Trust CoS

Unanswered Question
Jul 15th, 2008
User Badges:

hi Switching Gurus,

My setup is as follows,

access switch --> distrribution switch--> core switch --> router.

I want to achieve end-end QoS for VoIP and on the Access switch we are doing "trust DSCP".

On the trunk interfaces am I supposed to do "trust CoS" or the CoS to DSCP mapping will automatically priotize CoS 6 and 3 traffic on the trunk ports?


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Collin Clark Tue, 07/15/2008 - 05:20
User Badges:
  • Purple, 4500 points or more

You don't need to do anything on the trunk ports. If you really want to trust on them, trust DSCP. You really only need to trust CoS when DSCP is not available (legacy switches).

Hope that helps.

tdrais Tue, 07/15/2008 - 05:28
User Badges:
  • Blue, 1500 points or more

I really wish the switches would just leave the layer 3 packet markings alone. Since almost all switches are wirespeed/non-blocking I can't see where you are going to get a layer 2 bottleneck that CoS can solve.

I tend to try to always trust the DSCP because the DSCP has more bits/values than the CoS. Since the mappings are not 1-1 you lose data as you pass convert from dscp-CoS-dscp.

On a trunk port if you trust the CoS you run into the nasty problem of the native vlan not having CoS so it set the DSCP to zero for all packets. So I would always trust the DSCP on a trunk port.

Most the time my goal is to just keep my packet markings from getting destroyed by switches since only when the traffic finally gets to a wan router do I need to worry about traffic queues.

saimbt Tue, 07/15/2008 - 06:40
User Badges:

I am unable to underastand a point here. If my trunk port is on dot1q which is L2, how can it understand DSCP which primarily is L3 information

tdrais Tue, 07/15/2008 - 08:18
User Badges:
  • Blue, 1500 points or more

It is really only using the layer 2 CoS values it just modify the CoS values based on the DSCP before he makes the CoS queuing decision if you have it set to trust dscp.

Unless you are going to configure wrr or something the CoS marking will have little effect anyway.

This trust stuff is just way to copy the markings just so you don't have to put big packet marking filters in on all your layer 2 ports.

So far I can't think of real useful case where you want to trust cos and modify your layer 3 markings.

The biggest reason I even use the trust command is because the default on some switches is to trust nothing and set everything to 0


This Discussion