switchport priority extend { cos (value) /trust}

sarahr202 · ‎01-01-2009

Hi every body!

I have few questions about the command:

switchport priority extend{ cos(value) /trust}.

1) If I use the command as:

"switchport priority extend"

only without any options, what would be the deault option set?

2) Ip phone has a port for Pc connection which is always in access mode.

The link between PC and ip phone is access link not trunk which means Pc can not use cos values as there is no trunking encapsulation being used.

Keeping in mind the above facts, how could the command" switchport priority extend { cos(value)/ trust}" instruct the PC to use cos value? My hunch is PC derive the dscp value from cos value instructed by the ip phone. Pc then uses this dscp value in ip header. Ip phone then derive the cos value from dscp value and use that cos value in dot1q header before forwarding the frame to connected to switch.

My hunch raises another question. So when ip phone receives frame with dscp value on its access port, Will ip phone drive the cos value from dscp to place the frame in apropiate queue at its port connected to pc after all ip phone is switch ?

3)The command " switchport priority extend{cos(value /trust} " is ineffective if we omit the option "trust"

Without that option ip phone would not trust cos value and will set the deafault to zero. The end result is using the command without " trust" option is as good as not using that command at all because by deafault ip phone set the cos value to zero.

I would really appreciate any help!

thanks a lot!

Jon Marshall · ‎01-03-2009

Sarah

1) This is linked to question 3 really. There is no point in using the command without either the trust or cos because as you say it will use the default setting on the port which is to set the CoS value to 0.

2) Based on your assumption there is no point in the command. The "switchport priority extend .." command is an instruction from the switch to the IP Phone. It is not an instruction from the IP Phone to the PC.

But the assumption is not necessarily correct. The IP Phone could receive tagged packets from the PC and this is what the "switchport priority extend .." command is for ie. setting the trust boundary. Do you want to trust the PC markings or do you want to remark any CoS values that might be received in the packets. See this link "Understanding the Voice Vlan" where it clearly states that the IP Phone could be receiving tagged traffic from the PC -

http://www.cisco.com/en/US/docs/switches/lan/catalyst3560/software/release/12.2_44_se/configuration/guide/swvoip.html#wp1033848

Jon

sarahr202 · ‎01-03-2009

Thanks Jon for your reply!

I understand now if I use the command " switchport priority extend cos 5" it tells the ip phone do not set cos value in pc frame to default zero, but set cos to 5.

while " switchport priority extend trust" will tell the ip phone to trust cos value in pc frame.

But according to my book IP phone' port connected to pc is access port. pc connected to ip phone's access port can not tag the frame with cos because it requires trunking between pc and ip phone. The reasons why there is no trunk between pc and ip phone' access port:

1) In order for trunk to form, both ends must trunk. Here in our case,Ip phone's port connected to pc is access port, thus trunk can not form.

2)PC can not tog the frame as it can not form trunk with ip phone.

The only thing i can think of, pc must mark dscp value, when ip phone receives the dscp value, it could use the dscp map to find the cos value before ip phone sends the frame to switch . Any correction ?

thanks a lot!

Jon Marshall · ‎01-03-2009

Sarah

This is a very good question. I believe the answer is in the fact that a switch will accept a packet on an access port that is either

1) untagged

2) tagged with the vlan ID that the access port is in

Because of 2 i believe that the PC could tag the packet with a vlan ID of the access port vlan ID on the IP Phone and then within the tag it could set the 802.1p markings.

If this is not the case then i too am at a loss as to how the PC could send 802.1p markings.

Jon

sarahr202 · ‎01-03-2009

Thanks for the link. However that link raised some more questions. I will quote from the link to provide context.

"You should configure voice VLAN on switch access ports; voice VLAN is not supported on

trunk ports. You can configure a voice VLAN only on Layer 2 ports"

The question is how is it possible to configure voice vlan on access port at the same time the same port is used as trunk. .According to my cisco book ip phone's port will form trunk with switch port using dtp.

Also tagging can only be carried in frames if trunk is use. So if switch port is using tagging in frames from ip phone clearly trunk is operating .

"In untrusted mode, all traffic in IEEE 802.1Q or IEEE 802.1p frames received through the access

port on the Cisco IP Phone receive a configured Layer 2 CoS value. The default Layer 2 CoS value

is 0. Untrusted mode is the default."

The question is how can ip phone receives tagged frames from pc, as pc can not form trunk with ip phone's access port.

default vlan:

'This example shows how to configure a port connected to a Cisco IP Phone to use the CoS value to

classify incoming traffic, to use IEEE 802.1p priority tagging for voice traffic, and to use the default

native VLAN (VLAN 0) to carry all traffic"

I thought the default native vlan is vlan 1 but the link says it is vlan 0

thanks a lot!