Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

QoS Newbie question

Hello,

 

I have some newbie questions about QoS and VOIP.

 

My phones are Avaya and they tag VOIP traffic with DSCP 46. They are connected to 2960 switches. Thoses switches are connected to a pair of 6500 with sup2T. 

 

All I want to do is to be sure that switches along the way are using the EF queue for VOIP traffic.

All my phone ports have the command "mls qos trust dscp". I didn't enable QoS globally. With the current config, my tags are still present up to the 6500 so there's no dscp reset.

 

My questions are :

1- With the current config, even if tags aren't reset, do switches really use DSCP and use the EF ?

2- Is there way to see if packets are passed to the EF queue ?

3- It seems that 6500 ports are all trusted by default, am I right ?

 

I read of LOT of documentation but I can't seem to find my anwser. I don't need to create class or policy or shaping. I just want to trust the dscp from the phones and be sure that this traffic is prioritized along the way. From my reading, it seems just trusting dscp from device should be OK. I just need a way to verify that the EF queue is used.

 

thank you !

5 REPLIES

Hello.Unless you enable QoS

Hello.

Unless you enable QoS with "mls qos" global configuration, switch offers best-effort service to each packet, regardless of the packet contents or size, and sends it from a single queue.

If you enable QoS, EF packets would be put into queue 1, that might be a priority queue.

PS: the best practice is to put IP-phones into dedicated voice VLAN and trust COS (not dscp) on the ports.

Super Bronze

DisclaimerThe Author of this

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

Vasillii, my understanding is a little different on a couple of points.

 

If you enable QoS, EF packets would be put into queue 1, that might be a priority queue.

Where EF packets go, very much depends on the device.  Some older devices by default, don't process L3 ToS but only look at L2 CoS.
 

PS: the best practice is to put IP-phones into dedicated voice VLAN and trust COS (not dscp) on the ports.

The trouble of trusting L2 CoS, it requires tagged VLANs, end-to-end, and it's lost at each L3 hop unless reset.  (It's also not as granular as L3 ToS.)  Where possible, I believe better practice would be to work with the L3 ToS and only use L2 CoS if that's all that's available.

Hello.The original post

Hello.

The original post stated, that 2960 switches are in use, that is why I wrote about queue 1.

Also it was about AVAYA, so I wrote about best practice to use voice vlan, so that PC (connected through the phone) could be assign to different VLAN.

PS: L2 CoS doesn't require tagged end-do-end, because switches (if trust cos) apply respective DSCP value (unless DSCP rewrite is disabled).

Super Bronze

DisclaimerThe Author of this

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

The original post stated, that 2960 switches are in use, that is why I wrote about queue 1.

It also mentioned sup2T too, and you didn't mention in your post you were just describing the 2960 QoS.

However, specific to a 2960, I believe QoS is disabled by default, so there's no queue 1 unless you first enable QoS (as you noted).  But then, I also recall, a 2960, by default with QoS enabled, will not trust any ingress CoS or ToS, so all traffic that enters an ingress port will lose its marking and so also by default will not be sent to queue 1 (which you didn't note).

Lastly, where different marked packets that are trusted are directed depends on markings to queue mappings, which, by default, for a CoS 5 or ToS DSCP EF, I believe, will be directed to queue 1 (also as you noted).  However, you can also have the (unusual) situation where the CoS and ToS are not "congruent".  For example if CoS is zero and ToS is DSCP EF or CoS is 5 and ToS is DSCP BE; then to which egress queue should the packet is sent?

If we review the sup2T, its QoS architecture is much different and depends on installed line cards (not mentioned in OP).

So, I realize we often use generalizations, but I thought it important to note where EF marked packets go is very dependent on the device.

 

Also it was about AVAYA, so I wrote about best practice to use voice vlan, so that PC (connected through the phone) could be assign to different VLAN.

I didn't disagree with placing VoIP in its own VLAN, only using CoS marking as the principle QoS marking.
 

PS: L2 CoS doesn't require tagged end-do-end, because switches (if trust cos) apply respective DSCP value (unless DSCP rewrite is disabled).

I'm unsure what you're saying here.  You can, of course, often generate ToS markings from CoS markings, but if you already have ToS, why bother unless you have older L2 switches that cannot "read" ToS.  Also, if you actually generate ToS from CoS, you can lose information.  For example, with DSCP I might have CS4, AF41, AF42 or AF43, but only CoS 4.  So, why "trust COS (not dscp)"?

Perhaps you're thinking of the situation you mention with Avaya were you have both an Avaya phone and PC on the same physical port.  You want to "trust" the Avaya's markings but not the PC's markings.  So, you may be thinking you can distinguish between the two hosts on the port because the Avaya's packets are VLAN tagged, and being VLAN tagged, have CoS.

Well if that's what you're thinking, that's all true, but since the Avaya phone and PC are in different VLANs, you can also just as easily (on many Cisco switches) have VLAN based trust policies, i.e. you accept ToS markings from a VoIP VLAN but not a data VLAN.

Super Bronze

DisclaimerThe Author of this

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

Generally, Cisco switches and routers often "ignore" ToS unless you configure them to do otherwise.

Many modern switches can process L3 ToS, including DSCP EF.

Yes, there's often a way to see stats for what's seen and QoS processed on a Cisco device.  How depends on model and sometimes installed IOS version.

Whether a 6500 trust by default, I believe depends on the sup.  720s and earlier do not.  Sup2T might.  For many Catalyst switches, it also depends on whether QoS has been globally enabled.

BTW, just trusting DSCP does not often provide different treatments per marking.

95
Views
0
Helpful
5
Replies
CreatePlease to create content