Re: QOS Trust Boundry

From: Carlos G Mendioroz (tron@huapi.ba.ar)
Date: Thu Jan 08 2009 - 19:40:36 ARST

• Next message: jockey wearer: "CCIE ID Association hitches!!!!!!!!!!!!!"
• Previous message: Tyson Scott: "RE: QOS Trust Boundry"
• Maybe in reply to: Rookie Ccie: "QOS Trust Boundry"
• Next in thread: Pavel Bykov: "Re: QOS Trust Boundry"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Wouldn't you need "mls qos trust extend" too ?
Or else, the phone will remark PC's packets...

-Carlos

Tyson Scott @ 8/01/2009 18:40 -0200 dixit:
> Rookie,
>
> Based on your question I would state the policy map will not match dscp
> packets from the PC except dscp 0 or cos 0 ;).
>
> Here is the output for what you have stated
>
> SW4#show mls qos interface f0/3
> FastEthernet0/3
> trust state: not trusted
> trust mode: trust dscp
> trust enabled flag: dis
> COS override: dis
> default COS: 0
> DSCP Mutation Map: Default DSCP Mutation Map
> Trust device: cisco-phone
> qos mode: port-based
>
> As you can see the state of the port is untrusted. If you want to trust QoS
> marking from both the phone and PC just do "mls qos trust" on the interface.
>
> SW4(config-if)#mls qos trust
> SW4(config-if)#do sh mls qos int f0/3
> FastEthernet0/3
> trust state: trust dscp
> trust mode: trust dscp
> trust enabled flag: ena
> COS override: dis
> default COS: 0
> DSCP Mutation Map: Default DSCP Mutation Map
> Trust device: none
> qos mode: port-based
>
> SW4(config-if)#
>
> Regards,
>
> Tyson Scott - CCIE #13513 R&S and Security
> Technical Instructor - IPexpert, Inc.
>
> Telephone: +1.810.326.1444
> Cell: +1.248.504.7309
> Fax: +1.810.454.0130
> Mailto: tscott@ipexpert.com
>
> Join our free online support and peer group communities:
> http://www.IPexpert.com/communities
>
> IPexpert - The Global Leader in Self-Study, Classroom-Based, Video On Demand
> and Audio Certification Training Tools for the Cisco CCIE R&S Lab, CCIE
> Security Lab, CCIE Service Provider Lab , CCIE Voice Lab and CCIE Storage
> Lab Certifications.
>
>
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
> Rookie Ccie
> Sent: Thursday, January 08, 2009 3:31 PM
> To: ccielab@groupstudy.com
> Subject: QOS Trust Boundry
>
> Dear Experts,
>
> If I enable cat qos trust boundary feature on a 3560 using *mls qos trust
> device cisco-phone* command and enable an inbound policy map (to match
> specific PC traffic) on the same interface, what will be the behaviour ?
>
> Rgds
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
>
>
>
>
>
>

-- 
Carlos G Mendioroz  <tron@huapi.ba.ar>  LW7 EQI  Argentina
Blogs and organic groups at http://www.ccie.net

• Next message: jockey wearer: "CCIE ID Association hitches!!!!!!!!!!!!!"
• Previous message: Tyson Scott: "RE: QOS Trust Boundry"
• Maybe in reply to: Rookie Ccie: "QOS Trust Boundry"
• Next in thread: Pavel Bykov: "Re: QOS Trust Boundry"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sun Mar 01 2009 - 09:43:37 ARST