2960 QoS and Port-Security Template

Unanswered Question
Jul 18th, 2009

I've been burned a few times by Port-Security and having ports err-disabled due to it…any thoughts on this template for my 2960 switches. Came from the WebGUI port-macro thing….unfortunately this is from remote lab and I don't have anything in front of me to test;

config t

!

udld aggressive

!

mls qos srr-queue output cos-map queue 1 threshold 3 5

mls qos srr-queue output cos-map queue 2 threshold 3 3 6 7

mls qos srr-queue output cos-map queue 3 threshold 3 2 4

mls qos srr-queue output cos-map queue 4 threshold 2 1

mls qos srr-queue output cos-map queue 4 threshold 3 0

!

mls qos rewrite ip dscp

!

macro global description cisco-global

!

errdisable recovery cause link-flap

errdisable recovery interval 60

!

spanning-tree mode rapid-pvst

spanning-tree loopguard default

mls qos rewrite ip dscp

!

interface range f0/1 - 48

description Host/IP Phone

no shutdown

switchport access vlan 2

switchport mode access

switchport voice vlan 3

switchport port-security maximum 2

switchport port-security

switchport port-security aging time 2

switchport port-security violation restrict

switchport port-security aging type inactivity

mls qos trust cos

spanning-tree bpduguard enable

macro description cisco-phone

spanning-tree portfast

end

We plug in phones, then PC to back of phone. Also I'm thinking for 7911/79411 phones I should have just “mls qos trust”. Also the LAN Lite 2960 doesn't have “auto-qos voip Cisco-phone” so I have to manully set qos … You get what you pay for….

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.

Actions

This Discussion