VLAN (Virtual Local Area Network) allows to separate network devices in logical groups despite of their physical location. Only members in same VLAN can communicate with each other. It also confines the broadcast domain to its members.
VLANs are implemented to achieve scalability, security and ease the network management and can quickly adapt to changes in network requirements and relocation of workstations and servers.
802.1Q is the standard that supports VLANs on an Ethernet network, its frames are distinguished from ordinary Ethernet frames by the insertion of a 4-byte VLAN tag (VLAN ID) into the Ethernet header.
VLANs are used to achieve the following:
- Increase performance: Grouping users into logical networks will increase performance by limiting broadcast traffic to users performing similar functions within workgroups. Additionally, less traffic will need to be routed, and the latency added to routers will be reduced.
- Improve manageability: VLANs make large networks more manageable by allowing centralized configuration of devices located in assorted locations.
- Increase security options: VLANs have the ability to provide additional security not available in a shared network environment. A switched network delivers packets only to the intended recipients and packets only to other members of the VLAN. This allows the network administrator to segment users requiring access to sensitive information into separate VLANs from the rest of the general users regardless of physical location.
GRP26XX series on this document include GRP260x, GRP261x series and GRP2624/2634.
About VLAN
General
VLAN tag allows to distinguish between different VLAN broadcast domains on a group of LAN switches.
The inserted field to the Ethernet frame is composed of four bytes (32 bits). The VLAN tag is a two-byte (16 bits) field inserted between the source MAC address and the Ethertype field in an Ethernet frame as shown on Figure 1. Another two-byte field, the Tag Protocol Identifier (TPI or TPID), precedes the VLAN tag field.
Two fields are necessary to hold one piece of information:
TPID (Tag Protocol Identifier): 2 Bytes after the source MAC address which will be set to a value of 0x8100 to denote that this frame carries 802.1Q or 802.1p tag information.
TCI (Tag Control Information): 2 Bytes which are made of the following:
- 3-bit user Priority Code Point (PCP) that sets a priority value between 0 and 7, which can be used for Quality of Service (QoS) priority traffic delivery, as shown on Table 1.
- 1-bit Canonical Format Indicator (CFI) that is a compatibility bit between Ethernet and other network structures, such as Token Ring. For Ethernet networks, this value will also be set to zero.
- 12-bit VLAN Identifier (VID) identifies the VLAN that the frame belongs to.
| PCP | Priority | Acronym | Traffic Types |
|---|---|---|---|
1 | 0 (lowest) | BK | Background |
0 | 1 | BE | Best Effort |
2 | 2 | EE | Excellent Effort |
3 | 3 | CA | Critical Applications |
4 | 4 | VI | Video, < 100ms latency and jitter |
5 | 5 | VO | Voice, < 10ms latency and jitter |
6 | 6 | IC | Internetwork Control |
7 | 7(highest) | NC | Network Control |
Voice VLAN
The Voice traffic is sensitive to delay and jitter, thus it requires a higher priority than data traffic to reduce the delay and packet loss during transmission, separating voice and data traffic using VLANs provides a solid security boundary, preventing data applications from reaching the voice traffic. It also gives user a simpler method to deploy QoS, prioritizing the voice traffic over the data. This feature enables access port of the switch to affect the connected device to a separated logical group, once this feature is enabled the ports set on the voice VLAN will allow simultaneous access for the PC, therefore the device and PC can be connected to one switch port through the device, LAN port will be connected to the Switch and PC port to the PC, after configuring VLAN tags for PC and LAN port the device will tag all packets from those port with VLAN ID, the switch will then forward the received packets to the corresponding VLAN ID.
VLAN Configuration
There are 2 ways to get VLAN ID on GRP26xx for the LAN port:
- Discovery using LLDP
- Manual configuration
The Grandstream products only support manual method to get VLAN ID for the PC port.
LLDP (Link Layer Discovery Protocol)
The Link Layer Discovery Protocol (LLDP) is a Layer 2 discovery protocol defined in the IEEE 802.1ab.
Nodes transmit information about themselves and listen for information about the devices on each connection, LLDP defines a standard SNMP MIB (Management Information Base) which can store information gathered locally and can be queried by SNMP to facilitate network management.
LLDP encapsulates all the device information in LLDPDUs (LLDP Data Units), which are then sent to neighboring nodes. A LLDPDU contains a variety of type length values (TLVs). In a TLV, “T” indicates the information type, “L” indicates the information length, and “V” indicates the value or the content to be sent.
Devices send/receive LLDPDUs with different TLVs to advertise their local information and receive neighbor information.
| TLV Type | TLV Name | Usage in LLDPDU | Description |
|---|---|---|---|
0 | End of LLDPDU | Mandatory | This marks the end of the TLV sequence in the LLDPDU. After this TLV, there is no further processing. This is a mandatory filed that need to be present at the end of the data stream. |
1 | Chassis ID | Mandatory | Contains the IP address of the sending port. |
2 | Port ID | Mandatory | Contains the MAC address of the device. |
3 | Time to Live | Mandatory | Specifies the life of the transmitted information on the device. |
4 | Port description | Optional | Describes the sending port. |
5 | System Name | Optional | Specifies the assigned name for the device. |
6 | System Description | Optional | Specifies the description of the device. |
7 | System Capabilities | Optional | Specifies the supported and enabled capabilities of the device, the supported and enabled capabilities by default are Bridge and Telephone. |
8 | Management Address | Optional | The type of management address used in LLDPDU |
9-126 | Reserved | – | – |
127 | Organizationally specific TLVs | Optional | LLDP specification allows for various organizations to define and encode their own TLVs. |
LLDP-MED
LLDP-MED is an extension of LLDP, that exchanges messages between Network devices such as switches and VoIP devices, it is published by the Telecommunications Industry Association (TIA). It provides the following capabilities for VoIP devices:
| LLDP-MED TLVs | Description |
|---|---|
LLDP-MED TLVs | Description |
LLDP-MED capabilities | Allows endpoints to determine the capabilities that the connected device supports and what capabilities the device has enabled. |
Network Policy | Allows both network connectivity devices and endpoints to advertise VLAN configurations and associated Layer 2 and Layer 3 attributes for the specific application on that port. For example, the switch can notify the device of the VLAN number that it should use. The device can connect into any switch, obtain its VLAN number, and then start communicating with the call control. |
Power Management | Enables advanced power management between LLDP-MED endpoint and network connectivity devices. Allows switches and devices to convey power information, such as how the device is powered, power priority, and how much power the device needs. |
Inventory Management | Allows an endpoint to transmit detailed inventory information about itself to the switch, including information hardware revision, firmware version, software version, serial number, manufacturer name, model name, and asset ID TLV. |
Location | Provides location information from the switch to the endpoint device. The location TLV can send this information:
|
In order to enable/disable LLDP option from the Web GUI, please refer to following table showing the location of LLDP option.
| Device | Location in the Web GUI |
|---|---|
GRP26xx | Network 🡪 Advanced Settings |
LLDP Flow (Wireshark)
Since the LLDP feature is activated by default, the SIP client will behave as follows:
- Send LLDP advertisement each 30 second.
- Send/receive LLDP packets from LAN port.
- Support the MAC/PHY Configuration/Status.
- Obtain VLAN information (ID, L2 Priority, DSCP Priority…) from the Network policy.
The following trace shows the packets advertised and received by the GRP2613.
Manual Configuration
For manual configuration user can make the settings via the Web GUI.
Configuring VLAN Manually via Web GUI
| Device | Location in the Web GUI |
|---|---|
GRP26xx | Network 🡪 Advanced Settings |
Screenshots Example for LLDP and Manual Configuration Settings
GRP26xx Series Network 🡪 Advanced Settings
