03-20-2012 01:18 PM - edited 07-03-2021 09:49 PM
Hello,
I apologize if this has been covered before but I can't seem to find an absolute answer (probably because there isn't one) on how we should configure the switch ports for our 5508 WLC. We have a 5508 WLC with 4 ports plugged into our 3750X Stack. We are rolling out 7925 wireless phones so I have dedicated Voice WLANs created and setup as Platinum in the WLC. Right now all 4 switch ports are configured as follows:
interface GigabitEthernet1/0/22
switchport trunk encapsulation dot1q
switchport trunk native vlan 110
switchport mode trunk
mls qos trust cos
channel-group 10 mode on
And the Port Channel:
interface Port-channel10
switchport trunk encapsulation dot1q
switchport trunk native vlan 110
switchport mode trunk
My questions.
Solved! Go to Solution.
03-20-2012 01:38 PM
carldu,
Your portchannel configurion looks good. A few suggestions— a) remove the native statement and instead tag your WLC’s management interface with VLAN ID 110; b) restrict VLANs allowed on the portchannel to only those that are actually defined on the controller (e.g., switchport trunk allowed vlan 110,{n … z})
Your questions:
1. Load balancing on your switch should be layer-3 load balancing, which will match the hard-coded WLC load balancing algorithm. This is generally: (config)# port-channel load-balance src-dst-ip
2. Your switchport qos should be set to trust COS (as you have it configured). This is because the COS value is the policed alloy value that the controller marks per the WLAN alloy value. If you trust all of your endpoints to correctly mark QoS, then you can trust DSCP instead (e.g., if you want more granular trust processing beyond an 8-value COS scheme).
Justin
03-20-2012 01:39 PM
You are. Order you should have a port- channel configures.
For the load balancing on the port channel you want ip-src-dst configured
For the QoS mls QoS trust cos is correct. You don't need to do the auto QoS commands.
Steve
Sent from Cisco Technical Support iPad App
03-20-2012 01:38 PM
carldu,
Your portchannel configurion looks good. A few suggestions— a) remove the native statement and instead tag your WLC’s management interface with VLAN ID 110; b) restrict VLANs allowed on the portchannel to only those that are actually defined on the controller (e.g., switchport trunk allowed vlan 110,{n … z})
Your questions:
1. Load balancing on your switch should be layer-3 load balancing, which will match the hard-coded WLC load balancing algorithm. This is generally: (config)# port-channel load-balance src-dst-ip
2. Your switchport qos should be set to trust COS (as you have it configured). This is because the COS value is the policed alloy value that the controller marks per the WLAN alloy value. If you trust all of your endpoints to correctly mark QoS, then you can trust DSCP instead (e.g., if you want more granular trust processing beyond an 8-value COS scheme).
Justin
03-20-2012 01:56 PM
Thank you very much for the quick response, I think you answered another question I should have asked. So on the APs, I currently have:
interface GigabitEthernet2/0/17
switchport access vlan 110
switchport mode access
srr-queue bandwidth share 10 10 60 20
queue-set 2
priority-queue out
mls qos trust dscp
auto qos voip trust
Obviously a lot of that came from executing the auto qos voip trust, am I correct in assuming I only need mls qos trust dscp since I trust the device to tag stuff?
03-20-2012 02:01 PM
carldu,
If there’s any chance of congestion on the port, then leaving the other commands is probably a good idea. Otherwise, you typically see documentation focuse on the trust dscp statement. In summary: dscp for APs, CoS for controllers.
Justin
03-22-2012 06:10 PM
Justin Kurynny wrote:
carldu,
If there’s any chance of congestion on the port, then leaving the other commands is probably a good idea. Otherwise, you typically see documentation focuse on the trust dscp statement. In summary: dscp for APs, CoS for controllers.
Justin
Is there any disadvantages of simply executing the auto qos commands on a port, eg switch resources used that may be unecessary etc?
03-23-2012 08:41 PM
Carl,
The switch takes a small hit as soon as you turn the mls qos engine on globally, which you need for trusting dscp, but I don’t think you’re going to see much of a bump in additional resource utilization beyond that. You could make a comparison using the show mem cpu command with and without the extra commands (and flood some data through the port). You could also try fielding this question into the LAN switching forum and see what they have to say. Sorry that’s not a super helpful answer.
Justin
03-20-2012 02:03 PM
Thank you to everyone for your quick responses and explantions. It is much apprecated.
03-20-2012 01:39 PM
You are. Order you should have a port- channel configures.
For the load balancing on the port channel you want ip-src-dst configured
For the QoS mls QoS trust cos is correct. You don't need to do the auto QoS commands.
Steve
Sent from Cisco Technical Support iPad App
03-21-2012 02:31 AM
Carl.
Choosing Platinum profile in the SSID WLAN QoS config tab does not mean that the voice packets will be mapped appropriately with the appropriate DSCP value. You have to enable 802.1p mapping and this can be done under Wireless -->QoS---->Profiles. Click on Platinum and under Wired QoS protocol choose 802.1p. Also whether you specify the native vlan on the WLC switch port config and not on the WLC mgt interface or you do this on the WLC management interface and not on the Switch port does not matter as it does not affect your CAPWAP traffic.
03-21-2012 11:26 PM
Osita,
I agree with your remarks about alloy markdown, but I am inclined to disagree with this statement:
Also whether you specify the native vlan on the WLC switch port config and not on the WLC mgt interface or you do this on the WLC management interface and not on the Switch port does not matter as it does not affect your CAPWAP traffic.
This is true if you do not care about quality of service, however...
If you put your WLC management interface on VLAN ID 0 (default VLAN) and you use the switchport trunk native vlan command on the WLC's switchport, you are effectively classifying management traffic as untagged (non-802.1P) traffic. When you do this, CoS values originated from the management interface will not be visible at the switch on the incoming frames. This includes CAPWAP control frames and tunneled packets to APs, some of which may contain QoS markings.
If you are using QoS on your wireless network, then it is advisable to use a selected nonzero VLAN tag on your management interface and to not use the native statement on the attached switchport. I believe the Cisco documentation is in the process of being updated to reflect this.
Of course if I'm wrong about this, please correct the error of my ways, but this is what I recall seeing on a packet capture I did about a year go.
Justin
03-21-2012 11:47 PM
As Justin points out if you trust cos you trust tagged traffic. If you native the management you aren't trusting the capwap traffic. +5
Sent from Cisco Technical Support iPad App
03-22-2012 05:58 AM
Justin,
What you said about VLAN tagging the WLC management interface may correct as per QoS but that may apply to APs in local mode (Don't quote because I don't use this). However, I recently changed my configuration on all my management interfaces to untagged with native VLAN tagging at the Switch ports, mirrored the VLAN to a span port and performed a packet capture. The RTP packets where appropriately tagged with COS 5 on the HREAP VLAN. Please note that I use Microsoft Lync and not Cisco Voice phones. When Cisco updates their documentation, I will definitely have a look.
03-22-2012 06:15 PM
Osita,
Thanks for the input, I am going to look into the Wired QoS Protocol.
03-22-2012 06:18 PM
Stephen Rodriguez wrote:
For the QoS mls QoS trust cos is correct. You don't need to do the auto QoS commands.
Thanks for your reply Steve,
Quick question I asked above. Does it hurt to execute the auto qos commands on a port or is it completely unecessary? I presume it really would only have an impact if the bandwidth on the said port was being satuated. Does executing the command eat up any resources on the switch?
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: