Hi Leo!

Thanks for the response. This does make sense to a point and actually clears up why different documentation appears to conflict with each other. So it makes sense that since we are operating L2 to L2 port to port, we will see CoS. In that case, with no layer 3 information on the switch(except a VLAN IP address) then you would use MLS QOS trust COS on the switch uplinks.

If an input policy map is applied on the interface to mark all traffic EF, then you would use MLS QOS trust DSCP, as the configuration on all uplink ports.

Am I thinking correctly on this?

Hi,

take a look at this doc:http://www.cisco.com/en/US/products/hw/switches/ps5023/products_tech_note09186a0080883f9e.shtml#cg211

Regards

Alain

Don't forget to rate helpful posts.

If an input policy map is applied on the interface to mark all traffic EF, then you would use MLS QOS trust DSCP, as the configuration on all uplink ports

No because in the case above you are explicitly setting the marking so you dont trust anything. When you enable trust on the port you are simply telling the switch which marking to use for QOS as the packet moves through the switch. Obviously the marking should be present in the packets arriving on the port.

If you use a policy map to set the markings you are in effect saying you do no trust any markings and setting your own.

Whether to use CoS or DSCP depends largely on which marking are present in the packets. If DSCP is present it is often better to use these as they are end to end ie. CoS is only present in tagged frames on a trunk so when it gets to a router, for example it needs to changed whereas if you trust DCSP there is no need to translate the marking.

Note also that some switches only support CoS in egress queueing but this does not necessarily mean you have to trust CoS on the ingress port. You can still trust DSCP and then the switch uses the relevant OQS map to determine the CoS value.

Jon

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

If you use a policy map to set the markings you are in effect saying you do no trust any markings and setting your own.

I just wanted to note some policy maps allow classes to match existing marking, i.e. you can selectively trust or not what you receive.

Also sometimes remarking isn't distrust, per se, but might be done for other reasons.  For example, perhaps to increase a DSCP xy drop probability for being over some committed bandwidth utilization.

Lastly, some policy maps, on some platforms, if they don't match a class, then seem to use the interface trust (or not) DSCP.