Solved: What happens to marked packets without qos trust on port?

Mike Assel · ‎07-22-2011

Hello. Just wondering if the experts out there could confirm something for me: I have a switch that has been globally configured for qos specifically for IP phones. However one of the switchports I have re-configured so it looks like this

interface FastEthernet0/36

description LAB

switchport mode access

switchport voice vlan 208

spanning-tree portfast

end

My question is this: if a device that marks it's own packets (let's say EF) is connected to this port, once the packets enter the port the switch will remark them because there is no trust command configured on the port, correct? I would assume the default would be to zero? The reason I ask is that we have a network monitoring service that is setup to monitor the qos markings of packets crossing our WAN and to notify us if the packets get remarked. I have confirgured the packets to be marked EF on the device connected to the switchport mentioned above, so in my mind the markings should be getting changed and my service should see that, but it doesn't. So I want to make sure I understand how it is supposed to work in the switch before pointing the finger at the service.

John Blakley · ‎07-22-2011

Mike,

The default behavior would be for the switch to set the tag to default CS0 because the port is considered untrusted, so you're correct.

Default Voice VLAN Configuration

The voice VLAN feature is disabled by default.

When the voice VLAN feature is enabled, all untagged traffic is sent according to the default CoS priority of the port.

The CoS value is not trusted for 802.1P or 802.1Q tagged traffic.

http://www.cisco.com/en/US/docs/switches/lan/catalyst3550/software/release/12.1_12c_ea1/configuration/guide/swvoip.html

HTH,

John

HTH, John *** Please rate all useful posts ***

View solution in original post

John Blakley · ‎07-22-2011

Mike,

The default behavior would be for the switch to set the tag to default CS0 because the port is considered untrusted, so you're correct.

Default Voice VLAN Configuration

The voice VLAN feature is disabled by default.

When the voice VLAN feature is enabled, all untagged traffic is sent according to the default CoS priority of the port.

The CoS value is not trusted for 802.1P or 802.1Q tagged traffic.

http://www.cisco.com/en/US/docs/switches/lan/catalyst3550/software/release/12.1_12c_ea1/configuration/guide/swvoip.html

HTH,

John

HTH, John *** Please rate all useful posts ***

paul driver · ‎07-22-2011

Hi mike,

Your correct in your assumption.

If the maked packet goes into a non enabled mls qos switch, the switch will rewrite the marking to a cos 0

Switch#sh mls qos

QoS is disabled

QoS ip packet dscp rewrite is enabled

Switch#sh mls qos int fa0/1

FastEthernet0/1

QoS is disabled. When QoS is enabled, following settings will be applied

trust state: not trusted

trust mode: not trusted

trust enabled flag: ena

COS override: dis

default COS: 0

DSCP Mutation Map: Default DSCP Mutation Map

Trust device: none

qos mode: port-based

res

Paul

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Marwan ALshawi · ‎08-01-2011

have you tired to disable DSCP rewrite with global command "no mls qos rewrite ip dscp"

HTH