Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Shoretel VOIP QOS, auto or policy

We are preparing to evaluate a Shoretel VOIP system. I was wondering about QOS, what is the easiest /best setup is for a none Cisco phone: Auto QOS or policy/profile? I will be using LLDP. The design will use 2960s-48 POE flexstack switches and 4506-e collapsCORE. The user PC will connect to the phone thus the uplink from the phone to the 2960s will have both data and voice.

Thanks

Everyone's tags (1)
21 REPLIES
New Member

Shoretel VOIP QOS, auto or policy

I'm thinking of this on the 2960 .... thoughts ???

lldp run

!

no lldp tlv-select power-management

!

mls qos

!

network-policy profile 91  (default cos and dscp look to match shoretel)

voice vlan 91

voice-signaling vlan 91

!

interface range g0/1-24

switchport access vlan 101

switchport mode access

speed 1000

duplex full

storm-control broadcast level 1.00

storm-control multicast level 1.00

storm-control action trap

priority-queue out

mls qos trust dscp

auto qos voip trust

no cdp enable

network-policy 91

lldp med-tlv-select network-policy

spanning-tree portfast

Shoretel VOIP QOS, auto or policy

As long as the Shoretel markings match with the default VoIP audio (ef) and signalling (cs3) - you can set up trust at trunks and pass these markings to routers. Which again if not already having will need QoS to priortise this traffic.

-Terry

New Member

Just for reference, I ran:

Just for reference, I ran:

show lldp neighbors Gi1/0/30 details

on my Cisco 3850 switch connected to a shoreTel phone, the port is a regular access port without any voice port configuration. The phone by default advertises a DSCP marking of 46

Output,....shortened:

ShoreTel IP485g...................

.

.

Network Policy(Voice): VLAN 0, untagged, Layer-2 priority: 0, DSCP: 46

So the marking is taken care of, it's just the policy creation on the router or firewall that's required that gives priority to DSCP:46

New Member

I know this is a year old,

I know this is a year old, but hoping to see if I can get some clarification.  I have configured my ShoreTel phones with the following configuration, and it works, but not great, there are intermittent call quality issues, and occasional drops.  My vendor had recommended to not turn on QoS, but I have decided that is crazy talk, so now I am on the internet to find out.  Also the "network guy" is not there anymore.

I have a few questions that I am trying to clarify.  I have taken the above configuration and modified it for my environment for when I turn on QoS.  However, I would like clarification on the trunk port configuration for the ports between switches, and the ports that the ShoreTel switches physically connect to.

Question 1:  Could you tell me how trunk ports between switches are configured?  I configured the ports that connect to other switches the same as my access ports and that seems incorrect, but it did get me up and running.  Here is a sample of what I think I need to add only to trunk ports:

interface GigabitEthernet0/1
description **** Trunk Port ****
switchport trunk encapsulation dot1q
switchport mode trunk
switchport trunk native vlan 30    ??? – may not need this
mls qos trust dscp

Question 2:  I was told to configure the ports on my Cisco switch that connects to the ShoreTel switches as access ports.  This seems incorrect.  Here is my configuration for those ports:

 interface GigabitEthernet0/15
 description these ports are for ShoreTel voice equipment
 switchport access vlan 50
 switchport mode access
 no cdp enable
 spanning-tree portfast

 

Lastly, here is the configuration I plan to use for each port.  VLAN30 is data, VLAN50 is voice.    This is basically the same as the one in this thread, so I'm confident(ish) that this is correct.  

interface GigabitEthernet1/0/3
description These ports have BOTH phone + pc
switchport access vlan 30
switchport mode access
switchport voice vlan 50
speed 1000
duplex full
storm-control broadcast level 1.00
storm-control multicast level 1.00
storm-control action trap
priority-queue out
mls qos trust dscp 
auto qos voip trust  
no cdp enable
network-policy 50
lldp med-tlv-select network-policy
spanning-tree portfast

 

I apologize if I should've done this as a new post.

 

New Member

You don't need to have a

You don't need to have a native vlan (untagged) on your trunks.  I don't.  I am not a fan of untagged traffic unless its a necessity.

 

You also don't need the voice vlan command.  Your network policy, depending on how you set it up, actually can take the place of the voice vlan command.  It is correct to set your ports as access ports.  This way they will default to the data vlan and your network policy will dynamically create the trunks when the phones get plugged in.

Can you post your network policy config?

 

New Member

jhainy, thank you for the

jhainy, thank you for the response.  I do not currently have one in place, but here is what I am going to put on.  I also do not have lldp in place yet.  It appears from some Cisco documentation that the voice vlan command is ok to leave if it's already in place, but if it were a new port, then you would rely solely on the network policy.  Here is the change below to add LLDP and to create a network policy

 lldp run
no lldp tlv-select power-management
mls qos
network-policy profile 50       
voice vlan 50 voice-signaling vlan 50 dscp 46

---

Also, I failed to mention, but within ShoreTel it is turned on to send out with DSCP value of 46.

New Member

The config looks good.  Once

The config looks good.  Once you have everything in place, you should be set.  I have this set up in 3 buildings thus far.  Only 37 buildings to go.  ;-)

New Member

Thank you, you have been very

Thank you, you have been very helpful.  Do you also mark the ports that you ShoreTel switches plug in (Mostly ShoreTel 220 T1's) in as Access ports or also as trunk ports?  It seemed odd that those would be Access ports, but that is how they are configured as of now. 

New Member

The ShoreGear switches

The ShoreGear switches themselves have no need to pass 802.1q trunks that I am aware of.  I set the switchports that the ShoreGear switches plug into to access ports and they reside in the voice vlan.  So using your config above, I would just label the ports on your Cisco switch that the shoregear switches plug into with the description command, then set them as access vlan 50 and call it good.

 

New Member

Wow.  Based upon your above

Wow.  Based upon your above answer, I actually have my ShoreGear port's configured correctly, and evenly labeled neatly!  Thank you, I am going to get this going soon and will follow up, as this thread was referenced in a ShoreTelsupport.com forum and that is how I found it. 

New Member

Glad to see that this was

Glad to see that this was helpful.  You gotta love mixed networks with different vendors.  It does make things interesting.

New Member

Also, I kind of thought that

Also, I kind of thought that I wouldn't need that, so thank you for confirming.

New Member

Just to be clear ... ALL

Just to be clear ... ALL trunk traffic has a native vlan. If you dont specify the native VLAN on the trunk interface the default is VLAN 1.

New Member

True, but just because it

True, but just because it exists..... it doesn't mean you have to use it.  I typically shut vlan 1 down and let it do CDP only.

New Member

Tom,A few things that I found

Tom,

A few things that I found to help my setup incase you are still having problems.  This is on a Gig user switch 2960s.  I run a little different setup on a the 100/full user links.

Trunk or switch uplink (port-channel)

 srr-queue bandwidth share 5 5 5 85
 priority-queue out
 mls qos trust dscp
 

Port that connects to phone and pc

 network-policy 91
 switchport access vlan 101
 switchport mode access
 no logging event link-status
 speed 1000
 duplex full
 srr-queue bandwidth share 10 10 60 20
 queue-set 2
 priority-queue out
 no snmp trap link-status
 mls qos trust dscp

 

Global config changes to QOS

mls qos queue-set output 1 buffers 10 10 10 70
mls qos queue-set output 2 buffers 16 10 13 61                                                                        mls qos queue-set output 1 threshold 4 3200 3200 100 3200

 

ShoreTel gear on vMware

I discovered the HQ, DVS, ECC did not mark traffic correctly and we had to write a policy for that on the server.

 

 

New Member

Shoretel VOIP QOS, auto or policy

I am getting ready to do the same thing.  I have a mix of 4500s, 2960s, 3560's and 6500s.  When running auto qos on the different switching platforms, I am seeing different outputs and its a little confusing.  For example, on a 4500, I see the policy map and the policy map applied to the interface I run autoqos on, but I don't the the policy map on a 6500 or a 3750.  Not sure why.

Shoretel VOIP QOS, auto or policy

The different platforms have different way of doing QoS. Its very much platform specific, hence the reason you are seeing this difference.

Refer this document for a highl level view of the LAN QoS:

http://www.cisco.com/en/US/docs/solutions/Enterprise/WAN_and_MAN/QoS_SRND_40/QoSCampus_40.html

You can also visit Cisco.com and search document for each platform, which will detail even further, if needed.

-Terry

New Member

Shoretel VOIP QOS, auto or policy

That was quite the document.

One thing that caught my eye was the dynamic QoS in conjunction with CDP.  I understand all of the concepts, but a ShoreTel phone doesn't use CDP, it uses LLDP.  Can we do something similar with the network policy TLV and make it so that when you apply an auto qos voip trust to an interface, that it won't blindly trust anything without the LLDP verfication, much like CDP?

New Member

Shoretel VOIP QOS, auto or policy

I have not fully rolled out the Shoretel director/ECC but have connected the phones to the 2960s poe switch. It is working with LLDP thus fare.  I will not be able to fully test for another several weeks    The config I posted at the top of this chat is what I used.  LLDP does take the place of CDP

New Member

Shoretel VOIP QOS, auto or policy

My config is very similar to yours.  I would like to refer to yours just to spark some discussion and understanding. My comments of my understanding of these commands are in bold.

lldp run      (enables lldp, which is required for shoretel phones)

!

no lldp tlv-select power-management  (this is kind of interesting because I had to do this to get the lldp tlv network policy to work)

!

mls qos            (globally enables qos, is also applied when running auto qos)

!

network-policy profile 91  (default cos and dscp look to match shoretel)  (sets the dynamic voice vlan used inplace of the voice vlan command and cdp)

voice vlan 91

voice-signaling vlan 91

!

interface range g0/1-24

switchport access vlan 101

switchport mode access

speed 1000

duplex full

storm-control broadcast level 1.00

storm-control multicast level 1.00

storm-control action trap

priority-queue out

mls qos trust dscp                ( trust dscp markings)

auto qos voip trust                 (auto qos to set trust boundaries)

no cdp enable

network-policy 91                   (applies network policy to interface and permits the dynamic voice vlan usage for phone)

lldp med-tlv-select network-policy          (I didn't have to do this, this tlv seems to advertise by default)

spanning-tree portfast

My question is, when we apply the auto qos voip trust command and I see that you have specificed trust dscp, so I am assuming that you are only using dscp and not cos AND dscp, are we blindly trusting any device that is plugged into this interface?  That kind of worries me because I only want to trust the shoretel phones when they mark their packets, not anything that could mark its traffic and compromise the QoS infrastructure.

My interest is to apply a conditional trust as described here. 

http://www.cisco.com/en/US/docs/solutions/Enterprise/WAN_and_MAN/QoS_SRND_40/QoSCampus_40.html#wp1098633

But this example refers to CDP, not LLDP.  My question is, will LLDP behave the same way or will it behave with extra configuration or are we stuck with blindly trusting any device that is plugged into a port that is trusting dscp or cos?

New Member

From my testing LLDP

From my testing LLDP verfication, much like CDP.. If you connect a PC to that port without a phone it will not blindly trust

4480
Views
10
Helpful
21
Replies