In our Cisco Catalyst network we are using QoS.
Traffic entering Catalyst Ethernet ports is marked with IP DSCP bits (User CPE equipment set DSCP).
We are using "mls qos trust dscp" command for automatic traffic classification.
Everything seems O'k.
But in some places in network traffic entering Catalyst trunk ports is actually double tagged (two VLAN tags, QinQ).
Does switch in this case recognize correctly IP traffic inside double tagged Ethernet frame? Or switch will interprete payload inside Ethernet frame like non-IP traffic ?
If single tagged customer traffic is entering Cisco Catalyst dot1q-tunnel ports (switch add second VLAN), does in this case switch correctly recognize IP traffic?
What is the order of operations ?
Switch add second VLAN and try to classify traffic (according to mls qos trust dscp command) or vice versa ?
Cisco Catalyst 3560. SW 12.2 (25) SEE
In that case, no. there is no way to detect the inner dscp/ip and classify based on that. It is not supported on a double tagged frame / tunnel port.
Atleast not in c6500 / 7600. I also tried that. You can classify based on dscp only for a single tagged frame coming on a trunk port ( or untagged on access port).
One thing we should notice is that cisco uses the same ethertype even for the outer tag. This wouldnt let the switch to know how to interpret the inner packet.