Solved: The CoS value is not trusted for 802.1P or 802.1Q tagged traffic.

mahesh18 · ‎02-17-2011

Hi all,

i was reading this

Default Voice VLAN Configuration

The voice VLAN feature is disabled by default.

When the voice VLAN feature is enabled, all untagged traffic is sent according to the default CoS priority of the port.

The default CoS value is 0 for incoming traffic.

The CoS value is not trusted for 802.1P or 802.1Q tagged traffic.

i need to understand that when we config the voice vlan on switch and assign the port to it.

now we attach the pc to phone.

1>The default CoS value is 0 for incoming traffic. -- this means traffic coming from pc to IP phone port or

traffic coming from Phone to switch port?

2>The CoS value is not trusted for 802.1P or 802.1Q tagged traffic. what does this mean if someone can explain me this in detail ?

thanks

mahesh

cadet alain · ‎02-17-2011

Hi,

when you say that when we enable mls qos globally that will make all interfaces untrusted by switch this means all interfaces connected to

Cisco IP phone only ?? or also the interface directly connected to PC ??

All the switch interfaces

if you can explain me please -------- the cos of tagged frames will not be overrided.??

yep of course: your cisco ip phone will mark traffic with voice traffic(RTP) with a cos of 5 so when it arrives on the switchport which trusts

the cos marking it will be retained by the switch and used to derive an internal DSCP value for use on non trunk ports where there is no tagging and so no cos.

But if the same traffic arrives on an untrusted port then the cos of 5 is reset to cos of switchport( by default 0) and then used to derive an internal

DSCP.

Regards.

Alain.

Don't forget to rate helpful posts.

View solution in original post

martin_knorre · ‎02-17-2011

Yes that is right, if you configure MLS globally all ports are untrusted for best effort traffic. You can set a dscp value based on ACL or you can trust the COS /DSCP value on the switchport that comes from the PC or phone, but that is not so practical because every user can set its own COS value on the PC.

A simple method is, tag your desired traffic on the access switch, trust the dscp values on the uplinks to core/distri and set up a policy map.

Regards Martin

View solution in original post

cadet alain · ‎02-17-2011

Hi,

1>The default CoS value is 0 for incoming traffic. -- this means traffic coming from pc to IP phone port or

traffic coming from Phone to switch port?

Traffic incoming on switch port, remember you are configuring QoS on the switch.

2>The CoS value is not trusted for 802.1P or 802.1Q tagged traffic. what does this mean if someone can explain me this in detail ?

802.1P is the cos which is QoS marking for L2 ethernet 802.1q tagged frames.

Once QoS is enabled with mls qos global command then each interface is untrusted and has a cos value of 0 which means that tagged frames

coming in with any cos value will get their cos reset to 0 by the switch.To trust the cos marking you have to enter the interface command

mls qos trust cos and so the cos of tagged frames will not be overrided.

Regards.

alain.

Don't forget to rate helpful posts.

mahesh18 · ‎02-17-2011

Hi alain,

many thanks for reply

let see if i understand right

when you say that when we enable mls qos globally that will make all interfaces untrusted by switch this means all interfaces connected to

Cisco IP phone only ?? or also the interface directly connected to PC ??

secondly statement

To trust the cos marking you have to enter the interface command

mls qos trust cos and so the cos of tagged frames will not be overrided.

if you can explain me please -------- the cos of tagged frames will not be overrided.??

thanks

mahesh

cadet alain · ‎02-17-2011

Hi,

when you say that when we enable mls qos globally that will make all interfaces untrusted by switch this means all interfaces connected to

Cisco IP phone only ?? or also the interface directly connected to PC ??

All the switch interfaces

if you can explain me please -------- the cos of tagged frames will not be overrided.??

yep of course: your cisco ip phone will mark traffic with voice traffic(RTP) with a cos of 5 so when it arrives on the switchport which trusts

the cos marking it will be retained by the switch and used to derive an internal DSCP value for use on non trunk ports where there is no tagging and so no cos.

But if the same traffic arrives on an untrusted port then the cos of 5 is reset to cos of switchport( by default 0) and then used to derive an internal

DSCP.

Regards.

Alain.

Don't forget to rate helpful posts.

martin_knorre · ‎02-17-2011

Yes that is right, if you configure MLS globally all ports are untrusted for best effort traffic. You can set a dscp value based on ACL or you can trust the COS /DSCP value on the switchport that comes from the PC or phone, but that is not so practical because every user can set its own COS value on the PC.

A simple method is, tag your desired traffic on the access switch, trust the dscp values on the uplinks to core/distri and set up a policy map.

Regards Martin

mahesh18 · ‎02-18-2011

Hi alain and Martin,

Many thanks for detailed explanation.

best regards

mahesh