Ruijie Community
Title: Voice VLAN configuration and MAC-VLAN [Print this page]
Author: a.zubarev@gener Time: 2022-11-9 14:11
Title: Voice VLAN configuration and MAC-VLAN
Edited by Alexander Zubarev at 2022-11-9 14:17
Hi!
We've configured voice vlan based on Scenario 1 according to this guide https://community.ruijienetworks.com/forum.php?mod=viewthread&tid=781
but instead of using MAC for each phone we are using mac-vlan based on mask of mac-address of device (same as OUI), see config below:
voice vlan 934
no voice vlan security enable
voice vlan mac-address 003c.1000.0000 mask ffff.ff00.0000 description "CISCO-PHONE"
voice vlan mac-address bcf1.f200.0000 mask ffff.ff00.0000 description "CISCO-PHONE"
voice vlan mac-address 7802.b100.0000 mask ffff.ff00.0000 description "CISCO-PHONE"
voice vlan mac-address a49b.cd00.0000 mask ffff.ff00.0000 description "CISCO-PHONE"
voice vlan mac-address 3c41.0e00.0000 mask ffff.ff00.0000 description "CISCO-PHONE"
mac-vlan mac-address f0b2.e579.64a6 vlan 934 priority 6voice vlan mac-address 488b.0a00.0000 mask ffff.ff00.0000 description "CISCO-PHONE"
voice vlan mac-address d0ec.3500.0000 mask ffff.ff00.0000 description "CISCO-PHONE"
voice vlan mac-address c800.8400.0000 mask ffff.ff00.0000 description "CISCO-PHONE"
voice vlan mac-address 682c.7b00.0000 mask ffff.ff00.0000 description "CISCO-PHONE"
voice vlan mac-address 700b.4f00.0000 mask ffff.ff00.0000 description "CISCO-PHONE"
voice vlan mac-address 38ed.1800.0000 mask ffff.ff00.0000 description "CISCO-PHONE"
voice vlan mac-address ac4a.5600.0000 mask ffff.ff00.0000 description "CISCO-PHONE"
voice vlan mac-address cc7f.7500.0000 mask ffff.ff00.0000 description "CISCO-PHONE"
voice vlan mac-address 70f0.9600.0000 mask ffff.ff00.0000 description "CISCO-PHONE"
voice vlan mac-address ac44.f200.0000 mask ffff.ff00.0000 description "CISCO-PHONE"
voice vlan mac-address f0b2.e500.0000 mask ffff.ff00.0000 description "CISCO-PHONE"
voice vlan mac-address 6899.cd00.0000 mask ffff.ff00.0000 description "CISCO-PHONE"
voice vlan mac-address 00df.1d00.0000 mask ffff.ff00.0000 description "CISCO-PHONE"
mac-vlan mac-address 6899.cd00.0000 mask ffff.ff00.0000 vlan 934 priority 6
mac-vlan mac-address 003c.1000.0000 mask ffff.ff00.0000 vlan 934 priority 6
mac-vlan mac-address bcf1.f200.0000 mask ffff.ff00.0000 vlan 934 priority 6
mac-vlan mac-address 7802.b100.0000 mask ffff.ff00.0000 vlan 934 priority 6
mac-vlan mac-address a49b.cd00.0000 mask ffff.ff00.0000 vlan 934 priority 6
mac-vlan mac-address 3c41.0e00.0000 mask ffff.ff00.0000 vlan 934 priority 6
mac-vlan mac-address 488b.0a00.0000 mask ffff.ff00.0000 vlan 934 priority 6
mac-vlan mac-address d0ec.3500.0000 mask ffff.ff00.0000 vlan 934 priority 6
mac-vlan mac-address c800.8400.0000 mask ffff.ff00.0000 vlan 934 priority 6
mac-vlan mac-address 682c.7b00.0000 mask ffff.ff00.0000 vlan 934 priority 6
mac-vlan mac-address 700b.4f00.0000 mask ffff.ff00.0000 vlan 934 priority 6
mac-vlan mac-address 38ed.1800.0000 mask ffff.ff00.0000 vlan 934 priority 6
mac-vlan mac-address ac4a.5600.0000 mask ffff.ff00.0000 vlan 934 priority 6
mac-vlan mac-address cc7f.7500.0000 mask ffff.ff00.0000 vlan 934 priority 6
mac-vlan mac-address 70f0.9600.0000 mask ffff.ff00.0000 vlan 934 priority 6
mac-vlan mac-address ac44.f200.0000 mask ffff.ff00.0000 vlan 934 priority 6
mac-vlan mac-address f0b2.e500.0000 mask ffff.ff00.0000 vlan 934 priority 6
mac-vlan mac-address 00df.1d00.0000 mask ffff.ff00.0000 vlan 934 priority 6
And configured port as Hybrid:
interface GigabitEthernet 2/0/32
storm-control broadcast level 10
storm-control multicast level 10
description HOSTS
switchport mode hybrid
switchport hybrid native vlan 933
switchport hybrid allowed vlan only tagged 1-932,935-4094
switchport hybrid allowed vlan add untagged 933-934
mac-vlan enable
no voice vlan mode auto
voice vlan enable
spanning-tree bpduguard enable
spanning-tree portfast
switchport port-security mac-address sticky 6899.cd85.9399 vlan 933
switchport port-security mac-address sticky
switchport port-security maximum 2
switchport port-security aging time 1440
switchport port-security violation restrict
switchport port-security
poe enable
But in such scenario some devices with mac-vlan mask are connecting in native 933 vlan ignoring mac-vlan directive. More interesting it happens randomly, so device that connected today to 934 vlan tommorow can be at native 933 vlan. Nothing in logs, cant correlate this error with device settings (it's the same model with same FW etc.)
What we are doing wrong and what can we do for correct work of mac-vlan?
UPD. Seems to be working if we adding full mac of device to mac-vlan:
mac-vlan mac-address 6899.cd85.9399 vlan 934 priority 6
But it's really hard for our infrastructure to control all devices at switches for proper functionality and we want use unified mac-vlan config
Author: GTAC-Steve Time: 2022-11-9 17:38
Dear sir
I check it first, I'll give you a solution later.
Author: GTAC-Steve Time: 2022-11-10 21:21
Dear sir,
May I know your the version of your device?
Author: a.zubarev@gener Time: 2022-11-10 21:27
Hey, Steve!
Software version : S5310E_RGOS 12.5(4)B0701P1
Author: GTAC-Steve Time: 2022-11-11 09:46
Dera sir,
Thank you for your reply and I will give you a solution later.
Best Regards,
Steve
Author: Daisy Time: 2022-11-15 10:34
Alexander Zubarev replied at 2022-11-10 21:27
Hey, Steve!
Software version : S5310E_RGOS 12.5(4)B0701P1
Dear Alexander,
Please try to upgrade the firmware to latest.
https://pan.ruijie.com.cn/share/81768df9ceaf8da840355f1a58
Upgrade command for tftp upload.
Ruijie# upgrade download tftp://x.x.x.x/S53E_RGOS12.5(4)B1102P1_install.bin
Press Ctrl+C to quit
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
< The terminal is lock >
Upgrade start
!!!!!!!!!!!!100%
Upgrade success
Author: a.zubarev@gener Time: 2022-11-15 13:48
Edited by Alexander Zubarev at 2022-11-15 17:09
GTAC-Daisy replied at 2022-11-15 10:34
Dear Alexander,
Hey, GTAC-Daisy!
Will try at next 2 weeks, after send here answer if this worked.
TYSM!
| Welcome to Ruijie Community (https://community.ruijienetworks.com/) |
Powered by Discuz! X3.2 |