Cisco Sg3008 Manual
Have a look at the manual Cisco Sg3008 Manual online for free. It’s possible to download the document as PDF or print. UserManuals.tech offer 53 Cisco manuals and user’s guides for free. Share the user manual or guide on Facebook, Twitter or Google+.
VLAN Management VL AN Groups 206 Cisco Small Business 200, 300 and 500 Series Managed Switch Administration Guide (Internal Version) 13 Defining GVRP Settings To define GVRP settings for an interface: STEP 1Click VLAN Management > GVRP Set tings. STEP 2Select GVRP Global Status to enable GVRP globally. STEP 3Click Apply to set the global GVRP status. STEP 4Select an interface type (Port or LAG), and click Go to display all interfaces of that type. STEP 5To define GVRP settings for a port, select it, and click Edit. STEP 6Enter the values for the following fields: •Interface—Select the interface (Port or LAG) to be edited. •GVRP State—Select to enable GVRP on this interface. •Dynamic VLAN Creation—Select to enable Dynamic VLAN Creation on this interface. •GVRP Registration—Select to enable VLAN Registration using GVRP on this interface. STEP 7Click Apply. GVRP settings are modified, and written to the Running Configuration file. VLAN Groups VLAN groups are used for load balancing of traffic on a Layer 2 network. Packets are assigned a VLAN according to various classifications that have been configured (such as VLAN groups). If several classifications schemes are defined, packets are assigned to a VLAN in the following order: •TA G : If the packet is tagged, the VLAN is taken from the tag. •MAC-Based VLAN: If a MAC-based VLAN has been defined, the VLAN is taken from the source MAC-to-VLAN mapping of the ingress interface.
VLAN Management VL AN Groups Cisco Small Business 200, 300 and 500 Series Managed Switch Administration Guide (Internal Version) 207 13 •PVID: VLAN is taken from the port default VLAN ID. MAC-based Groups MAC-based VLAN classification enable packets to be classified according to their source MAC address. You can then define MAC-to-VLAN mapping per interface. You can define several MAC-based VLAN groups, which each group containing different MAC addresses. These MAC-based groups can be assigned to specific ports/LAGs. MAC-based VLAN groups cannot contain overlapping ranges of MAC addresses on the same port. The following table describes the availability of MAC-based VLAN groups in various SKUs: Table 1 MAC-Based VLAN Group Availability Workflow To define a MAC-based VLAN group: 1. Assign a MAC address to a VLAN group ID (using the MAC-Based Groups page). 2. For each required interface:SKU System Mode MAC-based VLAN Groups Supported Sx300 Layer 2Ye s Layer 3No Sx500, Sx500ESW2- 550XLayer 2Ye s Layer 3No SG500X NativeYe s Basic Hybrid - Layer 2Ye s Basic Hybrid - Layer 3No SG500XG Same as Sx500Ye s
VLAN Management VL AN Groups 208 Cisco Small Business 200, 300 and 500 Series Managed Switch Administration Guide (Internal Version) 13 a . A s s i g n t h e V L AN g ro u p to a V L A N ( u s i n g M a c - B a s e d G ro u p s to V L A N p a g e ) . The interfaces must be in General mode. b. If the interface does not belong to the VLAN, manually assign it to the VLAN using the Port to VLAN page. Assigning MAC-based VLAN Groups See Ta b l e 1 for a description of the availability of this feature. To assign a MAC address to a VLAN Group: STEP 1Click VLAN Management > VLAN Groups > MAC-Based Groups. STEP 2Click Add. STEP 3Enter the values for the following fields: •MAC Address—Enter a MAC address to be assigned to a VLAN group. NOTEThis MAC address cannot be assigned to any other VLAN group. •Mask—Enter one of the following: -Host—Source host of the MAC address -Lengt h—Prefix of the MAC address •Group ID—Enter a user-created VLAN group ID number. STEP 4Click Apply. The MAC address is assigned to a VLAN group. Mapping VLAN Group to VLAN Per Interface See Ta b l e 1 for a description of the availability of this feature. Ports/LAGs must be in General mode. To assign a MAC-based VLAN group to a VLAN on an interface: STEP 1Click VLAN Management > VLAN Groups > MAC-Based Groups to VLAN. STEP 2Click Add. STEP 3Enter the values for the following fields: •Group Type—Displays that the group is MAC-Based.
VLAN Management VL AN Groups Cisco Small Business 200, 300 and 500 Series Managed Switch Administration Guide (Internal Version) 209 13 •Interface—Enter a general interface (port/LAG) through which traffic is received. •Group ID—Select a VLAN group, defined in the MAC-Based Groups page . •VLAN ID—Select the VLAN to which traffic from the VLAN group is for warded. STEP 4Click Apply to set the mapping of the VLAN group to the VLAN. This mapping does not bind the interface dynamically to the VLAN; the interface must be manually added to the VLAN.) Protocol-based VLANs Groups of protocols can be defined and then bound to a port. After the protocol group is bound to a port, every packet originating from a protocol in the group is assigned the VLAN that is configured in the Protocol-Based Groups page. Workflow To define a protocol-based VLAN group: 1. Define a protocol group (using the Protocol-Based Groups page). 2. For each required interface, assign the protocol group to a VLAN (using P r o t o c o l - B a s e d G r o u p s t o V L A N p a g e ) . T h e i n t e r f a c e s m u s t b e i n G e n e r a l m o d e and cannot have a Dynamic VLAN (DVA) assigned to it. Protocol-Based Groups To define a set of protocols. STEP 1Click VLAN Management > VLAN Groups > Protocol-Based Groups. The Protocol-Based Groups Page contains the following fields: •Encapsulation—Displays the protocol on which the VLAN group is based. •Protocol Value (Hex)—Displays the protocol value in hex. •Group ID—Displays the protocol group ID to which the interface is added. STEP 2Click the Add Button. The Add Protocol-Based Group page appears STEP 3Enter the following fields:.
VLAN Management VL AN Groups 210 Cisco Small Business 200, 300 and 500 Series Managed Switch Administration Guide (Internal Version) 13 •Encapsulation—Protocol Packet type. The following options are available: -Ethernet V2—If this is selected, select the Ethernet Type. -LLC-SNAP (rfc1042)—If this is selected, enter the Protocol Value. -LLC—If this is selected, select the DSAP-SSAP Values. •Ethernet Type—Select the Ethernet type for Ethernet V2 encapsulation. This is the two-octet field in the Ethernet frame used to indicate which protocol is encapsulated in the payload of the Ethernet packet) for the VLAN group •Protocol Value—Enter the protocol for LLC-SNAP (rfc 1042)encapsulation. •DSAP-SSAP—Enter these values for LLC encapsulation. •Group ID—Enter a protocol group ID. STEP 4Click Apply. The Protocol Group is added, and written to the Running Configuration file. Protocol-Based Groups to VLAN Mapping To map a protocol group to a port, the port must be in General mode and not have DVA configured on it (see Configuring VLAN Interface Settings). Several groups can be bound to a single port, with each port being associated to its own VLAN. It is possible to map several groups to a single VLAN as well. To map the protocol port to a VLAN: STEP 1Click VLAN Management > VLAN Groups > Protocol-Based Groups to VLAN. The currently-defined mappings are displayed. STEP 2To associate an interface with a protocol-based group and VLAN, click Add. STEP 3Enter the following fields. •Interface—Port or LAG number assigned to VLAN according to protocol- based group. •Group ID—Protocol group ID. •VLAN ID—Attaches the interface to a user-defined VLAN ID.
VLAN Management Vo i c e V L A N Cisco Small Business 200, 300 and 500 Series Managed Switch Administration Guide (Internal Version) 211 13 STEP 4Click Apply. The protocol ports are mapped to VLANs, and written to the Running Configuration file. Voic e VL AN In a LAN, voice devices, such as IP phones, VoIP endpoints, and voice systems are placed into the same VLAN. This VLAN is referred as the voice VLAN. If the voice devices are in different voice VLANs, IP (Layer 3) routers are needed to provide communication. This section covers the following topics: •Voice VLAN Overview •Configuring Voice VLAN Voice VLAN Overview This section covers the following topics: •Dynamic Voice VLAN Modes •Auto Voice VLAN, Auto Smartports, CDP, and LLDP •Voic e VL AN Q oS •Voice VLAN Constraints •Voice VLAN Workflows The following are typical voice deployment scenarios with appropriate configurations: •UC3xx/UC5xx hosted: All Cisco phones and VoIP endpoints support this deployment model. For this model, the UC3xx/UC5xx, Cisco phones and VoIP endpoints reside in the same voice VLAN. The voice VLAN of UC3xx/ UC5xx defaults to VLAN 100. •Third-party IP PBX-hosted: Cisco SBTG CP-79xx, SPA5xx phones and SPA8800 endpoints support this deployment model. In this model, the VLAN used by the phones is determined by the network configuration. There may or may not be separate voice and data VLANs. The phones and VoIP endpoints register with an on-premise IP PBX.
VLAN Management Vo i c e V L A N 212 Cisco Small Business 200, 300 and 500 Series Managed Switch Administration Guide (Internal Version) 13 •IP Centrex/ITSP hosted: Cisco CP-79xx, SPA5xx phones and SPA8800 endpoints support this deployment model. For this model, the VLAN used by the phones is determined by the network configuration. There may or may not be separate voice and data VLANs. The phones and VoIP endpoints register with an off-premise SIP proxy in “the cloud”. From a VLAN perspective, the above models operate in both VLAN-aware and VLAN-unaware environments. In the VLAN-aware environment, the voice VLAN is one of the many VLANs configured in an installation. The VLAN-unaware scenario is equivalent to a VLAN-aware environment with only one VLAN. The device always operates as a VLAN-aware switch. The device supports a single voice VLAN. By default, the voice VLAN is VLAN 1. The voice VLAN is defaulted to VLAN 1. A different voice VLAN can be manually configured. It can also be dynamically learned when Auto Voice VLAN is enabled. Ports can be manually added to the voice VLAN by using basic VLAN configuration described in the Configuring VLAN Interface Setting section, or by manually applying voice-related Smartport macro to the ports. Alternatively, they can be added dynamically if the device is in Telephony OUI mode, or has Auto Smartports enabled. Dynamic Voice VLAN Modes The device supports two dynamic voice VLAN modes: Telephony OUI (Organization Unique Identifier) mode and Auto Voice VLAN mode. The two modes affect how voice VLAN and/or voice VLAN port memberships are configured. The two modes are mutually exclusive to each other. •Te l e p h o n y O U I In Telephony OUI mode, the voice VLAN must be a manually-configured VLAN, and cannot be the default VLAN. When the device is in Telephony OUI mode and a port is manually configured as a candidate to join the voice VLAN, the device dynamically adds the port to the voice VLAN if it receives a packet with a source MAC address matching to one of the configured telephony OUIs. An OUI is the first three bytes of an Ethernet MAC address. For more information about Telephony OUI, see Configuring Telephony OUI.
VLAN Management Vo i c e V L A N Cisco Small Business 200, 300 and 500 Series Managed Switch Administration Guide (Internal Version) 213 13 •Auto Voice VLAN In Auto Voice VLAN mode, the voice VLAN can be either the default voice VLAN, manually configured, or learned from external devices such as UC3xx/5xx and from switches that advertise voice VLAN in CDP or VSDP. VSDP is a Cisco defined protocol for voice service discovery. Unlike Telephony OUI mode that detects voice devices based on telephony OUI, Auto Voice VLAN mode depends on Auto Smartport to dynamically add the ports to the voice VLAN. Auto Smartport, if enabled, adds a port to the voice VLAN if it detects an attaching device to the port that advertises itself as a phone or media end points through CDP and/or LLDP-MED. Voice End-Points To have a voice VLAN work properly, the voice devices, such as Cisco phones and VoIP endpoints, must be assigned to the voice VLAN where it sends and receives its voice traffic. Some of the possible scenarios are as follows: •A phone/endpoint may be statically configured with the voice VLAN. •A phone/endpoint may obtain the voice VLAN in the boot file it downloads from a TFTP server. A DHCP server may specify the boot file and the TFTP server when it assigns an IP address to the phone. •A phone/endpoint may obtain the voice VLAN information from CDP and LLDP-MED advertisements it receives from their neighbor voice systems and switches. The device expects the attaching voice devices to send voice VLAN, tagged packets. On ports where the voice VLAN is also the native VLAN, voice VLAN untagged packets are possible. Auto Voice VLAN, Auto Smartports, CDP, and LLDP Defaults By factory defaults, CDP, LLDP, and LLDP-MED on the device are enabled, auto Smartport mode is enabled, Basic QoS with trusted DSCP is enabled, and all ports are members of default VLAN 1, which is also the default Voice VLAN. In addition, Dynamic Voice VLAN mode is the default to Auto Voice VLAN with enabling based on trigger, and Auto Smartport is the default to be enabled depending on Auto Voice VLAN.
VLAN Management Vo i c e V L A N 214 Cisco Small Business 200, 300 and 500 Series Managed Switch Administration Guide (Internal Version) 13 Voice VL AN Triggers When the Dynamic Voice VLAN mode is Enable Auto Voice VLAN, Auto Voice VLAN becomes operational only if one or more triggers occur. Possible triggers are static voice VLAN configuration, voice VLAN information received in neighbor CDP advertisement, and voice VLAN information received in the Voice VLAN Discovery Protocol (VSDP). If desired, you can activate Auto Voice VLAN immediately without waiting for a trigger. When Auto Smartport is enabled, depending on Auto Voice VLAN mode, Auto Smartport is enabled when Auto Voice VLAN becomes operational. If desired, you can make Auto Smartport independent of Auto Voice VLAN. NOTEThe default configuration list here applies to switches whose firmware version supports Auto Voice VLAN out of the box. It also applies to unconfigured switches that have been upgraded to the firmware version that supports Auto Voice VLAN. NOTEThe defaults and the voice VLAN triggers are designed to have no effect on any installations without a voice VLAN and on switches that have already been configured. You may manually disable and enable Auto Voice VLAN and/or Auto Smartport to fit your deployment if needed. Auto Voice VL AN Auto Voice VLAN is responsible to maintain the voice VLAN, but depends on Auto Smartport to maintain the voice VLAN port memberships. Auto Voice VLAN performs the following functions when it is in operation: •It discovers voice VLAN information in CDP advertisements from directly connected neighbor devices. •If multiple neighbor switches and/or routers, such as Cisco Unified Communication (UC) devices, are advertising their voice VLAN, the voice VLAN from the device with the lowest MAC address is used. NOTEIf connecting the device to a Cisco UC device, you may need to configure the port on the UC device using the switchport voice vlan command to ensure the UC device advertises its voice VLAN in CDP at the port. •It synchronizes the voice VLAN-related parameters with other Auto Voice VLAN-enabled switches, using Voice Service Discovery Protocol (VSDP). The device always configures itself with the voice VLAN from the highest priority source it is aware of. The priority is based on the source type and MAC address of the source providing the voice VLAN information. Source type priority from high to low are static VLAN configuration, CDP advertisement, and default configuration based on changed default VLAN,
VLAN Management Vo i c e V L A N Cisco Small Business 200, 300 and 500 Series Managed Switch Administration Guide (Internal Version) 215 13 and default voice VLAN. A numeric low MAC address is of higher priority than a numeric high MAC address. •It maintains the voice VLAN until a new voice VLAN from a higher priority source is discovered or until the Auto Voice VLAN is restarted by the user. When restarted, the device resets the voice VLAN to the default voice VLAN and restarts the Auto Voice VLAN discovery. •When a new voice VLAN is configured/discovered, the device automatically creates it, and replaces all the port memberships of the existing voice VLAN to the new voice VLAN. This may interrupt or terminate existing voice sessions, which is expected when network topology is altered. NOTEIf the device is in Layer 2 system mode, it can synchronize with only VSDP capable switches in the same management VLAN. If the device is in Layer 3 system mode, it can synchronize with VSDP capable switches that are in the directly-connected IP subnets configured at the device. Auto Smartport works with CDP/LLDP to maintain the port memberships of the voice VLAN when voice end-points are detected from the ports: •When CDP and LLDP are enabled, the device sends out CDP and LLDP packets periodically to advertise the voice VLAN to the voice endpoints to use. •When a device attaching to a port advertises itself as a voice endpoint through CDP and/or LLDP, the Auto Smartport automatically adds the port to the voice VLAN by applying the corresponding Smartport macro to the port (if there is no other devices from the port advertising a conflicting or superior capability). If a device advertises itself as a phone, the default Smartport macro is phone. If a device advertises itself as a phone and host or phone and bridge, the default Smartport macro is phone+desktop. Voice VLAN QoS Voice VLAN can propagate the CoS/802.1p and DSCP settings by using LLDP- MED Network policies. The LLDP-MED is set by default to response with the Voice QoS setting if an appliance sends LLDP-MED packets. MED-supported devices must send their voice traffic with the same CoS/802.1p and DSCP values, as received with the LLDP-MED response. You can disable the automatic update between Voice VLAN and LLDP-MED and use his own network policies. Working with the OUI mode, the device can additionally configure the mapping and remarking (CoS/802.1p) of the voice traffic based on the OUI.