Switch to Router QoS handoff questions

Answered Question
Aug 14th, 2009

Hi guys,

I have a question regarding a branch office design, and a Data Center design.

2960/3560/3750 L2 switches, The VOICE VLAN could be on router/or SVI on switch. My questions is, on the switch interface that connects to the router interface, do I need to add the "mls trust dscp" command to that interface, so the router does not have to mark the incoming packets on the ethernet interface?

Same question for Data Center design, where the router would be up stream from the access layer switches off our Core 6500 switches.

Thanks

Correct Answer by Edison Ortiz about 7 years 6 months ago

The trust will preserve the packet QoS marking but it won't impose a marking into the packet. If the packet is coming unmarked from the source, you need to implement some kind of marking with a MQC design of some sort.

In your case, the RTP traffic needs to be marked on ingress at the switch. Either the device itself is sending the packet market and you trust it or you need to implement a policy-map inbound from those devices.

As the packet moves towards the router, it's already marked and all you need is the trust dscp on the switchport facing the router.

The router will leave the packets untouched and markings will be preserved.

At the egress interface on the router, you may want to classify these packets for bandwidth guarantee or priority - you know the drill.

HTH,

__

Edison.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4.7 (3 ratings)
Loading.
Wilson Samuel Fri, 08/14/2009 - 07:00

Hi,

Technically Cisco recommends Classification and Marking at the Trust Boundries i.e. at the Access Layer of the Network.

Hence what I do, is

1. Classify and Mark at the Access Switches (we have combination of 3560 n 3750s) by following:-

a. enable mls qos

b. trust the dscp packets given by the cisco IP Phone

switch (config-if)#mls qos trust device cisco-phone

c. If you want you may enable Auto QoS as well, that configures the WTD (weighted taildrop) so that if there is any congestion, it will avoid it for the VoIP Packets (RTP and Ctrl)

Once this done, we can always configure the Queuing and if required link optimitzation on the Routers (WAN Interfaces) by using the Queing/Shaping/Policing etc as per the requirements.

Again, this is a broad idea, which can be tailred as per the requirements.

Hope that helps,

Kindly rate if it does help

Regards

Wilson Samuel

Edison Ortiz Fri, 08/14/2009 - 08:01

My questions is, on the switch interface that connects to the router interface, do I need to add the "mls trust dscp" command to that interface,

Yes.

When you enable QoS globally in the switch, all switchports will automatically become unstrusted so any packets entering the switch will be remark down to COS/DSCP 0.

By entering a trust dscp command, you are preserving any QoS markings sent by the connected device.

HTH,

__

Edison.

chuckholley Fri, 08/14/2009 - 09:31

Thank you for the response.

So the DSCP marking from the switch to the router ethernet interface is carried through on an interface that has the trust dscp command? Therefor, I do not need a policy on the ethernet interface of the router, marking RTP and call signaling packets inbound, and then applying the policy outbound on the serial interface?

I know, I could do that, but I am asking if the switch will carry the DSCP marking to the router, and I just need to apply the policy on the serial interface for packets marked EF.

Correct Answer
Edison Ortiz Fri, 08/14/2009 - 09:35

The trust will preserve the packet QoS marking but it won't impose a marking into the packet. If the packet is coming unmarked from the source, you need to implement some kind of marking with a MQC design of some sort.

In your case, the RTP traffic needs to be marked on ingress at the switch. Either the device itself is sending the packet market and you trust it or you need to implement a policy-map inbound from those devices.

As the packet moves towards the router, it's already marked and all you need is the trust dscp on the switchport facing the router.

The router will leave the packets untouched and markings will be preserved.

At the egress interface on the router, you may want to classify these packets for bandwidth guarantee or priority - you know the drill.

HTH,

__

Edison.

smallrain_2 Sat, 09/05/2009 - 07:39

Thanks Edison!

Here is a follow up question; if "auto qos voip trust" is configured on switchport that connected to rotuer, does router need same command on the its port connected to switch?

Or even necessary?

Thanks,

Edison Ortiz Sat, 09/05/2009 - 07:46

The command is similar to 'mls qos trust dscp' but it adds VoIP queueing support - 'priority queueing'.

Per the documentation:

Identify this port as connected to a trusted switch or router, and automatically configure QoS for VoIP. The QoS labels of incoming packets are trusted. For nonrouted ports, the CoS value of the incoming packet is trusted. For routed ports, the DSCP value of the incoming packet is trusted.

http://www.cisco.com/en/US/docs/switches/lan/catalyst3750/software/release/12.2_50_se/command/reference/cli1.html#wp2737523

So, I recommend using this command if not using the trust dscp command.

HTH,

__

Edison.

AJAZ NAWAZ Mon, 09/28/2009 - 02:00

Hi Edison,

Just picking up on this thread from earlier this month.

So you recommended using which command exactly please... was it auto qos voip cisco-phone for the switchport directly connected to the phone?, and auto qos voip trust configured under the interface attached to a routed/non-routed port?

tia

Ajaz

Edison Ortiz Mon, 09/28/2009 - 05:18

Ajaz,

That's correct.

The macro is different so it is recommended to use the correct option when applying to the interface. The options you've indicated are the correct ones.

HTH,

__

Edison.

Actions

This Discussion