Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
710
Views
0
Helpful
2
Replies

VoIP configure on edge switch 3750

Go to solution
julxu
Level 1
Level 1

‎07-13-2009 03:32 AM - edited ‎03-17-2019 09:47 PM

Greeting

I am testing no cisco phone on 3750:

interface FastEthernet1/0/6

description testing

switchport access vlan 100

switchport mode access

switchport voice vlan 101

switchport port-security maximum 2

switchport port-security

switchport port-security aging time 2

switchport port-security violation restrict

switchport port-security aging type inactivity

srr-queue bandwidth share 10 10 60 20

srr-queue bandwidth shape 10 0 0 0

priority-queue out

mls qos trust dscp

auto qos voip cisco-phone

macro description cisco-phone

spanning-tree portfast

spanning-tree bpduguard enable

service-policy input AutoQoS-Police-CiscoPhone

end

and found that "switchport port-security"

will drop the phone's dhcp discovery packets.

When phone first time power on, it can get ip address from dhcp server; but, when you log out from current phone number, and the phone start to get ip address from dhcp again, the switch will drop the dhcp discover packets which the phone used to communicate with dhcp server.

I tried to increase max number to 6 (switchport port-security maximum 2) but it is not useful.

I did show port-security int command, and there is only one mac address on the interface.

I have also checked the mac address, and I can not see any violated to the security rules.

Could any one advice me:

- what the cause ?

- how can I debug it?

- if possible to fix it without disable the port security?

Any comments will be appreciated

thanks in advance

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
douhanm
Level 1
Level 1

‎07-18-2009 10:54 AM

Start with cleaning the config a bit, basically for QoS all you need is the mls qos trust DSCP and nothing else, as for port security it would be adviced to have the max no to 3 to avoid issues.

yes it is possible to fix without disabling port security but start with cleaning your config from srr queue adjustments, auto qos can be removed it is so buggy still. then let us know how it looks like.

View solution in original post

0 Helpful
2 Replies 2

Go to solution
douhanm
Level 1
Level 1

‎07-18-2009 10:54 AM

Start with cleaning the config a bit, basically for QoS all you need is the mls qos trust DSCP and nothing else, as for port security it would be adviced to have the max no to 3 to avoid issues.

yes it is possible to fix without disabling port security but start with cleaning your config from srr queue adjustments, auto qos can be removed it is so buggy still. then let us know how it looks like.

0 Helpful

Go to solution
julxu
Level 1
Level 1
In response to douhanm

‎07-28-2009 05:57 PM

Great thanks for the reply, I have found the problem. the problem is the "switchport port-security aging time" has to be lower than 2. I have set it to 1 min.

Another question, we have been asked to set qos trust dscp, as:

mls qos trust dscp

can I get advice, if it will cause the workstation (PC/server) which plug into this port to get high priority treatment?

Please advice.

Many Regards

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents