neesharm Tue, 05/08/2007 - 01:07
User Badges:
  • Bronze, 100 points or more

Packets entering a quality of service (QoS) domain are classified at its edge. Because the packets are classified at the edge, the switch port within the QoS domain can be configured to one of the trusted states; there is no need to classify the packets at every switch within the domain. Use the mls qos trust command to specify whether the port is trusted and to indicate which fields of the packet are for the classifying of traffic.

When a port is configured with trust DSCP and the incoming packet is a non-IP packet, the CoS value for the packet is set to 0, and the DSCP-to-CoS map is not applied.

If DSCP is trusted, the DSCP field of the IP packet is not modified. However, it is still possible that a DSCP-to-CoS map can modify the CoS value of the packet.

If CoS is trusted, the packet CoS is not modified. However, a CoS-to-DSCP map could still modify the DSCP value of the packet if it is an IP packet.

Use the show mls qos interface privileged EXEC command to verify your settings.


The following example shows how to configure a port to be a DSCP-trusted port:

Router(config)# interface gigabitethernet0/1

Router(config-if)# mls qos trust dscp

The following example shows how to configure a VLAN interface to be a DSCP-trusted port. DSCP-to-COS mapping occurs for all packets that have the configured VLAN ID of 60 and that are egressing from the CPU to the physical port.

Router(config)# interface vlan 60

Router(config-if)# mls qos trust dscp

Yes! Definitely. Make sure to apply mls qos trust dscp on the BCM server ethernet connection & the router (if you are using the router for any outbound VoIP). Also important to make sure you use the mls qos trust dscp applied to every uplink to every other switch as well AND on the switchports for the IP phones themselves. It's best if you have 2 VLANS setup: one for voice and one for data. If you are using the same VLAN for your computer and VoIP traffic, this could lead to problems down the line and all providers don't recommend this (Avaya, Cisco, Nortel, etc).


Don't forget to enable qos GLOBALLY on EACH SWITCH in your LAN via a mls qos command. Otherwise, the mls qos trust dscp commands won't mean a thing if you apply them.

If you'd like me to send you recommended running-config setups for your IP phone interfaces, let me know.


This Discussion