Dedicated Voice VLAN for Lync Devices

There are multiple reasons to deploy a dedicated VLAN for your Lync devices - IP constraint, data partitioning, QoS, just because (my personal case). I decided it was a brilliant idea to move my phones to their own VLAN but wanted to make sure my PCs behind the various devices (Polycom CX600/CX700 and Aastra 6725ip) remained on the current VLAN.

In OCS, this was accomplished exclusively via DHCP options. The process was poorly documented for whatever reason by Microsoft (and nearly non-existent in OCS 2007 R2) although multiple bloggers came to the rescue and had (for the most part) the answers. In Lync Server 2010 in addition to the DHCP OPTION 43 'option' LLDP-MEP was introduced as a method to define the multiple VLANs. Unfortunately my older networking equipment did not support LLDP-MEP so I was pushed back into the DHCP realm (thank you Microsoft for retaining the option!).

Luckily the configuration of the second VLAN is exactly the same as it was in OCS although the process is manual. Why Microsoft didn't create a script like they did to create the 'other' PIN required DHCP options is beyond me. Below I have written a batch file to create the required functionality to make sure typos are eliminated. Like the Microsoft DHCP PIN script, the options are added at the Server Options level; if this is not what you want/need, go ahead and add the Option (010 VoiceVLAN) directly to the desired scopes and remove it from the Server Options.

Note: if the DHCP MMC is running when you execute this script, you will not see the changes made. To refresh, exit the MMC and re-launch.

Now to break down what we are doing in the script. When executed from an elevated prompt (ex. VoiceVLAN.bat 30) the script uses netsch to create a Vendor Class named CPEOCPhone with a value of CPE-OCPHONE. It then creates an option 10 definition called VoiceVLAN and assigns it (in this case) a value of 30. Simply replace 30 with the desired Voice VLAN number (displayed in HEX in the MMC). Manually this would be accomplished using the following steps.

Right-click on IPv4 and select Define Vendor Classes...

 

Select Add to define a New Class. The Display name is whatever you want it to be; the script sets it to CPEOCPhone with a Description of VLAN tagging for the Microsoft Phone Devices. The only part that MUST be entered exactly is the ID value. This is set most easily in ASCII by simply placing the cursor under the word ASCII and clicking. Enter CPE-OCPHONE (yes, case sensitive) and watch the Binary equivalent automatically appear.

 

Click OK to save the new Vendor Class and Close to complete the creation process.

Next the Predefined Options must be created (in this case, Option 10). Once again, right-click IPv4 in the DHCP MMC but this time select Set Predefined Options...

Change the Option class... to the newly created class (CPEOCPhone) where you will find no Options created. Click Add... to create the new option. In the Name, enter VoiceVLAN. Change the Data type to Word. In the Code, enter the number 10. Enter Phone VLAN in the Description and click OK.

 

The Predefined Options and Values will now display option 010 VoiceVLAN with no default Value. Click OK to close the configuration dialog. You must now add the option to one or more scopes. Select a scope and select Configure Options...

 

Select the Advanced tab and from the Vendor class drop-down select CPEOCPhone. A single option should be listed, 010 VoiceVLAN. Select the option and under Data entry enter your VLAN (ex. 30).

 

Click OK to add the Option to the selected DHCP scope and repeat as necessary.

IMPORTANT: After changing the VLAN options for the phones, a hard reset is required as the devices cache their VLAN information to avoid the query process each time. For the CX700 (Tanjay) this is accomplished by using a small object to push the reset button on the back of the phone. For the newer Lync phones (Polycom CX600/CX500 and Aastra 6725ip/6721ip) you must hold down the * and # keys while powering on the phone until prompted to reset the device (this takes a few minutes). After the phone reboots, the new DHCP options will be passed to the phone. The switch port the phone is attached to must already have both VLANs associated to it with the PVID (primary VLAN) set to the computer VLAN, not to the voice VLAN. Of course, normal routing and switching configuration must be completed as well (as defined by the switch/router vendor).

VoiceVLAN.bat

netsh dhcp server add class CPEOCPhone "VLAN tagging for the Microsoft Phone Devices" "CPE-OCPHONE" 1

netsh dhcp server add optiondef 10 VoiceVLAN Word 0 Vendor=CPEOCPhone comment="Phone VLAN"
netsh dhcp server set optionvalue 10 Word vendor=CPEOCPhone "%1"