Nortel has adviced us to set access ports on our 3560 switchs to "mls qos dscp trust." Upon testing, I notice that when I do the "msl qos int status" command, that packets marked dscp 46 show up proberly on the "incoming dscp" field, but in the "outgoing dscp" field they are maked to zero. Why is the switch marking down the packets with the trust command in place? The expedite queue is also enabled.
Trust is an "ingress" function . What that means is when a packet enters a switch with a certain dscp and trust is anbled , we make sure the packet leaves the switch with the same dscp value. Egress dscp being shown as 0 has not much to do with the trust configured on that particular interface , but trust configured on other interfaces . The reason I say that packets leaving this port must be coming from "other" ports in the switch and what you should look for to make sure is that does the port from which the traffic is coming in trying to go out of this port , does that have a trust enabled on it & if so , is it trust cos or trust dscp. A lot of times , people have "trust cos" enabled on uplink ports and the vlan that the packet might be coming on happens to be a native vlan and wont be carrying any type of cos value. I would start by changing the trust cos to trust dscp on an uplink port and see if that helps. If that does not help , that pretty much means traffic might be coming in untagged ( with no dscp or cos value ) from wherever its coming.
If I understand you correctly, I am mis-reading the output from the "show msl qos interface stat" command. Check me on this; If I see a packet ingress g0/12 with dscp=46, and it is destined for a node via an uplink on g0/1, and the egress queue of g0/1 shows it leaving the switch with dscp=46, I'm good. Do I have it right, because if I understand you correctly, I think you just pointed me in the right direction.
Hi everyone, I would like to thank you in advance for any help you can provide a newcomer like myself!
Im studying the 100-105 book by Odom and am currently on the topic of Port security. I purchased a used 2960 and I'm trying to follow a...
While deploying a number of 18xx/2802/3802 model access points (APs), which run AP-COS as their operating platform. It can be observed on some occasions that while many of their access points were able to join the fabric WLC withou...
I am going to design and build an LAN network under a tunnel underground with long distance between the switches.
I will have 2 Catalyst switches and 8 Industrial IE3000, and they will be connected with fiber.
For now I am planning on use Layer-2 s...