Hi, this makes sense. If the LLDP messages are not received by the switch for a period of time (maybe 120s) then it would default the VLAN/power assignment.
With comware switches I see the same MAC on every vlan that is configured (at the end of a trunk port) so switches are fine with that being the case. Its good that you have confirmation of this being LLDP MED in operation.
Original Message:
Sent: 3/1/2024 3:16:00 PM
From: p.sauerwein
Subject: RE: One MAC Address of VoIP Phone in two different VLANs
After some mirror and wireshark sessions i can confirm, that the VoIP phone is sending every 30 sec. LLDP traffic untagged to the VLAN11.
This is a capture in VLAN11 filtered to the MAC adress from the phone.
I think this is why we see the MAC address also in VLAN11
Every other traffic comes with a VLAN tag 15 in the ethernet frame like here in VLAN15
Original Message:
Sent: Mar 01, 2024 01:09 PM
From: p.sauerwein
Subject: One MAC Address of VoIP Phone in two different VLANs
Reauth is configured with the default time of 3600 sec.
I will try a port mirror and post the result when its done
Original Message:
Sent: Mar 01, 2024 11:43 AM
From: Herman Robers
Subject: One MAC Address of VoIP Phone in two different VLANs
Can you run a port mirror on that port? I suspect this phone sends traffic in both the native and voice VLAN, which I would expect during the boot, but it may be that this device also sends it regularly for whatever reason. Do you have re-authentication for your MAC Authentication? If not, the authenticated MAC during boot may stay authenticated forever, and then what you see is expected.
------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.
In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
Original Message:
Sent: Mar 01, 2024 02:26 AM
From: p.sauerwein
Subject: One MAC Address of VoIP Phone in two different VLANs
we have started with Version 10.8 and saw the problem for the first time.
Then we updated the switch to version 10.13.1000
The MAC is always visible.
Original Message:
Sent: Feb 29, 2024 05:02 PM
From: ariyap
Subject: One MAC Address of VoIP Phone in two different VLANs
what firmware version are you running on the switch? also if you leave it for a while (~30 min) will the MAC still show in VLAN 11 ?
------------------------------
If my post was useful accept solution and/or give kudos.
Any opinions expressed here are solely my own and not necessarily that of HPE or Aruba.
Original Message:
Sent: Feb 29, 2024 04:10 PM
From: p.sauerwein
Subject: One MAC Address of VoIP Phone in two different VLANs
Hi @all,
we have a maybe a strange problem with our new 6200f switches in regard of VoIP phones.
I have configured two VLANs with ID 11(Data) and 15(Voice)
On Port 1/1/2 is a VoIP Phone (Unify Desk Phone IP 55G) connected . The port is secured with 802.1x with auth-mode multi-domain
802.1x is working fine.
The IP Phone gets his config for the Voice VLAN over LLDP-MED
LLPD-MED at the switch is also ok.
But when i´m now look in the mac-address table i see the mac from the phone in VLAN11 AND in VLAN15.
I´m a little bit confiused or is this a normal behaviour?
Best regards
Patrick