Back in the day, folks used to configure trunks out all the access ports in the switch to provide the ability for the IP Phones to push their voice VLAN data up the link along with the downstream access VLAN data from the PC.
This is a bad thing. I won’t go into it here, but those days are gone. You now use Dual VLANs, Voice VLANs, however you want to describe two VLAN’s only being accepted on an access port.
The idea is that ‘default’ compute data traffic is just assigned to the access VLAN configured on that switch port, and all the voice traffic which is sourced from the phone is punched into the voice VLAN that’s been configured on that switch port thanks to some clever CDP/LLDP communication where amongst other things like power negotiation, the switch informs the phone what it needs to do in terms of 802.1q tagging.
Configuration is particularly simple.
Ensure your switchport is an access port and configure a data VLAN which I hope is not VLAN 1.
SW3(config-if)#switchport mode access SW3(config-if)#switchport access vlan 22 SW3(config-if)#switchport voice vlan ? <1-4094> Vlan for voice traffic dot1p Priority tagged on PVID none Don't tell telephone about voice vlan untagged Untagged on PVID
To set the voice VLAN, specify a VLAN number, this is by FAR the most common configuration use, and it ends there.
Other options are :
The dot1p option tells the phone to set CoS bits in voice packets while using the data VLAN.
The untagged option tells the phone to use the data VLAN without setting any CoS values.
The none option does what it says on the tin.
There is one other voice VLAN command which is a little obscure
but seems to be a protection mechanism
SW3(config-if)#switchport voice detect cisco-phone full-duplex
This command can be entered without the full-duplex keyword.
The best description I can find about this command is that it appears if a device wants to communicate on the voice VLAN is has to have drawn PoE from the switch, speak CDP and be full-duplex.
Without the full-duplex keyword, I think it simply must just have to communicate on the voice VLAN and have drawn PoE from the switch, half-duplex is acceptable.
If these criteria aren’t met, the switchport goes into err-disable.
I guess the summary of that command is that you can’t go plugging anything into the port other than a CDP speaking PoE phone on either half or full duplex.
*Update* I haven’t been able to recreate this using an 1130AG Access Point, an ESXi host and a Switch to Switch link as test devices plugged into access ports.
What does happen however is you get a log message
*Mar 1 00:03:59.066: %CPDE-6-DETECT: Cisco IP Phone 7940 detected on FastEthernet0/24 in full duplex mode
Perhaps this is all it is? You can then use this information to track device usage, deployment from your log aggregation systems. Still, not a feature I’m going to lose sleep over.