I have a simple question... I have a router and a switch in which, according to the dscp value of the packets, I have to give them high or low priority (eg: dscp = 1 then high priority; dscp = 0 then low priority).
Each packet already has the DSCP value and each one must keep the same DSCP value that already has.
I don't know much (yet) about establishing priorities in a router/switch... Can anyone give me a hand on this?
QoS has taken me a fair few years to get the point where i'd say I understand it! Having a read through the documentation will help but so will having a clear idea what you want to do. In my experience a lot of time was wasted in my labs 'playing' with QoS as I did not have any exact plan or or expected outcome.
That said there are a few things I can say about your stated topology. Assuming your router has two interfaces, one on the inside and one on the outside:
- Typical QoS best practice states you should mark as close to source as possible. These marking should classify thraffic against some administratively defined set of classes. The Cisco 2002 QoS baseline and RFC 4594 give good guidelines on such classes and classifications.
- I generally apply a policy map on the users access port classifying traffic as above. Thjs ensures all traffic has a DSCP value applied on ingress to the network.
- Now the bit I think you'll be most interested with is you can do a 'mls qos trust dscp' on the switch ports that connect to your router. By default a router will remark the DSCP value of incoming packets to 0. Unfortunately routes do not allow for the trusting of DSCP values so an ingress policy map is needed to ensure you match the existing DSCP.
- Once packets have arrived at the router with the needed DSCP values a corosponding policy map can be created on the egress interface to shape or police as needed. Say to The Internet.
- You would generally create an inbound policy map to classify and mark ingress traffic to the router. Say from The Internet, which by default will leave the router with the same DSCP value. If you have applied a trust boundary to the switch port then the DSCP will be honored and send onwards to the client.
A simple config such as yours can quickly become a LOT of extra config to add to the boxes so go easy and take your time.
Please go through the following link in detail.
Pls let me know if you need any help.