Users Guide
VLANs 795
console(config-vlan25)#exit
2
Globally enable the Voice VLAN feature on the switch.
console(config)#switchport voice vlan
3
Configure a rate-limiting ACL to ensure that the Voice VLAN does not
present a denial-of-service threat. A G.711 voice stream generates 64 Kbps,
which translates to 80 bytes of uncompressed voice every 10 ms. Overhead
adds 40 bytes, so the phone will generate 100 to 120 byte packets every
second per voice stream, or about 96 Kbps. The rate limit below will
permit a single voice stream.
console(config)#mac access-list extended dot1p-5-limit
console(config-mac-access-list)#permit any any cos 5 rate-
limit 100 64
console(config-mac-access-list)#permit any any
console(config-mac-access-list)#exit
4
Configure port 10 to be in access mode.
These ports use the default
802.1X auto mode authentication. Only one IP phone per port may
authentication into the Voice VLAN. By default, access mode ports use
VLAN 1 for the data VLAN.
console(config)#interface gi1/0/10
console(config-if-Gi1/0/10)#switchport mode access
5
Configure the switch to tell the IP phone to use VLAN 25 for voice traffic,
and to tag the voice packets with 802.1p priority 5. The RADIUS server
must also be configured to identify the phone as a voice device and to send
the Voice VLAN in the RADIUS Access-Accept.
console(config-if-Gi1/0/10)#switchport voice vlan 25
console(config-if-Gi1/0/10)#switchport voice vlan dot1p 5
6
Enable IEEE 802.1p trust mode for the Voice VLAN-tagged packets. The
802.1p priority in the tagged voice packets will be honored.
console(config-if-Gi1/0/10)#switchport voice vlan priority
extend 5 trust
7
Configure internal CoS queue 2 as strict priority to ensure that egressing
voice traffic is transmitted first on this interface. This reduces latency for
transmitted voice traffic.
console(config-if-Gi1/0/10)#cos-queue strict 2
8
Map 802.1p priority 5 onto internal CoS queue 2. This is the switch
default mapping.