VoIP Basics
What It Is
Voice over IP carries call signaling and media over packet networks. Signaling sets up, changes, and tears down calls. Media usually flows as RTP or SRTP between phones, gateways, SBCs, conferencing services, or cloud calling platforms.
Modern voice work is less about one PBX and more about end-to-end readiness: switching, PoE, VLANs, DHCP options, DNS, QoS, firewall policy, NAT traversal, SBCs, certificate trust, and cloud service reachability.
Core Pieces
| Piece | Role |
|---|---|
| SIP | Common call signaling protocol |
| RTP | Real-time media transport |
| SRTP | Encrypted RTP media |
| RTCP | Media quality reporting and control |
| SBC | Session border controller for policy, NAT, security, and interconnect |
| Codec | Converts audio to packet payload |
| Jitter buffer | Smooths packet delay variation |
| PoE | Powers phones and access points |
Modern note: Phone registration working does not prove media works. Signaling and RTP/SRTP often take different paths and use different ports.
Common Codecs
| Codec | Typical Bitrate | Notes |
|---|---|---|
| G.711 | 64 kbps | High quality, common LAN and PSTN interop |
| G.722 | 64 kbps | Wideband audio |
| G.729 | 8 kbps | Low bandwidth, licensing and quality tradeoffs |
| Opus | Variable | Common in modern collaboration apps |
| iLBC | 13.33 or 15.2 kbps | Legacy packet-loss resilient codec |
Watch out: Codec bitrate is not total wire bandwidth. Add IP, UDP, RTP, Ethernet, VLAN, tunneling, and security overhead.
Call Setup Path
| Step | What Happens |
|---|---|
| Power | Phone receives PoE or local power |
| VLAN | Phone learns voice VLAN via CDP, LLDP-MED, or manual config |
| Addressing | Phone gets IP, gateway, DNS, and vendor options |
| Provisioning | Phone downloads config or contacts cloud service |
| Registration | Phone registers to call control |
| Signaling | Call is set up with SIP or another signaling protocol |
| Media | RTP or SRTP flows between endpoints or media relays |
Access Switch Port
Cisco-style phone plus PC port:
interface GigabitEthernet1/0/10
description Desk phone plus workstation
switchport mode access
switchport access vlan 20
switchport voice vlan 30
spanning-tree portfast
power inline auto
auto qos voip cisco-phoneManual QoS trust pattern:
interface GigabitEthernet1/0/10
mls qos trust device cisco-phone
mls qos trust cosNotes:
- Exact QoS commands vary by switch family and software release.
- Trust the phone, not an arbitrary PC.
- LLDP-MED is often better than vendor-only discovery in mixed environments.
PoE
| Standard | Common Name | Notes |
|---|---|---|
| IEEE 802.3af | PoE | Older phones and low-power endpoints |
| IEEE 802.3at | PoE+ | Higher power phones, APs, cameras |
| IEEE 802.3bt | PoE++ | High-power APs, cameras, displays |
| Cisco pre-standard | Inline power | Legacy Cisco environments |
Watch out: A switch can have enough per-port power but not enough total power budget for all ports.
QoS Targets
| Traffic | Common Marking | Notes |
|---|---|---|
| Voice RTP | DSCP EF 46 | Low delay and jitter |
| Voice signaling | CS3 or AF31 | Keep consistent with local standard |
| Video media | AF41 or service-specific | Validate app guidance |
| Default data | BE 0 | Normal traffic |
| Scavenger | CS1 | Backups, guest, low priority |
Design note: QoS must be applied where congestion happens: WAN edge, Wi-Fi, VPN headend, SD-WAN overlay, or provider handoff.
Cloud Calling And Meetings
| Area | What To Verify |
|---|---|
| DNS | Service discovery and certificate names resolve correctly |
| Firewall | Required ports and destinations are allowed |
| NAT | Media paths, symmetric NAT behavior, and SBC policy |
| TLS | Certificates and inspection bypass where required |
| QoS | DSCP preservation or remarking through edge and WLAN |
| Wi-Fi | Voice SSID, roaming, airtime, retries, and WMM |
| Monitoring | MOS, packet loss, jitter, latency, and call detail records |
Watch out: TLS inspection, proxying, or blocked UDP can force media relay paths and degrade meetings even when calls still connect.
Troubleshooting
| Symptom | Check | Likely Cause |
|---|---|---|
| Phone will not boot | PoE class, power budget, cabling | No power or bad pair |
| No registration | VLAN, DHCP, DNS, TFTP/cloud reachability | Provisioning path broken |
| One-way audio | NAT, ACL, RTP path, codec, SBC | Signaling works, media path fails |
| Poor audio | Loss, jitter, queue drops, Wi-Fi retries | Congestion or RF issue |
| Calls drop | SIP timers, firewall timeout, ALG, SBC logs | Stateful middlebox issue |
| Video poor but voice fine | Bandwidth, QoS class, app policy | Media class or capacity issue |
| Only cloud meetings fail | URL/IP allowlists, UDP blocked, TLS inspection | Service edge policy |
Commands
show power inline
show cdp neighbors detail
show lldp neighbors detail
show interfaces switchport
show interfaces status
show policy-map interface
show access-lists
show logging | include PHONE|POWER|LINEPROTOExpected clues:
- Phone is in the voice VLAN and PC is in the data VLAN.
- DHCP options and DNS point to the intended call services.
- RTP/SRTP packets are not blocked by ACLs or NAT.
- QoS class counters increment during calls.
- Wi-Fi voice clients have acceptable RSSI, SNR, retry rate, and roaming behavior.
Watch Out
- Do not trust call signaling as proof of media quality.
- Do not let SIP ALG modify traffic unless you know it is required.
- Do not ignore PoE budget during phone or AP refreshes.
- Do not classify voice only at the LAN edge and forget the WAN or Wi-Fi bottleneck.
- Do not assume cloud collaboration apps use the same ports and paths forever.