, the switch considers the packets as voice packets and increases the packet priority.
9.7.2.1 Enabling the Voice VLAN Function
Context
To implement the voice VLAN function, configure the VLAN used to forward voice packets on the switch as a voice VLAN and enable the voice VLAN. You are advised to configure different VLANs for voice and data services to facilitate management.
Procedure
- Run:
system-viewThe system view is displayed.
- Run:
interface interface-type interface-number
The interface view is displayed.
- Run:
voice-vlan vlan-id enable [ include-untagged ]
A voice VLAN is configured and the voice VLAN function is enabled on the interface.
By default, the voice VLAN function is disabled on an interface. When IP phones send untagged packets, specify include-untagged and configure an OUI for the voice VLAN.
- VLAN 1 cannot be configured as a voice VLAN.
- To transmit different services, ensure that the voice VLAN and default VLAN on an interface are different VLANs.
- Only one voice VLAN on an interface can be configured as a voice VLAN at a time.
- After a voice VLAN is configured on an interface, VLAN mapping, VLAN stacking, or traffic policies cannot be configured on the interface.
- Do not set the VLAN ID to 0 on an IP phone.
9.7.2.2 Configuring a Mode in Which the Priority of Voice Packets Is Increased Based on VLAN IDs
Context
If the VLAN ID in packets received by a switch interface is the same as the voice VLAN ID, the switch considers the packets as voice packets and increases the packet priority.
Procedure
- Run:
system-viewThe system view is displayed.
- Run:
interface interface-type interface-number
The interface view is displayed.
- Run:
voice-vlan remark-mode vlanA mode in which the priority of voice packets is increased is configured.
By default, the priority of voice packets is increased based on VLAN IDs.
9.7.2.3 Configuring a Mode in Which an Interface Is Added to a Voice VLAN
Context
When a VLAN ID-based voice VLAN is used, the interface connected to a voice device must be added to the voice VLAN manually so that the voice VLAN can take effect.
Procedure
- Add an interface to a voice VLAN in manual mode according to 4.7.1.1 Configuring Interface-based VLAN Assignment (Statically Configured Interface Type).
9.7.2.4 Configuring the Switch to Advertise Voice VLAN Information to an IP Phone
Context
Generally, IP phones that can send tagged voice packets can obtain voice VLAN information from the switch using a protocol such as LLDP (LLDP is used as an example). LLDP needs to be enabled. When the switch receives an LLDPDU from an IP phone, the switch encapsulates voice VLAN information in the LLDPDU and sends it to the IP phone. The IP phone then sends tagged voice packets.
The switch can encapsulate voice VLAN information into LLDPDUs and send them to connected IP phones. However, IP phones of some vendors send Cisco Discovery Protocol (CDP) packets. You can run the voice-vlan legacy enable command to enable CDP-compatible function so that the switch encapsulates voice VLAN information in CDP packets and sends them to connected IP phones.
9.7.2.5 (Optional) Configuring the 802.1p Priority and DSCP Priority for a Voice VLAN
Context
By default, the 802.1p priority and DSCP priority for a voice VLAN are 6 and 46 respectively. You can dynamically configure 802.1p priority and DSCP priority to plan priorities for different voice services.
NOTE:
- The 802.1p priority is indicated by the value in the 3-bit PRI field in each 802.1Q VLAN frame. This field determines the transmission priority for data packets when a switching device is congested.
- The DSCP value is indicated by the 6 bits in the Type of Service (ToS) field in the IPv4 packet header. DSCP, as the signaling for DiffServ, is used for QoS guarantee on IP networks. The traffic controller on the network gateway takes actions merely based on the information carried by the 6 bits.
9.8 Configuration Examples
This section provides configuration examples of the voice VLAN including networking requirements, configuration roadmap, configuration procedure and configuration file.
9.8.1 Example for Configuring a MAC Address-based Voice VLAN (IP Phones Send Untagged Voice Packets)
Networking Requirements
As shown in Figure 9-6, the switch connects to IP phones and a PC. The switch uses VLAN 2 to transmit voice packets and VLAN 3 to transmit data packets. PC A connects to IP phone A and they connect to the switch, and IP phone B separately connects to the switch. IP phones send untagged voice packets. Users require high quality of the VoIP service; therefore, voice data flows must be transmitted with a high priority to ensure the call quality.
Configuration Roadmap
- Create VLANs on the switch and add interfaces to VLANs to implement Layer 2 connectivity.
- Configure an OUI so that the switch adds a VLAN tag to voice packets in which the source MAC address matches the OUI.
- Configure VLAN 2 as the voice VLAN and configure the interface to allow voice packets to pass through.
NOTE:
The configuration of Switch1 is similar to the configuration of the switch, and is not mentioned here.
Procedure
- Configure VLANs and interfaces on the Switch.# Create VLANs.
<HUAWEI> system-view [HUAWEI] sysname Switch [Switch] vlan batch 2 3
# Configure VLANs allowed by GE1/0/1.
[Switch] interface gigabitethernet 1/0/1 [Switch-GigabitEthernet1/0/1] port link-type hybrid [Switch-GigabitEthernet1/0/1] port hybrid pvid vlan 3 [Switch-GigabitEthernet1/0/1] port hybrid untagged vlan 2 to 3 [Switch-GigabitEthernet1/0/1] quit [Switch] interface gigabitethernet 1/0/2 [Switch-GigabitEthernet1/0/2] port link-type hybrid [Switch-GigabitEthernet1/0/2] port hybrid untagged vlan 2 [Switch-GigabitEthernet1/0/2] quit
- Configure an OUI.
[HUAWEI] voice-vlan mac-address 0003-6B00-0000 mask ffff-ff00-0000 - # Enable the voice VLAN function on GE1/0/1. The configuration of GE1/0/2 is similar to the configuration of GE1/0/1, and is not mentioned here.
[Switch] interface gigabitethernet 1/0/1 [Switch-GigabitEthernet1/0/1] voice-vlan 2 enable include-untagged [Switch-GigabitEthernet1/0/1] voice-vlan remark-mode mac-address [Switch-GigabitEthernet1/0/1] quit
- Verify the configuration.Run the display voice-vlan 2 status command to check the voice VLAN configuration.
[Switch] display voice-vlan 2 status Voice VLAN Configurations: ----------------------------------------------------------- Voice VLAN ID : 2 Voice VLAN status : Enable Voice VLAN 8021p remark : 6 Voice VLAN dscp remark : 46 ----------------------------------------------------------- Port Information: ------------------------------------------------------------------------------- Port Add-Mode Security-Mode Legacy PribyVLAN Untag ------------------------------------------------------------------------------- GigabitEthernet1/0/2 Manual Normal Disable Disable Enable GigabitEthernet1/0/1 Manual Normal Disable Disable Enable
Configuration Files
Configuration file of the Switch
# sysname Switch # voice-vlan mac-address 0003-6b00-0000 mask ffff-ff00-0000 # vlan batch 2 to 3 # interface GigabitEthernet1/0/1 port link-type hybrid voice-vlan 2 enable include-untagged voice-vlan remark-mode mac-address port hybrid pvid vlan 3 port hybrid untagged vlan 2 to 3 # interface GigabitEthernet1/0/2 port link-type hybrid voice-vlan 2 enable include-untagged voice-vlan remark-mode mac-address port hybrid untagged vlan 2 # return
9.8.2 Example for Configuring a VLAN ID-based Voice VLAN (IP Phones Send Tagged Voice Packets)
Networking Requirements
As shown in Figure 9-7, the switch connects to IP phones and a PC. The switch uses VLAN 2 to transmit voice packets and VLAN 3 to transmit data packets. PC A connects to IP phone A and they connect to the switch, and IP phone B separately connects to the switch. IP phones can obtain voice VLAN information through LLDP and send tagged voice packets. Users require high quality of the VoIP service; therefore, voice data flows must be transmitted with a high priority to ensure the call quality. In addition, the administrator manages many IP phones and requires simplified configurations.
Configuration Roadmap
- Create VLANs on the switch and add interfaces to VLANs to implement Layer 2 connectivity.
- Enable LLDP so that IP phones can obtain voice VLAN information through LLDP.
- Configure VLAN 2 as the voice VLAN and configure the interface to allow voice packets to pass through. Configure a VLAN ID-based voice VLAN, which relieves you from configuring OUIs.
NOTE:
The configuration of Switch1 is similar to the configuration of the switch, and is not mentioned here.
Procedure
- Configure VLANs and interfaces on the Switch.# Create VLANs.
<HUAWEI> system-view [HUAWEI] sysname Switch [Switch] vlan batch 2 3
# Configure VLANs allowed by GE1/0/1.
[Switch] interface gigabitethernet 1/0/1 [Switch-GigabitEthernet1/0/1] port link-type hybrid [Switch-GigabitEthernet1/0/1] port hybrid pvid vlan 3 [Switch-GigabitEthernet1/0/1] port hybrid untagged vlan 3 [Switch-GigabitEthernet1/0/1] port hybrid tagged vlan 2 [Switch-GigabitEthernet1/0/1] quit [Switch] interface gigabitethernet 1/0/2 [Switch-GigabitEthernet1/0/2] port link-type hybrid [Switch-GigabitEthernet1/0/2] port hybrid tagged vlan 2 [Switch-GigabitEthernet1/0/2] quit
- Enable LLDP.
[Switch] lldp enable
- # Enable the voice VLAN function on GE1/0/1. The configuration of GE1/0/2 is similar to the configuration of GE1/0/1, and is not mentioned here.
[Switch] interface gigabitethernet 1/0/1 [Switch-GigabitEthernet1/0/1] voice-vlan 2 enable [Switch-GigabitEthernet1/0/1] voice-vlan remark-mode vlan [Switch-GigabitEthernet1/0/1] quit
- Verify the configuration.Run the display voice-vlan 2 status command to check the voice VLAN configuration.
[Switch] display voice-vlan 2 status Voice VLAN Configurations: ----------------------------------------------------------- Voice VLAN ID : 2 Voice VLAN status : Enable Voice VLAN 8021p remark : 6 Voice VLAN dscp remark : 46 ----------------------------------------------------------- Port Information: ------------------------------------------------------------------------------- Port Add-Mode Security-Mode Legacy PribyVLAN Untag ------------------------------------------------------------------------------- GigabitEthernet1/0/2 Manual Normal Disable Enable Disable GigabitEthernet1/0/1 Manual Normal Disable Enable Disable
Configuration Files
Configuration file of the Switch
# sysname Switch # vlan batch 2 to 3 # lldp enable # interface GigabitEthernet1/0/1 port link-type hybrid voice-vlan 2 enable port hybrid pvid vlan 3 port hybrid tagged vlan 2 port hybrid untagged vlan 3 # interface GigabitEthernet1/0/2 port link-type hybrid voice-vlan 2 enable port hybrid tagged vlan 2 # return