12-15-2016 11:37 AM - edited 03-08-2019 08:35 AM
Hello, I understand you would use 'mls qos trust dscp' on a VoIP phone interface, but someone told me it should also be used on switch uplink ports.
Is this because when the DSCP marked goes to leave the switch, it's DSCP markings will be ignored unless you enter 'mls qos trust dscp' ?
Do layer 3 interfaces not need this command, as they will automatically trust DSCP ?
What type of interfaces will not trust DSCP by default ?
Thanks kindly for clarification.
Solved! Go to Solution.
12-15-2016 12:19 PM
Hi,
Generally for access ports that connect to phones you need
mls qos trust cos
and
mls qos trust devie cisco-phone
and on the uplink ports you need
mls qos trust dscp
now, some newer versions of hardware and IOS don't support mls qos command anymore.
HTH
12-15-2016 12:28 PM
I understand you would use 'mls qos trust dscp' on a VoIP phone interface
Yes, often commonly done, but not always.
someone told me it should also be used on switch uplink ports.
Yes, also commonly done. Both depend on your QoS design.
Is this because when the DSCP marked goes to leave the switch, it's DSCP markings will be ignored unless you enter 'mls qos trust dscp' ?
No, the trust is for ingress, not egress, including on uplinks.
Do layer 3 interfaces not need this command, as they will automatically trust DSCP ?
Depends on the device. L2 vs. L3 interfaces usually have no bearing on DSCP. (Trusting L2 CoS, though is a different issue.)
What type of interfaces will not trust DSCP by default ?
Again, depends on the device. Generally, by default, routers and later Cisco switches leave L3 ToS alone (i.e. they "trust" it) by default. Older Cisco switches, often by default, leave L3 ToS alone if QoS disabled, but reset it to zero, if QoS enabled and not configured to be trusted.
12-15-2016 12:19 PM
Hi,
Generally for access ports that connect to phones you need
mls qos trust cos
and
mls qos trust devie cisco-phone
and on the uplink ports you need
mls qos trust dscp
now, some newer versions of hardware and IOS don't support mls qos command anymore.
HTH
12-15-2016 12:28 PM
I understand you would use 'mls qos trust dscp' on a VoIP phone interface
Yes, often commonly done, but not always.
someone told me it should also be used on switch uplink ports.
Yes, also commonly done. Both depend on your QoS design.
Is this because when the DSCP marked goes to leave the switch, it's DSCP markings will be ignored unless you enter 'mls qos trust dscp' ?
No, the trust is for ingress, not egress, including on uplinks.
Do layer 3 interfaces not need this command, as they will automatically trust DSCP ?
Depends on the device. L2 vs. L3 interfaces usually have no bearing on DSCP. (Trusting L2 CoS, though is a different issue.)
What type of interfaces will not trust DSCP by default ?
Again, depends on the device. Generally, by default, routers and later Cisco switches leave L3 ToS alone (i.e. they "trust" it) by default. Older Cisco switches, often by default, leave L3 ToS alone if QoS disabled, but reset it to zero, if QoS enabled and not configured to be trusted.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide