as per cisco doc, above command automatically enables "mls qos trus cos" and "mls qos trus dscp". with this being said, would switch trust dscp and cos values from PC connected to IP phone as well or it would trust dscp & cos only from ip phone?
what is the best practice to deploy qos on access ports on 3750 or any other switch?
What you are asking about is called a conditional trust where you tell a switch port to only trust specific devices. You can do this by device type:
you can use the command "mls qos trust device cisco-phone" at an interface level to instruct the switch to inspect CDP packets to ensure the device you are trusting is a phone. This is what the "auto qos voip cisco-phone" macro command is doing.
Another way to do a conditional trust is to apply an ingress policy on an interface. You create class-maps and policy-maps globally and then apply them to an interface. The "auto qos voip cisco-softphone" macro command actually creates the policy and applies it to the interface.
You can read up on what the auto qos commands are actually doing for you here:
As far as best practice, well that is a matter of opinion. The Cisco QoS SRND is a very good resource and worth the read. It will lay out several options for you. You need to understand your overall QoS design requirements and objectives before you go applying commands though. You have to think about voice, video, streaming, etc. But you also need to think about missiion critical data traffic that you or your company may care about.
Getting back to the network edge. Personally, I prefer to not trust on the edge. I like to use a class-map which leverages access lists to provide some granular control. More granular than what auto qos voip cisco-softphone gives your, to be sure. Anyway, just my opinion.
Are you getting this error “Installer User Interface Mode Not Supported. The installer cannot run in this UI mode. To specify the interface mode, use the -i command-line option, followed by the UI mode identifier. The value UI mode identifiers...
The below trick might come handy when you have to add a new node to a cluster but you don't have or is unsure of the security password for the publisher. This procedure has been around for ages.
1) Login into the CLI of the Publisher.