VLANs (Virtual Local Area Networks) allow you to segment out a physical network into virtual networks with different subnets. Segmenting out a network usually requires adding additional hardware into your network (which generally means adding more physical switches). However, the great thing about VLANs is that you don’t have to buy additional equipment as long as your existing switches, access points, and routers support VLANs. Most do.
Why would you want to separate out a network? Well, with VLANs you can separate network traffic and users for specific reasons such as applying different security or policies to different VLANs or groups of users. For VoIP, there are specific benefits in separating data and voice traffic on the network. One benefit is that QoS (Quality of Service) can be applied to the voice traffic via VLAN tagging. VLAN tags are used to provide high priority to voice packets.
Using a VLAN for VoIP also prevents VoIP devices from competing with other traffic on the network, helping to avoid delays in delivering voice packets. A VoIP VLAN also makes it easier to troubleshoot VoIP issues since the VoIP traffic is isolated.
As mentioned, switches are typically used for creating VLANs. Some of Netgear’s Smart Switches, for example, have a Voice VLAN feature for configuring a port to carry IP voice traffic from IP phones on a specific VLAN.
However, small or home office setups can also configure VLANs to forward and receive IP traffic, since most premium routers are built for homes and small offices. Many home routers support Bridge and VLAN tagging. This is useful in connecting LAN-side devices like IP phones directly to a service provider, for example. When using hosted VoIP, the NAT (Network Address Translation) capability, which routers use to share the ISP’s one IP address to all devices on a private network, can cause issues with connecting IP phones behind a router.
Let’s use Netgear’s Nighthawk AC1900 (R7000) router as an example of how to set up VLAN for VoIP on a router. The Nighthawk router supports Bridge and VLAN tagging. If you have an IP Phone connected to your home network’s router, it’s pretty simple to set up bridge and VLAN tagging for your IP Phone. Navigate to the VLAN settings, which are usually in the Advanced Settings of a router’s management interface. Generally, this same process works for all routers.
Configuring VLANs in a Router
In most routers, VLAN configuration can be found in Advanced Settings. In the Nighthawk, VLAN/Bridge settings are in the “Advanced” section of the interface.
After selecting VLAN/Bridge Settings, the next step is to Enable Bridge Group. This will ensure that the packets sent between the device and the router’s Internet port are not processed through NAT. This can help if you have problems connecting your IP phone to a hosted VoIP provider’s service.
You can enable a bridge group for a phone that’s connected to the router via an Ethernet cable or Wi-Fi. In this example, I have a Grandstream IP phone connected to the fourth LAN port for the Nighthawk router. So, these are the settings I chose:
Hit “Apply” to save settings.
Next, I want to enable VLAN tagging to the bridge group I created. This will provide high-priority bandwidth to my IP phone.
I create a VLAN ID, set priority to High, and then check Port 4 where my IP phone is connected to my router. The VLAN capabilities in many consumer routers are a great way to explore whether you can improve or solve any issues you may have with your home office or small workgroup VoIP.
Note that VLANs can sometimes complicate network performance and lead to performance issues, especially on larger networks. However, if you have a consumer-grade router for your small business and you are having VoIP issues, checking out VLANs is worth a try.