No one actually running an enterprise level network would have ever came in here to ask this kind of question.
No matter how convoluted the SMB and SME sector tries to make their networks in the name of “security”, it will not actually make it a quality enterprise network.
In the SMB/SME space there is pretty much zero need, ever, for a VLAN for anything besides a guest WifFi network or IoT device network.
Having a network infrastructure that has multiple subnets, DHCP servers, routing based on subnets, etc, etc, etc… All of that can be done with out VLANs because it can be done physically in various ways. The downside to that is you need to do it physically which usually means running multiple drops to the same places and having more physical equipment involved. So again, no VLANs but the same result but as I just said a PITA overall when things start to get more complex. This is when you bring in VLANs.
VLANs will let you handling the broadcast and routing of your multiple networks logically over a single physical infrastructure. So now instead of having multiple drops to multiple switches you know have a single drop to a single switch. On that switch you can then logically define (software) which of the physical interfaces should have what subnets (VLANs) routed on it.
VLANs are a method in which to do something that can be done with out them. They are the preferred way, the better way but it doesn’t make them the way because at the end of the day it’s just routing that traffic based on the VLAN tags. What they can access, what they can do, where they can route to is 100% on the admin running the network. Hell in some cases traffic could ingress to a switch (from the user’s device) and the switch could completely strip that VLAN tag on ingress and then re-tag it on egress from the switch.
So at any point switches or routers in the physical path could take those VLANs, strip them, modify them, add new ones, anything is possible because’s all logical.
If you are calling me stupid for asking a reasonable question, so be it… And if you actually read my original question it is about any FreePBX benefits from using QOS and or VLAN segregation on a lightly loaded high bandwidth network - is it needed or just nice to have.
Well for me my answer doesn’t change on that. Is this something that is needed? Or just nice to have? If you want to have your voice handled on it’s own subnet, then go for it. There is nothing wrong with that. If you need to logically route that subnet like any others you have, then you’ll need a VLAN.
As for QoS, again that is something that only you can decide. If you want to guarantee that your voice also has priority and/or X amount of bandwidth on the network then you’ll need to setup queues or however your switches/routers do prioritizing traffic.
So let me pose a question to you. Based on your network layout, business needs or issues with bandwidth and voice quality (if any) do you need either VLANs or QoS? You’re saying you already have multiple VLANs (thus subnets) so that means the voice has to go on an existing VLAN (subnet) or you create a new VLAN (subnet) or you leave it untagged on VLAN1 which should be the default subnet. Which one works the best for your needs/requirements on the network?
So yeah there can be benefits but there can also be downsides. The need is going to be something that you have to determine. Once you determine what your needs are we can help you implement them if you need help or have questions but we can’t tell you what is best for you existing network as you should be the one that knows best.
WTF is this all about?
VLAN’s work and are low cost to implement (at least on linux)
VLAN’s isolate traffic, especially broadcast traffic
RTP traffic really appreciates QOS/TOS requests.
So . . .
Do you NEED VLAN’s? answer likely is no.
Do they help to manage traffic ? , answer yes of course.
Does your Firewall/router honor such QOS/TOS? , if it doesn’t then you need to move the traffic shaping before it hits the router. (You can do QOS/TOS on any network, but it needs to be honored at the point of egress.)
Do you have a router with a plurality of network interfaces? , Then good mark each as appropriate and massage as required, if not no problem, use VLAN’s for segregation and mark the VLAN’s at the point of origination.
A simple consumer grade router, might honor (pass-through) QOS/TOS that was qualified before the traffic hits it. But even if it didn’t then if you control the presented interface ( your LAN) then traffic will be shaped accordingly.
So, IMHO everybody is sometimes right here, but pragmatically “does it actually work for you”? I personally have never found a “one size fits all” in ANY situation 
This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.