cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3977
Views
5
Helpful
13
Replies

Cisco 5508 Wireless Controller w/ Voice - Switch Port Configuration

carldu
Level 1
Level 1

Hello,

I apologize if this has been covered before but I can't seem to find an absolute answer (probably because there isn't one) on how we should configure the switch ports for our 5508 WLC.  We have a 5508 WLC with 4 ports plugged into our 3750X Stack.  We are rolling out 7925 wireless phones so I have dedicated Voice WLANs created and setup as Platinum in the WLC.  Right now all 4 switch ports are configured as follows:

interface GigabitEthernet1/0/22

switchport trunk encapsulation dot1q

switchport trunk native vlan 110

switchport mode trunk

mls qos trust cos

channel-group 10 mode on

And the Port Channel:

interface Port-channel10

switchport trunk encapsulation dot1q

switchport trunk native vlan 110

switchport mode trunk

My questions.

  1. I presume I am correct in having created a Port Channel, is there any type of load balancing I should configure as well or is the above sufficient?
  2. Should I also be using the auto qos voip trust on these ports or is the mls qos trust cos sufficient since then the controller will then tag the traffic as the appropriate QOS level and the switch will trust it?
2 Accepted Solutions

Accepted Solutions

Justin Kurynny
Level 4
Level 4

carldu,

Your portchannel configurion looks good. A few suggestions— a) remove the native statement and instead tag your WLC’s management interface with VLAN ID 110; b) restrict VLANs allowed on the portchannel to only those that are actually defined on the controller (e.g., switchport trunk allowed vlan 110,{n … z})

Your questions:

1. Load balancing on your switch should be layer-3 load balancing, which will match the hard-coded WLC load balancing algorithm. This is generally: (config)# port-channel load-balance src-dst-ip

2. Your switchport qos should be set to trust COS (as you have it configured). This is because the COS value is the policed alloy value that the controller marks per the WLAN alloy value. If you trust all of your endpoints to correctly mark QoS, then you can trust DSCP instead (e.g., if you want more granular trust processing beyond an 8-value COS scheme).

Justin

View solution in original post

Stephen Rodriguez
Cisco Employee
Cisco Employee

You are. Order you should have a port- channel configures.

For the load balancing on the port channel you want ip-src-dst configured

For the QoS mls QoS trust cos is correct. You don't need to do the auto QoS commands.

Steve

Sent from Cisco Technical Support iPad App

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered

View solution in original post

13 Replies 13

Justin Kurynny
Level 4
Level 4

carldu,

Your portchannel configurion looks good. A few suggestions— a) remove the native statement and instead tag your WLC’s management interface with VLAN ID 110; b) restrict VLANs allowed on the portchannel to only those that are actually defined on the controller (e.g., switchport trunk allowed vlan 110,{n … z})

Your questions:

1. Load balancing on your switch should be layer-3 load balancing, which will match the hard-coded WLC load balancing algorithm. This is generally: (config)# port-channel load-balance src-dst-ip

2. Your switchport qos should be set to trust COS (as you have it configured). This is because the COS value is the policed alloy value that the controller marks per the WLAN alloy value. If you trust all of your endpoints to correctly mark QoS, then you can trust DSCP instead (e.g., if you want more granular trust processing beyond an 8-value COS scheme).

Justin

Thank you very much for the quick response, I think you answered another question I should have asked.  So on the APs, I currently have:

interface GigabitEthernet2/0/17

switchport access vlan 110

switchport mode access

srr-queue bandwidth share 10 10 60 20

queue-set 2

priority-queue out

mls qos trust dscp

auto qos voip trust

Obviously a lot of that came from executing the auto qos voip trust, am I correct in assuming I only need mls qos trust dscp since I trust the device to tag stuff?

carldu,

If there’s any chance of congestion on the port, then leaving the other commands is probably a good idea. Otherwise, you typically see documentation focuse on the trust dscp statement. In summary: dscp for APs, CoS for controllers.

Justin

Justin Kurynny wrote:

carldu,

If there’s any chance of congestion on the port, then leaving the other commands is probably a good idea. Otherwise, you typically see documentation focuse on the trust dscp statement. In summary: dscp for APs, CoS for controllers.

Justin

Is there any disadvantages of simply executing the auto qos commands on a port, eg switch resources used that may be unecessary etc?

Carl,

The switch takes a small hit as soon as you turn the mls qos engine on globally, which you need for trusting dscp, but I don’t think you’re going to see much of a bump in additional resource utilization beyond that. You could make a comparison using the show mem cpu command with and without the extra commands (and flood some data through the port). You could also try fielding this question into the LAN switching forum and see what they have to say. Sorry that’s not a super helpful answer.

Justin

Thank you to everyone for your quick responses and explantions.  It is much apprecated.

Stephen Rodriguez
Cisco Employee
Cisco Employee

You are. Order you should have a port- channel configures.

For the load balancing on the port channel you want ip-src-dst configured

For the QoS mls QoS trust cos is correct. You don't need to do the auto QoS commands.

Steve

Sent from Cisco Technical Support iPad App

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered

Carl.

Choosing Platinum profile in the SSID WLAN QoS config tab does not mean that the voice packets will be mapped appropriately with the appropriate DSCP value. You have to enable 802.1p mapping and this can be done under Wireless -->QoS---->Profiles. Click on Platinum and under Wired QoS protocol choose 802.1p. Also whether you specify the native vlan on the WLC switch port config and not on the WLC mgt interface or you do this on the WLC management interface and not on the Switch port does not matter as it does not affect your CAPWAP traffic.

Osita,

I agree with your remarks about alloy markdown, but I am inclined to disagree with this statement:

Also whether you specify the native vlan on the WLC switch port config and not on the WLC mgt interface or you do this on the WLC management interface and not on the Switch port does not matter as it does not affect your CAPWAP traffic.

This is true if you do not care about quality of service, however...

If you put your WLC management interface on VLAN ID 0 (default VLAN) and you use the switchport trunk native vlan command on the WLC's switchport, you are effectively classifying management traffic as untagged (non-802.1P) traffic. When you do this, CoS values originated from the management interface will not be visible at the switch on the incoming frames. This includes CAPWAP control frames and tunneled packets to APs, some of which may contain QoS markings.

If you are using QoS on your wireless network, then it is advisable to use a selected nonzero VLAN tag on your management interface and to not use the native statement on the attached switchport. I believe the Cisco documentation is in the process of being updated to reflect this.

Of course if I'm wrong about this, please correct the error of my ways, but this is what I recall seeing on a packet capture I did about a year go.

Justin

As Justin points out if you trust cos you trust tagged traffic. If you native the management you aren't trusting the capwap traffic. +5

Sent from Cisco Technical Support iPad App

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________

Justin,

What you said about VLAN tagging the WLC management interface may correct as per QoS but that may apply to APs in local mode (Don't quote because I don't use this). However, I recently changed my configuration on all my management interfaces to untagged with native VLAN tagging at the Switch ports, mirrored the VLAN to a span port and performed a packet capture. The RTP packets where appropriately tagged with COS 5 on the HREAP VLAN. Please note that I use Microsoft Lync and not Cisco Voice phones. When Cisco updates their documentation, I will definitely have a look.

Osita,

Thanks for the input, I am going to look into the Wired QoS Protocol.

Stephen Rodriguez wrote:

For the QoS mls QoS trust cos is correct. You don't need to do the auto QoS commands.

Thanks for your reply Steve,

Quick question I asked above.  Does it hurt to execute the auto qos commands on a port or is it completely unecessary?  I presume it really would only have an impact if the bandwidth on the said port was being satuated.  Does executing the command eat up any resources on the switch?

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: