Solved: Hi Voice Experts, I have the

JohnTylerPearce · ‎02-18-2013

Hey guys,

Let's say I have the following setup.

Cisco VoIP Phone --SW1<===Dot1q===>SW2<===Dot1q===><SW3-SVI>

How does the actual marking go?

For instnace, by default, I know that the Cisco VoIP phone will mark traffic by DSCP 46. Would it be better to trust DSCP or CoS at the port connected to the VoIP Phone? That I haven't fully understood, what the best practice is.

I would think, there should be a DSCP to CoS 5 to convert the DSCP value to CoS, since it's going across a trunk as L2, and match is via CoS on SW2, and the same out, untill it gets to SW2, which I would assume SW2 would encapsulate it as a packet, since it goes to an SVI, and you would match it via DSCP value.

Please let me know if I'm completely wrong, or have some general idea of what's going on.

Antonio Knox · ‎02-21-2013

John,

Tell the switch to trust CoS markings from a Cisco IP phone on the access port. Cisco IP phones use 802.1q tags, these .1q tags contain the CoS value, to mark voice traffic at layer 2. When it's forwarded upstream, the DSCP value is trusted (on the uplink port) and unchanged, but the .1q tag (and with it the CoS value) is stripped off by the upstream switch when received over the trunk. DSCP is a Layer 3 marking, so it is not stripped off with the 802.1q tag (containing CoS information) when received by the upstream switch over the .1q trunk. The upstream switch views the DSCP marking and maps it to a new CoS value per its dscp-cos map, which it adds to the .1q tag it attaches to the frame as it forwards it upstream to the next switch over the .1q trunk, and the process is repeated until a layer 3 device is reached. There, the DSCP value will be used to prioritize traffic properly over the routed network.

Hope that helps.

View solution in original post

Terry Cheema · ‎02-20-2013

For instnace, by default, I know that the Cisco VoIP phone will mark  traffic by DSCP 46. Would it be better to trust DSCP or CoS at the port  connected to the VoIP Phone? That I haven't fully understood, what the  best practice is.

Cisco VoIP phones mark traffic at both layer 2 and layer 3. Best practise it to set a conditional trust, what that means is trust CoS only when CDP detects a Cisco VoIP Phone. This is best practise because it trusts 802.1p markings in the 802.1q frame coming from a Cisco VoIP phone only (CDP is used to detect). PC marks the traffic at layer 3, but we are not trusting the dscp markings, so there is no risk of any rogue element marking traffic incorrectly. All the PC traffic willbe marked as dscp 0 at switch and VoIP traffic's CoS markings will be trusted with this model of conditional trust.

To setup conditional trust:

mls qos trust device cisco-phone

mls qos trust cos

or you can do with Auto QoS using - auto qos voip trust - it will also enter above commands (in addition to other modifications)

Switch will trust CoS (only from a Cisco VoIP phone) - On Switch you will have CoS-To-Dscp map - converting these CoS values from Phone to dscp. You will configure youre trunk links to router/switches to trust dscp thus preserving these settings when passing from one device to another.

Dscp is trusted on the up links to routers/swithches - which enables the preserve of dscp values

To Summarize:

IP phone marks CoS - >SWI trusts CoS and converts to L3 dscp (using CoS-Dscp map) -> SW2 preserves dscp marking due to trust dscp on trunk ->Sw3 preserves dscp marking due to trust dscp on trunk

I hope this clears your confusion - If not please feel free to ask.

Terry

JohnTylerPearce · ‎02-21-2013

Thanks for the post, it was quite educational.

So from my understanding, the Cisco VoIP phone will mark the traffic CoS 5, with which the port connected to it on the switch, will trust (hence the mls qos trust cos command), and you will then have a CoS-to-DSCP map, that will convert CoS 5 to DSCP 46, and the trunks between switches will trust dscp, is generally a very basic way of looking at it?

Antonio Knox · ‎02-21-2013

John,

Tell the switch to trust CoS markings from a Cisco IP phone on the access port. Cisco IP phones use 802.1q tags, these .1q tags contain the CoS value, to mark voice traffic at layer 2. When it's forwarded upstream, the DSCP value is trusted (on the uplink port) and unchanged, but the .1q tag (and with it the CoS value) is stripped off by the upstream switch when received over the trunk. DSCP is a Layer 3 marking, so it is not stripped off with the 802.1q tag (containing CoS information) when received by the upstream switch over the .1q trunk. The upstream switch views the DSCP marking and maps it to a new CoS value per its dscp-cos map, which it adds to the .1q tag it attaches to the frame as it forwards it upstream to the next switch over the .1q trunk, and the process is repeated until a layer 3 device is reached. There, the DSCP value will be used to prioritize traffic properly over the routed network.

Hope that helps.

darin.marais · ‎08-07-2013

simply explained

Terry Cheema · ‎02-21-2013

John - Yes thats right.

Terry

Sent from Cisco Technical Support iPhone App

Jeremiah Lew Dalumpines · ‎03-26-2014

Hi Voice Experts,

I have the same problem with John...

Let's say I have also this kind of topology:

Assuming: Coreswitch has the Switch-Virtual-Interfaces per VLAN...

Cisco VoIP Phone -----(fa0/1)AccessSwitch(gi0/1)<===Dot1q===>(gi0/1)DistributionSwitch(gi0/2)<===Dot1q===>(gi0/1)<CoreSwitch(SVI)>

Kindly give me a sample configurations starting from AccessSwitch, DistributionSwitch and CoreSwitch??? I really need to understand this... =(

Kindly give me also the verification commands on per switch basis starting from Access-Layer to Core-Switch so that I can check if the voice markings are preserved...

Please guyz...

I have shown the interfaces so that I can see also the specific ports configurations depending on the switch location...

Cisco VoIP Phone traffic marking