From: Donny MATEO (donny.mateo@sg.ca-indosuez.com)
Date: Thu Feb 27 2003 - 12:45:31 GMT-3
I though I would try to contribute what little I know of the subject to the community.
The only way that a frame will contain a "COS" value is if the frame is of encapsulated either with dot1q or ISL. There is no way an untag frame with carry COS value => 3550 QOS configuration Guide. and I quote :
Layer 2 Inter-Switch Link (ISL) frame headers have a 1-byte User field that carries an IEEE 802.1P class of service (CoS) value in the three least-significant bits. On interfaces configured as Layer 2 ISL trunks, all traffic is in ISL frames.
Layer 2 802.1Q frame headers have a 2-byte Tag Control Information field that carries the CoS value in the three most-significant bits, which are called the User Priority bits. On interfaces configured as Layer 2 802.1Q trunks, all traffic is in 802.1Q
frames except for traffic in the native VLAN.
Other frame types cannot carry Layer 2 CoS values.
Now and IP phone will tag frame that it origin and assign the ip precedence into the TOS bit of the packet encapsulation (ISL / dot1Q).
< end of quote>
So if the frame is tagged, the switch at the receiving end will remove the tag before putting the frame into the appropriate vlan => this is the behaviour of an interface configured as trunk. if the switch received a tagged frame on an access switch,
what would happen. I believe it would be considered to be a corrupt packet and would be drop. This would explain the reason why you must configure trunk on 3550 voice vlan, at least by my narrow understanding, so somebody please correct me if I'm wrong.
Now, on the reason why you need to change the COS. Simple, cause you don't trust them. By default you can set the port on the switch to trust the COS value on frame arriving on that interface (tagged frame only), all the other frame would be assigned an
COS value of 0 => best effort (or you can also simply choose to overwrite all the COS and assigned your own...... (msl qos cos x, mls qos cos override).
Sometimes you might have a naughty users who wants to take advantage of this and configure the device behind the ip phone to send tagged frame with COS value on it. For this kind of user you might want to override the COS of the packet to the appropriate
value. (switchport priority extend cos <0-7>) or you can also set the trusted device on the interface by (mls qos trusted device cisco-phone => if I remember correctly you need to enable cdp for this).
don't forget enable QOS globally by using msl qos global configuration command or all those effort will to into waste and not to mention your points...............
Donny
"West, Jeff"
<westj@telecomsys To: "ccie_studying" <ccie_studying@hotmail.com>, "kym blair"
.com> <kymblair@hotmail.com>, <bobby1@ctimail3.com>, <ccielab@groupstudy.com>
Sent by: cc:
nobody@groupstudy Subject: RE: Voice Vlan
.com
27-02-2003 20:04
Please respond to
"West, Jeff"
Why do you need to change the COS that is coming from the IP Phone, I
thought the phone set its data to IP precedence 4 & 5 (control and
data) and the pc behind it to 0 automatically?
Jeff West
TeleCommunication Systems, Inc.
westj@telecomsys.com
www.telecomsys.com
-----Original Message-----
From: ccie_studying [mailto:ccie_studying@hotmail.com]
Sent: Wednesday, February 26, 2003 10:43 PM
To: kym blair; bobby1@ctimail3.com; ccielab@groupstudy.com
Subject: Re: Voice Vlan
Will it work as access port? I saw this type of configuration
somewhere. And 3550 also accept access port configuration with voice
vlan.
Thanks!
----- Original Message -----
From: "kym blair" <kymblair@hotmail.com>
To: <bobby1@ctimail3.com>; <ccielab@groupstudy.com>
Sent: Tuesday, February 25, 2003 5:37 AM
Subject: Re: Voice Vlan
> Bobby,
>
> You should trunk the port with DOT1Q. You'll need to configure a
> "voice
> vlan":
>
>
http://www.cisco.com/univercd/cc/td/doc/product/lan/c3550/12112cea/355
0scg/s
wvoip.htm
>
> Also learn how to change the priority (COS) of inbound packets on
both
> the voice vlan (from IP Phone) and the data vlan (from PC cascaded
> behind the
IP
> Phone).
>
> HTH, Kym
>
>
>
>
>
>
>
>
> >From: "Bobby" <bobby1@ctimail3.com>
> >Reply-To: "Bobby" <bobby1@ctimail3.com>
> >To: <ccielab@groupstudy.com>
> >Subject: Voice Vlan
> >Date: Tue, 25 Feb 2003 08:13:09 +0800
> >
> >Hi Friends,
> >
> >On Cat 3550 if a port (Configured for voice vlan) is carrying both
> >voice and data
> >It should not be a access port. It should be a trunk. Agree ?
> >
> >Now which encapuslation to use. ISL of DOT1q really confused.
> >
> >Thanks
>
>
> _________________________________________________________________
> MSN 8 with e-mail virus protection service: 2 months FREE*
> http://join.msn.com/?page=features/virus
This message is for information purposes only and its content
should not be construed as an offer, or solicitation of an offer,
to buy or sell any banking or financial instruments or services
and no representation or warranty is given in respect of its
accuracy, completeness or fairness. The material is subject
to change without notice. You should take your own independent
tax, legal and other professional advice in respect of the content
of this message. This message may contain confidential or
legally privileged material and may not be copied, redistributed
or published (in whole or in part) without our prior written consent.
This email may have been intercepted, partially destroyed,
arrive late, incomplete or contain viruses and no liability is
accepted by any member of the Credit Agricole Indosuez group
as a result. If you are not the intended recipient of this message,
please immediately notify the sender and delete this message
from your computer.
This archive was generated by hypermail 2.1.4 : Sat Mar 01 2003 - 11:06:38 GMT-3