Manualshelf

Users Guide

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch N1500 Series
851852853854855856857858859860
Layer 2 Switching Commands 851
Voice VLAN information is transmitted to the phone via LLDP-MED in the
Network Policy TLV (Application Type Voice, Tagged Yes, …). Voice VLAN
information is transmitted to the phone via CDP in the Appliance VLAN
TLV. The voice VLAN must be configured on the switch and must be
different than the data VLAN. The configured or default priority is sent to
the phone Class of Service (CoS) TLV. The trust status is sent to the phone
via CDP in the Extended trust TLV. The configured or default priority/DSCP
is sent to the phone via LLDP in the MED TLVs. LLDP and CDP packets are
exchanged regardless of the 802.1X authentication state.
In MAC-based and auto authentication mode, a voice packet is switched
based on the source MAC address of the IP phone. If override authentication
is enabled, voice packets received are switched regardless of the 802.1X
authentication state. Likewise, voice packets from the switch are transmitted
over the port regardless of the 802.1x authentication state when the override
option is enabled.
In MAC-based and auto authentication modes, the switch identifies a device
as a voice device when an Access-Accept is received from the AAA service
with the proprietary VSA device-traffic-class = voice.
When 802.1X authenticates a device onto the voice VLAN using MAC-based
authentication, the device is also allowed access over the data VLAN for
approximately thirty seconds after authentication succeeds. This allows the
device to learn the voice VLAN via non-standard mechanism such as DHCP,
HTTP or TFTP.
If trust mode is disabled, the switch remarks the priority and/or DSCP value
of received voice VLAN packets to the configured or default values (priority 5
and DSCP 46). If trust mode is enabled, voice packets are not remarked.
If trust mode is disabled, the switch classifies the voice packets into CoS
queue 2. If trust mode is enabled, voice packets are classified per the switch
configuration.
Use of the override authentication option allows packets to flow over the
voice VLAN regardless of the AAA authentication status. The switch cannot
distinguish among voice and other packets in the voice VLAN. Use of this
option should be carefully considered as it may allow malevolent users
unrestricted access to network resources, particularly if MAC-based
authentication is not enabled.