Configuring Dell PowerConnect 5500 series switches for voice VLAN

Summary: This article provides the necessary steps to configure Dell PowerConnect 5500 series switches for voice VLAN.

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.
Check out other resources

Symptoms

Voice VLAN is a feature on the PowerConnect 55xx Series switches that uses Class of Service (CoS) to automatically prioritize VoIP traffic within the switch. This feature helps to prevent poor call quality when there is a mixed traffic environment and high-bandwidth utilization on the switch. It also introduces simplicity to adding VoIP phones to the network with little or no configuration.

To configure the switch, the administrator adds:

  • The phone’s MAC Organizational Unique Identifier (OUI) to the OUI table of the switch.
  • The Voice VLAN ID globally once the VLAN has been created in the VLAN database.

Cause

In this example, 00:03:b5 is the MAC OUI and Joes_VoIP_Phones is the vendor name.

Console(config)# voice vlan oui-table add 0003b5 Joes_VoIP_Phones

VLAN 10 is where the VoIP traffic resides in this example.

Console(config)# vlan database
Console(config-vlan)# vlan 10
Console(config-vlan)# exit
Console(config)# voice vlan id 10

On a port where a VoIP phone is connected, in order to enable Voice VLAN the port cannot be a static member of the VLAN.

On port 13, switch unit 1, remove VLAN 10 from the trunk and enabling Voice VLAN.

Console(config)# interface gigabitethernet 1/0/13
Console(config-if)# switchport mode trunk
Console(config-if)# switchport trunk allowed vlan remove 10
Console(config-if)# voice vlan enable

The administrator plugs the phone into the switch interface configured for Voice VLAN. Phone traffic ingressing the switch with a tag that matches the Voice VLAN ID and the MAC OUI is dynamically assigned to the Voice VLAN. By default, the switch automatically assigns the VoIP traffic to CoS 6 and prioritizes it ahead of other traffic in lower queues. Any untagged traffic entering the switch port, like PC data, is assigned to the native VLAN. By default, the native is VLAN 1 when a port is in trunk mode.

Outside of defaults, it is possible to change the CoS settings for the Voice VLAN and remark traffic on the egress, but not required. CoS 6 is the highest priority recommended for VoIP traffic. CoS 7 is the highest priority assignable, but typically only used for control traffic and not recommended for most transit traffic. If the decision is made to use Differentiated Services Code Point (DSCP) for prioritization, the setting of "trust CoS" can be changed to "trust DSCP". This allows the switch to trust a DSCP value already assigned and prioritize it based on the value assigned. Usually DSCP 46 or Expedited Forwarding is the value used for VoIP prioritization. The switch already has a DSCP-to-queue mapping that allows it to map DSCP 46 to high priority queue 6. By default DSCP 46 is assigned to the same switching queue as CoS 6. This mapping table can be changed in QoS Advanced Mode. The trust DSCP setting affects the switch globally, and accounts for all traffic entering a switch port in trust mode. If other traffic entering the port has a higher DSCP value than that traffic is prioritized. For more information about QoS settings, see the PowerConnect 5548 User Guide on the PowerConnect 5548 Support Page

The Voice VLAN Secure setting is not enabled by default. This means that once the Voice VLAN has been activated on the port frames with an unrecognized OUI are allowed access to the Voice VLAN. If the Voice VLAN Secure setting is enabled on a port, any frames tagged for the Voice VLAN with an unrecognized OUI is dropped.

Here we are enabling Voice VLAN Secure on port 13 switch unit 1. If a user plugged into the port tries to tag their PC traffic for VLAN 10, which is the Voice VLAN, the switch drops the traffic.

Console(config)# interface gigabitethernet 1/0/13
Console(config-if)# voice vlan secure

Configuring interfaces with other VoIP devices connected, like a Phone System Server(PBX) or VoIP switch, it is best practice to assign the ports statically. This is because most of these types of devices are VLAN unaware, which means they do not support VLAN tagging. For Voice VLAN to be activated on a port or for a device to be added dynamically, traffic must be tagged for the Voice VLAN. When a device is added statically to the VLAN, the Voice VLAN feature is not activated on the port where the statically added device is connected. Traffic from the device is not prioritized by default. To prioritize this traffic, the CoS and DSCP trust modes can be used if the traffic already has a CoS or DSCP value assigned. If no CoS or DSCP value has been assigned to the ingress traffic, a QoS policy must be defined for the switch to prioritize the traffic.

In this example, the switch is in QoS Advanced Mode, giving more granular QoS functionality and allowing configuration of the QoS policies.

console(config)# qos advanced

First, an Access Control List (ACL) that allows the VoIP traffic must be configured. This matches the traffic based on the subnet for simplicity. There are many other parameters that can be used to match specific traffic that are out of the scope of this discussion.

console(config)# ip access-list extended voip
console(config-ip-al)# permit ip any 192.168.10.0 0.0.0.255
console(config-ip-al)# exit

Now we are creating an ACL to match the LAN data traffic, or any traffic other than VoIP. This is assuming that the VoIP traffic is isolated into a separate subnet and VLAN, which would typically be best practice.

console(config)# ip access-list extended LAN
console(config-ip-al)# permit ip any any
console(config-ip-al)# exit

This step configures a class map named voip that matches the voip ACL and a class map named LAN that matches the LAN ACL created previously.

console(config)# class-map voip
console(config-cmap)# match access-group voip
console(config-cmap)# exit
console(config)# class-map LAN
console(config-cmap)# match access-group LAN
console(config-cmap)# exit

Now we create a policy map named voice that first matches on class map voip, and then class map LAN.

console(config)# policy-map voice
console(config-pmap)# class voip

Here we give the policy map an action (set queue 6). If the traffic matches the class map voip, it prioritizes the traffic into switch queue 6.

console(config-pmap-c)# set queue 6
console(config-pmap-c)# exit


In the next action assigned to the policy map, if the traffic matches the class map LAN the switch is set to trust a CoS or DSCP value already assigned to the inbound packet or frame. If there is no CoS or DSCP value assigned to the inbound traffic, the switch places the traffic into queue 2 by default. Queue 2 is primarily "best effort" which means it forwards traffic on a "first-come first- serve" basis.

console(config-pmap)# class LAN
console(config-pmap-c)# trust cos-dscp
console(config-pmap-c)# exit
console(config-pmap)# exit

Now that the QoS policy has been created we assign it to ports 1 and 2 on switch unit 1. Port 1 is our uplink to another switch or router on the network, and port 2 is connected to our PBX server.

console(config)# interface range gigabitethernet 1/0/1-2
console(config-if-range)# service-policy input voice
console(config-if-range)# exit

Port 2 is connected to the PBX, which is VLAN unaware. The interface is configured in access mode in order to send untagged traffic.

console(config)# interface gigabitethernet 1/0/2
console(config-if)# switchport access vlan 10
console(config-if)# exit  

Port 1 is our uplink, which will send and receive traffic on both VLANs. This is configured in trunk mode to add all VLANs to the interface. VLAN 1 is untagged because it is the native by default, and VLAN 10 is tagged.

console(config)# interface gigabitethernet 1/0/1
console(config-if)# switchport mode trunk
console(config-if)# exit

Last step is involving settings relating to Spanning Tree Protocol (STP). When two or more switches are involved in a network topology, it is recommended that STP be enabled globally on all switches at the access layer. Preferably, IEEE 802.1w Rapid Spanning Tree Protocol (RSTP) should be used instead of IEEE 802.1d STP in order to achieve faster network convergence times. RSTP is enabled as a default setting on the PowerConnect 55xx series switches. It may be acceptable to globally disable RSTP or STP in order to free-up switching resources and decrease network complexity. Warning!!! RSTP should not be disabled without first consulting with the network administrator and/or fully assessing the risks of disabling this protocol, especially in a production environment.

When dealing with a network running RSTP or STP, it is recommended that all end-point devices should have Spanning Tree PortFast enabled. Portfast allows immediate convergence during a network topology change and prevents the port from triggering a topology change when there is a link state change. 

Here we are disabling STP on port 13 switch unit 1 which is connected to a VoIP phone.

console(config)# interface gigabitethernet 1/0/13
console(config-if)# spanning-tree disable
console(config-if)# exit


 
On port 2 switch unit 1, connected to the PBX server, we are enabling STP PortFast.

console(config)# interface gigabitethernet 1/0/2
console(config-if)# spanning-tree portfast
console(config-if)# end

This sums up the basic configuration of Voice VLAN on the PowerConnect 55xx Series switches. Keep in mind that the above configurations are only examples, and may not be necessary for all network environments. There are also ways other than Voice VLAN to prioritize VoIP traffic on the 55xx series switch and throughout the network. This feature was meant to prioritize traffic locally within the switch and may not resolve all quality-of-service issues. The section below lists commands useful for troubleshooting the Voice VLAN and an example configuration reflecting the commands discussed.

Note: This documentation was written for PowerConnect 55xx firmware code 4.0.1.0. Future firmware releases could possibly change device functionality, command syntax, and other things regarding the scope of this document.

Troubleshooting Commands Available:

 

console# show voice vlan console#show interfaces switchport
console# show qos map dscp-queue console#show interfaces access-lists counters
console# show qos interface buffers console#show interfaces access-lists
console# show qos interface queuing console#show mac address-table
console# show access-lists console#show mac address-table count
console# show policy-map console#show vlan
console# show spanning-tree detail console#show cpu utilization
console# show spanning-tree bpdu console#show logging
console# show rmon statistics <interface> console#show tech-support
console# show interfaces status console#show tech-support memory
console# show interfaces configuration console#show tech-support config

 

Resolution

Example Switch Configuration: 

Note: You must obtain the first six digits of the switch MAC address to modify the oui-table in the following examples. The name following the first six digits is an alias so any name is acceptable. In this example:
"voice vlan oui-table add 0001e3 Siemens_AG_phone"
  • 0001e3 is the first 6 digits of the Siemens switch MAC address
  • Siemens_AG_phone is an arbitrary name assigned by the user.
console# conf t
console(config)# vlan database
console(config)# vlan 10 exit
console(config)# voice vlan oui-table add 000181 Nortel
console(config)# voice vlan oui-table add 0001e3 Siemens_AG_phone
console(config)# voice vlan oui-table add 00036b Cisco_phone
console(config)# voice vlan oui-table add 0003b5 Joes_VoIP_Phones
console(config)# voice vlan oui-table add 00096e Avaya
console(config)# voice vlan oui-table add 000fe2 H3C_Aolynk
console(config)# voice vlan oui-table add 001049 Shoretel
console(config)# voice vlan oui-table add 0060b9 Philips_and_NEC_AG_phone
console(config)# voice vlan oui-table add 00907a Polycom/Veritel_phone
console(config)# voice vlan oui-table add 00e0bb 3Com_phone
console(config)# voice vlan id 10
 
console(config)# qos advanced
console(config)# ip access-list extended voip
console(config)# permit ip any 192.168.10.0 0.0.0.255
console(config)# exit
 
console(config)# ip access-list extended LAN
console(config)# permit ip any any exit

console(config)# class-map voip
console(config)# match access-group voip
console(config)# exit
 
console(config)# class-map LAN
console(config)# match access-group LAN
console(config)# exit
 
console(config)# policy-map voice
console(config)# class voip
console(config)# set queue 6
console(config)# exit
 
console(config)# class LAN
console(config)# trust cos-dscp exit
console(config)# exit

console(config)# interface gigabitethernet1/0/1
console(config)# service-policy input voice
console(config)# switchport mode trunk

console(config)# interface gigabitethernet1/0/2
console(config)# spanning-tree portfast
console(config)# service-policy input voice
console(config)# switchport access vlan 10

console(config)# interface gigabitethernet1/0/13
console(config)# spanning-tree disable
console(config)# switchport mode trunk
console(config)# switchport trunk allowed vlan remove 10
console(config)# voice vlan enable
console(config)# voice vlan secure

 

Default settings: Service tag:
SW version 4.0.1.0 (date 12-Apr-2011 time 17:40:25) Gigabit Ethernet Ports
=============================
no shutdown speed 1000 duplex full
negotiation
flow-control on
mdix auto
no back-pressure interface vlan 1
interface port-channel 1 - 32
spanning-tree
spanning-tree mode RSTP qos basic
qos trust cos
eee enable

Affected Products

PowerConnect 5524, PowerConnect 5524P, PowerConnect 5548, PowerConnect 5548p
Article Properties
Article Number: 000140837
Article Type: Solution
Last Modified: 28 Mar 2025
Version:  7
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.