no trust of cisco device in 6500 ios code

Answered Question
Apr 8th, 2010
User Badges:

had to upgrade ios code today and noticed the "mls qos trust device cisco-phone" command is no longer available.  This customer uses the trust on a cisco device per their standards.  Anyone know why this is gone from 6500 LAN switches, when it changed etc. ???  Looking for any links to information to explain what dictates why the command would or would not appear today.


thx in advance,

dave


this is on 12.2(33)SXH6 on SUP32, they were previously on sup2's

Correct Answer by allan.thomas about 7 years 2 months ago

Hi Dave,


The issue I believe is that the trust boundary device feature is not supported until release 12.2(33)SXI1 or later.  Below is an extract taken from the 12.2(SX) Configuration guide:-


http://www.cisco.com/en/US/partner/docs/switches/lan/catalyst6500/ios/12.2SX/configuration/guide/qos.html#wp1944298


Configuring Trusted Boundary with Cisco Device Verification

Release 12.2(33)SXI1 and later releases support the trusted boundary  with Cisco device verification feature, which configures Ethernet LAN  ports to use CDP to detect whether or not a Cisco IP phone is attached  to the port.

If CDP detects a Cisco IP phone,  QoS applies a configured mls qos trust dscp, mls qos trust ip-precedence, or mls  qos trust cos interface command.

If CDP does not detect a Cisco  IP phone, QoS ignores any configured nondefault trust state.

To configure trusted boundary with Cisco device verification, perform  this task:


Command
Purpose

Step 1 

Router(config)#  interface {{type1 slot/port} |  {port-channelnumber}}

Selects the interface to configure.

Step 2 

Router(config-if)#  mls qos trust device  cisco-phone

Configures trusted boundary with Cisco device verification.

Step 3 

Router(config-if)#  end

Exits configuration mode.

Step 4 

Router# show queueing interface type1 slot/port |  include [Tt]rust

Verifies the configuration.

1 type = fastethernetgigabitethernet, tengigabitethernet.


When configuring trusted boundary with Cisco device verification, note  the following information:

CDP must be enabled on the port  to use trusted boundary with Cisco device verification


Regards

Allan.


Hope this helps, pls rate helpful posts.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
allan.thomas Thu, 04/08/2010 - 15:39
User Badges:
  • Blue, 1500 points or more

Hi Dave,


The issue I believe is that the trust boundary device feature is not supported until release 12.2(33)SXI1 or later.  Below is an extract taken from the 12.2(SX) Configuration guide:-


http://www.cisco.com/en/US/partner/docs/switches/lan/catalyst6500/ios/12.2SX/configuration/guide/qos.html#wp1944298


Configuring Trusted Boundary with Cisco Device Verification

Release 12.2(33)SXI1 and later releases support the trusted boundary  with Cisco device verification feature, which configures Ethernet LAN  ports to use CDP to detect whether or not a Cisco IP phone is attached  to the port.

If CDP detects a Cisco IP phone,  QoS applies a configured mls qos trust dscp, mls qos trust ip-precedence, or mls  qos trust cos interface command.

If CDP does not detect a Cisco  IP phone, QoS ignores any configured nondefault trust state.

To configure trusted boundary with Cisco device verification, perform  this task:


Command
Purpose

Step 1 

Router(config)#  interface {{type1 slot/port} |  {port-channelnumber}}

Selects the interface to configure.

Step 2 

Router(config-if)#  mls qos trust device  cisco-phone

Configures trusted boundary with Cisco device verification.

Step 3 

Router(config-if)#  end

Exits configuration mode.

Step 4 

Router# show queueing interface type1 slot/port |  include [Tt]rust

Verifies the configuration.

1 type = fastethernetgigabitethernet, tengigabitethernet.


When configuring trusted boundary with Cisco device verification, note  the following information:

CDP must be enabled on the port  to use trusted boundary with Cisco device verification


Regards

Allan.


Hope this helps, pls rate helpful posts.

DAVE GENTON Fri, 04/09/2010 - 05:09
User Badges:

That's exactly what I was looking for, thanks so much.  Guess I assumed it was available cross the board since I have been using it

for nearly 12 years....on the 6500 will that trust command be new in IOS and was only previously in the CatOS ???  I swore I used that in IOS prior.

...I guess I didn't


Dave

Actions

This Discussion