The catch is one VLAN is expecting untagged traffic and the other is expecting tagged traffic. One of the principles behind using the voice vlan settings on Cisco switches is it allows an access interface to connect to two VLAN's. Has the voice vlan been set up on the phones themselves? I would disable the Smartport feature and do the config manually, assuming the Smartports are actually in use. My only observation here is the SG switch uses Smartports which I don't think work very well when trying to have voice and data VLAN's on a single interface. Why would the switch lose it's VLAN settings? As long as the settings are saved, what else would cause this? But hey, who turns off spanning-tree? Bottom line is spanning-tree (layer 2) can't block routing loops which are layer 3. This is unlike Layer 2 where there is no TTL so a loop is catastrophic. And IIRC even with static routes configured in a loop (and they have to be so that traffic can get to and from both networks.), Layer 3 packets have a TTL specifically to prevent loops at Layer 3 from propagating permanently along with split-horizon rules. It could be due to a routing loop and spanning tree is blocking the port and then it resets.ĭo we know if voice traffic is being routed to the data VLAN and vice-versa? I don't really see a reason for this other than for management of the voice VLAN from the data VLAN by the admins and there are better ways to do that. Text It could be that the switch is losing its Voice VLAN settings. In this mode, the addresses are subject to aging and relearning. After the limit is reached, the switch does not learn additional addresses.
Limited Dynamic Lock-The switch learns MAC addresses up to the configured limit of allowed addresses. The learned addresses are not subject to aging or relearning. I unlocked the port and set the port security to the same settings (Classic Lock vs Limited Dynamic Lock) as the ports not giving us a fit and so far everything seems to be good.Ĭlassic Lock-All learned MAC addresses on the port are locked, and the switch learns up to the maximum number of addresses allowed on the port (defined by Max No. All three switches set the same, by the same company, likely using a template. The port security was being tripped and blocking the phone traffic but not the traffic on the ethernet pass-thru, they were also set like this in a pattern.
I was working in the CLI when I noticed what was happening. Thanks, everyone for your input on this, the problem I was having had seemingly disappeared but reappeared late last week.