Solved: QoS Trust path

Antonio Knox · ‎02-19-2013

Let's say I have this general layout:

(Access 6500) <----> (Core 6500) <---> (Service Provider Edge 6500) <---> ISP

Do I have to enable 'mls qos' on the Core 6500 for it to honor the QoS markings from Access 6500? I think if I do nothing, it will forward the traffic without modifying the frame (besides stripping 802.1q tag), but won't prioritize properly. Would this be correct? Do I need to trust dscp on ingress and egress trunks on the core switch?

Terry Cheema · ‎02-19-2013

Antonio,

If QoS is disabled on the Core 6500, traffic is switched in pass-through mode. There will be no concept of trusted or untrusted ports. That means it will pass the markings without modification. So the markings received from the Access 6500 will be passed onto the next connected device, as they were received, without any re-write etc. And yes, if QoS is disabled there will be no priortization. Since QoS is disabled no classification of traffic occurs, so no differential treatement. All the traffic will be dropped in one queue and serviced based on First In First Out (FIFO) on a best effort basis. Switch will even allow you to configure QoS, all commands will also show in the config but QoS mechanism would not kick in until its turned on with the mls qos command.

However, as you may already know, if you enable QoS and do not explicitily trust the ports it will treat the port as untrusted, stripping the markings and setting to a value of 0.

In your case, if you dont enable QoS on Core 6500, your markings will traverse the network and will be passed on to your provider as long they are setup correctly at the source(Access switch). Traffic will get preferential treatment in the Service provider network (based on you SLAs) but it will not get priority treatment inside your network (where QoS is disabled).

Generally speaking, best practise will be to enable QoS end-to-end on all QoS aware devices in the network.

I hope this answers your queries.

Terry

View solution in original post

Terry Cheema · ‎02-19-2013

Antonio,

If QoS is disabled on the Core 6500, traffic is switched in pass-through mode. There will be no concept of trusted or untrusted ports. That means it will pass the markings without modification. So the markings received from the Access 6500 will be passed onto the next connected device, as they were received, without any re-write etc. And yes, if QoS is disabled there will be no priortization. Since QoS is disabled no classification of traffic occurs, so no differential treatement. All the traffic will be dropped in one queue and serviced based on First In First Out (FIFO) on a best effort basis. Switch will even allow you to configure QoS, all commands will also show in the config but QoS mechanism would not kick in until its turned on with the mls qos command.

However, as you may already know, if you enable QoS and do not explicitily trust the ports it will treat the port as untrusted, stripping the markings and setting to a value of 0.

In your case, if you dont enable QoS on Core 6500, your markings will traverse the network and will be passed on to your provider as long they are setup correctly at the source(Access switch). Traffic will get preferential treatment in the Service provider network (based on you SLAs) but it will not get priority treatment inside your network (where QoS is disabled).

Generally speaking, best practise will be to enable QoS end-to-end on all QoS aware devices in the network.

I hope this answers your queries.

Terry

Antonio Knox · ‎02-20-2013

Perfect answer, Terry! You get 5 Stars!!!

Terry Cheema · ‎02-20-2013

Antonio - Glad it helped and thanks for the nice rating.

Terry

Sent from Cisco Technical Support iPhone App