Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
7612
Views
7
Helpful
4
Replies

Trust DSCP or Trust CoS

Go to solution
djohnson
Level 1
Level 1

‎07-18-2007 09:42 AM - edited ‎03-14-2019 10:38 PM

Hi All,

I am a little confused about the mls qos trust command as it applies to phones, servers, routers and inter-switch links. No matter what, I am running the auto qos voip trust (or device cisco-phone) for all the ports on my network. I was told once that when a port connects to a server (Call Manager, TFTP, etc) or a Voice Gateway I should turst DSCP, but then I have read that unless it is a trunk, this is not correct.

So, for the items listed above (and below)

Phones

Servers

Gateways

Inter-switch links

should I be trust CoS or DSCP with the mls qos trust command?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
johnnylingo
Level 5
Level 5
In response to djohnson

‎07-19-2007 08:54 AM

Just a note on the switches...trusting CoS on switch uplinks works fine if you're just doing Layer 2 switches, but with Layer 3 switches you'll want to trust DSCP. It's my understanding (and observation), then when the packet goes through an SVI the layer 2 CoS gets reset but the DSCP is preserved.

View solution in original post

0 Helpful
4 Replies 4

Go to solution
johnnylingo
Level 5
Level 5

‎07-18-2007 12:18 PM

The standard practice is trust CoS on phone ports, and also use a CoS to DSCP map like this one to ensure CoS 5 is set to DSCP 46.

mls qos map cos-dscp 0 8 16 24 32 46 48 56

For ports with Servers and Voice Gateways, instead trust DSCP. Also do that for ports to other switches.

As far as why to do it this way, I can tell you that Servers and Voice Gateways only use DSCP (not CoS) so that is the only option that will work. Likewise, since these values will be used throughout your network you want to trust DSCP for uplinks to other switches (although, you could probably do a DSCP to CoS map too).

What I can't give a firm answer on is why CoS should be trusted on the phone, rather that DSCP. My guess is for non-Cisco phones, they will only use CoS so it is recommended for compatibility reasons.

Go to solution
Chris Deren
Hall of Fame
Hall of Fame
In response to johnnylingo

‎07-18-2007 01:53 PM

Easy way to remember this is to think of the device connected. If the device is layer 2 device such as another switch or a phone then trust cos vlaues if it's layer 3 such as voice GW, router, server then trust DSCP values.

Chris

Go to solution
djohnson
Level 1
Level 1

‎07-19-2007 06:42 AM

Thanks guys. You were both very helpful with my configuration. First I went through and made sure that Layer 2 connections were set to CoS and that Layer 3 connections were set to DSCP. Also, I took at look at the mls qos maps command and found that the CoS to DSCP mapping was set to 26, not 24. I made this changed and then examined my policy-map and found that it was now hitting the CS3 markings.

I think everything is working now and I am creating and SOP for the group for future reference. I think I still need to do a little packet grabbing on the network to be 100% sure but overall I am good to go.

0 Helpful

Go to solution
johnnylingo
Level 5
Level 5
In response to djohnson

‎07-19-2007 08:54 AM

Just a note on the switches...trusting CoS on switch uplinks works fine if you're just doing Layer 2 switches, but with Layer 3 switches you'll want to trust DSCP. It's my understanding (and observation), then when the packet goes through an SVI the layer 2 CoS gets reset but the DSCP is preserved.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents