Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2986
Views
0
Helpful
5
Replies

trust and DSCP re-marking

jironside
Level 1
Level 1

‎11-19-2014 08:02 AM - edited ‎03-07-2019 09:34 PM

Hi,

I am confused. I have a SX20 Codec connected to a 3750 switch. The port that it is connected to has the "mls qos trust dscp" command configured on it. When I run the "show mls qos interface <interface number>" command, I get the response that the trust state is dscp and trust is enabled. But when I run the "show mls qos interface <interface number> statistics" command, I get back that for incoming dscp I am getting a range of values incrementing, but for outgoing dscp, the only value that is incrementing is 0. Which I interpret to mean that no matter what dscp is being received by this switch port, it is sending out all packets marked as dscp 0. Why, if the port is set to trust dscp, is it doing this? What am I missing?

 

Jon

Labels:
0 Helpful
5 Replies 5

Joseph W. Doherty
Hall of Fame
Hall of Fame

‎11-19-2014 08:20 AM

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

For the same port?  If so, egress stats would apply to traffic from other ports.  Do you know other ports will be sending non-BE packets to this port?

0 Helpful

jironside
Level 1
Level 1
In response to Joseph W. Doherty

‎11-20-2014 12:07 PM

OK, so my understanding of the output was incorrect. Thank you for clarifying.

0 Helpful

smartnet
Level 1
Level 1
In response to Joseph W. Doherty

‎01-23-2015 05:09 AM

Hi,

I have a similiar issue with a vpn router connected to a 2960s switch. The switch port statistics shows dscp incoming packets (voice packets from the router/vpn), but no dscp outgoing packets. The result is that the qos-policy on the router for incoming voice traffic which has to be routed through the vpn doesn't see any packets market with dscp 46 and therefore doesn't work.On the other switch ports mostly connected to cisco phones I can see dscp incoming and outgoing packets. So I'm wondering why the dscp marking is lost on the between the switch and the router?!

Marcus

0 Helpful

Joseph W. Doherty
Hall of Fame
Hall of Fame
In response to smartnet

‎01-23-2015 06:42 AM

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

On most small (older model) Cisco switches, if QoS is NOT enabled, ToS markings are passed through unchanged.  However, if QoS is enable, you need to configure trust setting on ingress ports.  Otherwise switch will reset ToS to zero.

You haven't fully described your 2960 configuration, so cannot say whether or how the foregoing may apply in your case.

0 Helpful

smartnet
Level 1
Level 1
In response to Joseph W. Doherty

‎01-26-2015 08:17 AM

Sorry, this is the config of the switchport connected to the router:

interface GigabitEthernet1/0/48
 switchport mode access
 srr-queue bandwidth share 1 30 35 5
 priority-queue out
 mls qos trust cos
 auto qos trust
 spanning-tree portfast
 

This is the config of the router (Cisco 1812) connected to the switch:

interface FastEthernet1
 description Inside
 ip address xxx
 ip access-group acl-inside in
 ip nat inside
 ip virtual-reassembly in
 ip verify unicast reverse-path
 standby 10 ip xxx
 standby 10 preempt
 standby 10 authentication xxx
 standby 10 name HSRP-Inside
 ip ospf authentication message-digest
 ip ospf message-digest-key 50 md5 xxx
 duplex auto
 speed auto
 auto qos voip trust

The statistics on the switchport of the 2960s shows dscp incoming packets from the router, but no dscp outgoing packets (with dscp 46).

sh mls qos int g1/0/48 stat
GigabitEthernet1/0/48 (All statistics are in packets)

  dscp: incoming
-------------------------------

  0 -  4 :    19789151            0            0            0            0
  5 -  9 :           0            0            0      1737841            0
 10 - 14 :           0            0            0            0            0
 15 - 19 :           0            0            0            0            0
 20 - 24 :           0            0            0            0      2008896
 25 - 29 :           0            0            0            0            0
 30 - 34 :           0            0        29219            0            0
 35 - 39 :           0            0            0            0            0
 40 - 44 :           0            0            0            0            0
 45 - 49 :           0      1486171            0      1089329            0
 50 - 54 :           0            0            0            0            0
 55 - 59 :           0            0            0            0            0
 60 - 64 :           0            0            0            0
  dscp: outgoing
-------------------------------

  0 -  4 :    22007526            0            0            0            0
  5 -  9 :           0            0            0            0            0
 10 - 14 :           0            0            0            0            0
 15 - 19 :           0            0            0            0            0
 20 - 24 :           0            0            0            0            0
 25 - 29 :           0            0            0            0            0
 30 - 34 :           0            0            0            0            0
 35 - 39 :           0            0            0            0            0
 40 - 44 :           0            0            0            0            0
 45 - 49 :           0            0            0         4773            0
 50 - 54 :           0            0            0            0            0
 55 - 59 :           0            0            0            0            0
 60 - 64 :           0            0            0            0

But the phones connected to the same switch will show both dscp incoming and outgoing packets. So it seems like the marking is lost between the switchports of the Switch. It's confusing.
 

0 Helpful
Customers Also Viewed These Support Documents