GRP26xx - VLAN Guide

  • Updated on September 15, 2023

VLAN (Virtual Local Area Network) allows to separate network devices in logical groups despite of their physical location. Only members in same VLAN can communicate with each other. It also confines the broadcast domain to its members.

VLANs are implemented to achieve scalability, security and ease the network management and can quickly adapt to changes in network requirements and relocation of workstations and servers.

802.1Q is the standard that supports VLANs on an Ethernet network, its frames are distinguished from ordinary Ethernet frames by the insertion of a 4-byte VLAN tag (VLAN ID) into the Ethernet header.

VLANs are used to achieve the following:

  • Increase performance: Grouping users into logical networks will increase performance by limiting broadcast traffic to users performing similar functions within workgroups. Additionally, less traffic will need to be routed, and the latency added to routers will be reduced.
  • Improve manageability: VLANs make large networks more manageable by allowing centralized configuration of devices located in assorted locations.
  • Increase security options: VLANs have the ability to provide additional security not available in a shared network environment. A switched network delivers packets only to the intended recipients and packets only to other members of the VLAN. This allows the network administrator to segment users requiring access to sensitive information into separate VLANs from the rest of the general users regardless of physical location.

GRP26XX series on this document include GRP260x, GRP261x series and GRP2624/2634.

About VLAN


VLAN tag allows to distinguish between different VLAN broadcast domains on a group of LAN switches.

The inserted field to the Ethernet frame is composed of four bytes (32 bits). The VLAN tag is a two-byte (16 bits) field inserted between the source MAC address and the Ethertype field in an Ethernet frame as shown on Figure 1. Another two-byte field, the Tag Protocol Identifier (TPI or TPID), precedes the VLAN tag field.

Figure 1: Normal and VLAN-Tagged Ethernet Frames

Two fields are necessary to hold one piece of information:

TPID (Tag Protocol Identifier): 2 Bytes after the source MAC address which will be set to a value of 0x8100 to denote that this frame carries 802.1Q or 802.1p tag information.

TCI (Tag Control Information): 2 Bytes which are made of the following:

  • 3-bit user Priority Code Point (PCP) that sets a priority value between 0 and 7, which can be used for Quality of Service (QoS) priority traffic delivery, as shown on Table 1.
  • 1-bit Canonical Format Indicator (CFI) that is a compatibility bit between Ethernet and other network structures, such as Token Ring. For Ethernet networks, this value will also be set to zero.
  • 12-bit VLAN Identifier (VID) identifies the VLAN that the frame belongs to.

PCPPriorityAcronymTraffic Types


0 (lowest)






Best Effort




Excellent Effort




Critical Applications




Video, < 100ms latency and jitter




Voice, < 10ms latency and jitter




Internetwork Control




Network Control

Table 1: Priority Level

Voice VLAN

The Voice traffic is sensitive to delay and jitter, thus it requires a higher priority than data traffic to reduce the delay and packet loss during transmission, separating voice and data traffic using VLANs provides a solid security boundary, preventing data applications from reaching the voice traffic. It also gives user a simpler method to deploy QoS, prioritizing the voice traffic over the data. This feature enables access port of the switch to affect the connected device to a separated logical group, once this feature is enabled the ports set on the voice VLAN will allow simultaneous access for the PC, therefore the device and PC can be connected to one switch port through the device, LAN port will be connected to the Switch and PC port to the PC, after configuring VLAN tags for PC and LAN port the device will tag all packets from those port with VLAN ID, the switch will then forward the received packets to the corresponding VLAN ID.

Figure 2: SIP clients VLAN architecture

VLAN Configuration

There are 2 ways to get VLAN ID on GRP26xx for the LAN port:

  1. Discovery using LLDP
  2. Manual configuration

The Grandstream products only support manual method to get VLAN ID for the PC port.

The Link Layer Discovery Protocol (LLDP) is a Layer 2 discovery protocol defined in the IEEE 802.1ab.

Nodes transmit information about themselves and listen for information about the devices on each connection, LLDP defines a standard SNMP MIB (Management Information Base) which can store information gathered locally and can be queried by SNMP to facilitate network management.

LLDP encapsulates all the device information in LLDPDUs (LLDP Data Units), which are then sent to neighboring nodes. A LLDPDU contains a variety of type length values (TLVs). In a TLV, “T” indicates the information type, “L” indicates the information length, and “V” indicates the value or the content to be sent.

Devices send/receive LLDPDUs with different TLVs to advertise their local information and receive neighbor information.

TLV TypeTLV NameUsage in LLDPDUDescription




This marks the end of the TLV sequence in the LLDPDU. After this TLV, there is no further processing. This is a mandatory filed that need to be present at the end of the data stream.


Chassis ID


Contains the IP address of the sending port.


Port ID


Contains the MAC address of the device.


Time to Live


Specifies the life of the transmitted information on the device.


Port description


Describes the sending port.


System Name


Specifies the assigned name for the device.


System Description


Specifies the description of the device.


System Capabilities


Specifies the supported and enabled capabilities of the device, the supported and enabled capabilities by default are Bridge and Telephone.


Management Address


The type of management address used in LLDPDU




Organizationally specific TLVs


LLDP specification allows for various organizations to define and encode their own TLVs.

Table 2: TLVs transported in LLDPDUs


LLDP-MED is an extension of LLDP, that exchanges messages between Network devices such as switches and VoIP devices, it is published by the Telecommunications Industry Association (TIA). It provides the following capabilities for VoIP devices:

LLDP-MED TLVsDescription



LLDP-MED capabilities

Allows endpoints to determine the capabilities that the connected device supports and what capabilities the device has enabled.

Network Policy

Allows both network connectivity devices and endpoints to advertise VLAN configurations and associated Layer 2 and Layer 3 attributes for the specific application on that port. For example, the switch can notify the device of the VLAN number that it should use. The device can connect into any switch, obtain its VLAN number, and then start communicating with the call control.

Power Management

Enables advanced power management between LLDP-MED endpoint and network connectivity devices. Allows switches and devices to convey power information, such as how the device is powered, power priority, and how much power the device needs.

Inventory Management

Allows an endpoint to transmit detailed inventory information about itself to the switch, including information hardware revision, firmware version, software version, serial number, manufacturer name, model name, and asset ID TLV.


Provides location information from the switch to the endpoint device. The location TLV can send this information:

  • Civic location information: Provides the civic address information and postal information. Examples of civic location information are street address, road name, and postal community name information.
  • ELIN location information: Provides the location information of a caller. The location is determined by the Emergency location identifier number (ELIN), which is a device number that routes an emergency call to the local public safety answering point (PSAP) and which the PSAP can use to call back the emergency caller.
Table 3: LLDP-MED TLVs type

In order to enable/disable LLDP option from the Web GUI, please refer to following table showing the location of LLDP option.

DeviceLocation in the Web GUI


Network 🡪 Advanced Settings

Table 4: LLDP Option Location on The Web GUI

LLDP Flow (Wireshark)

Since the LLDP feature is activated by default, the SIP client will behave as follows:

  • Send LLDP advertisement each 30 second.
  • Send/receive LLDP packets from LAN port.
  • Support the MAC/PHY Configuration/Status.
  • Obtain VLAN information (ID, L2 Priority, DSCP Priority…) from the Network policy.

The following trace shows the packets advertised and received by the GRP2613.

Figure 3: LLDP advertisement on GRP2613

Manual Configuration

For manual configuration user can make the settings via the Web GUI.

Configuring VLAN Manually via Web GUI

DeviceLocation in the Web GUI


Network 🡪 Advanced Settings

Table 5: Set VLAN Manually

Screenshots Example for LLDP and Manual Configuration Settings

GRP26xx Series Network 🡪 Advanced Settings

Figure 4: Screenshot for LLDP and Manual Configuration Settings for GRP261x, GRP2624/GRP2634

Figure 5: Screenshot for LLDP and Manual Configuration Settings for GRP260x

Was this article helpful?

Related Articles

Need Support?
Can’t find the answer you’re looking for? Don’t worry we’re here to help!
Contact Support

Leave a Comment