Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1299
Views
0
Helpful
3
Replies

650x trust boundary implementation

useridcisco
Level 1
Level 1

‎09-12-2010 04:03 AM - edited ‎03-01-2019 02:21 PM

As far as I know and could find in cisco.com

line cards in 650x platform have

different trust boundary implementations.

For example, if all input traffic should be trusted

on some line cards you have to apply

a policy-map to the interface

policy-map TRUST

  class TRUST

      trust dscp

on some others you configure in interface-mode

mls qos trust dscp

Consequently, a port trust state is shown differently.

In the first case you’d use

show queueing interface

in the second example,

show mls qos ip

probably because of the underlying hardware

performing the QoS operation (PFC/ASIC).

Can anyone point me to more specific documentation?

Labels:
0 Helpful
3 Replies 3

useridcisco
Level 1
Level 1

‎10-03-2010 06:21 AM

Limitations of the WS-X6248-xx, WS-X6224-xx, and WS-X6348-xx Line Cards

http://www.cisco.com/en/US/products/hw/switches/ps700/products_tech_note09186a008014f8a8.shtml#topic5-3

Understanding Quality of Service on the Catalyst 6500 Switch (CCO required)

http://www.cisco.com/en/US/partner/prod/collateral/switches/ps5718/ps708/white_paper_c11_538840.html

Extract from CLT (CCO required)

'You can enter the mls qos trust command to set the trusted state of an interface. For example, you can set whether the packets arriving at an interface are trusted to carry the correct CoS, ToS, and DSCP classifications.

The cos keyword is not supported for pos or atm interface types.

You cannot configure the trust state on FlexWAN modules.

You cannot configure the trust state on 1q4t LAN ports except for Gigabit Ethernet ports.

Ingress-queue drop thresholds are not implemented when you enter the mls qos trust cos command on 4-port Gigabit Ethernet WAN modules.

Use the set qos-group command to set the trust state on Layer 2 WAN interfaces.'

The above provides some insight, still it lacks of specific correlation.

0 Helpful

useridcisco
Level 1
Level 1
In response to useridcisco

‎10-03-2010 10:48 AM

Errata. In the first post the commands reference is inverted. It should be

policy-map TRUST - show mls qos ip

mls qos trust dscp - show queueing interface

0 Helpful

useridcisco
Level 1
Level 1
In response to useridcisco

‎10-03-2010 10:57 AM

http://www.cisco.com/en/US/partner/docs/switches/lan/catalyst6500/ios/12.2SXF/native/configuration/guide/qos.html#wp1772702

Note On non-Gigabit Ethernet 1q4t/2q2t ports, you must repeat the trust configuration in a class map.

0 Helpful
Customers Also Viewed These Support Documents