Switch Port Membership Modes

Switch Ports

Switch ports are Layer 2-only interfaces associated with a physical port. Switch ports are used for managing the physical interface and associated Layer 2 protocols. They do not handle routing or bridging. Switch ports belong to one or more VLANs.

VLAN Switch Port Modes

When you configure a VLAN, you must assign it a number ID, and you can optionally give it a name. The purpose of VLAN implementations is to judiciously associate ports with particular VLANs. You configure the port to forward a frame to a specific VLAN. As mentioned previously, you can configure a VLAN in voice mode to support voice and data traffic coming from a Cisco IP phone. You can configure a port to belong to a VLAN by assigning a membership mode that specifies the kind of traffic the port carries and the VLANs to which it can belong. A port can be configured to support these VLAN types:

Static VLAN - Ports on a switch are manually assigned to a VLAN. Static VLANs are configured using the Cisco CLI. This can also be accomplished with GUI management applications, such as the Cisco Network Assistant. However, a convenient feature of the CLI is that if you assign an interface to a VLAN that does not exist, the new VLAN is created for you.

Dynamic VLAN - This mode is not widely used in production networks and is not explored in this course. However, it is useful to know what a dynamic VLAN is. A dynamic port VLAN membership is configured using a special server called a VLAN Membership Policy Server (VMPS). With the VMPS, you assign switch ports to VLANs dynamically, based on the source MAC address of the device connected to the port. The benefit comes when you move a host from a port on one switch in the network to a port on another switch in the network-the switch dynamically assigns the new port to the proper VLAN for that host.

Voice VLAN - A port is configured to be in voice mode so that it can support an IP phone attached to it. Before you configure a voice VLAN on the port, you need to first configure a VLAN for voice and a VLAN for data. In the figure, VLAN 150 is the voice VLAN, and VLAN 20 is the data VLAN. It is assumed that the network has been configured to ensure that voice traffic can be transmitted with a priority status over the network. When a phone is first plugged into a switch port that is in voice mode, the switch port sends messages to the phone providing the phone with the appropriate voice VLAN ID and configuration. The IP phone tags the voice frames with the voice VLAN ID and forwards all voice traffic through the voice VLAN.

The configuration command mls qos trust cos ensures that voice traffic is identified as priority traffic. Remember that the entire network must be set up to prioritize voice traffic. You cannot just configure the port with this command.

The switchport voice VLAN 150 command identifies VLAN 150 as the voice VLAN. You can see this verified in the bottom screen capture: Voice VLAN: 150 (VLAN0150).

The switchport access VLAN 20 command configures VLAN 20 as the access mode (data) VLAN. You can see this verified in the bottom screen capture: Access Mode VLAN: 20 (VLAN0020).