Not negligent if all interfaces are trusted correctly.
However if it is "turned on" and the interfaces and trunks for example do
not trust the traffic...
THE DEFAULT behavior of the switch it to re-write your EF traffic (your
example) to 0.
Is that still going to be treated with any priority?
DSCP 46 = Priority.
0 = Class Default
If the command is used properly it is AWESOME.
If it is just turned on... (I've seen this happen).... it is a killer aka
NEGLIGENT.
Is that a better way to put it.
I say negligent since the person turning it on should have researched the
command and have a thorough understanding of the dfault behavior versus
everything that should be done to treat traffic as it is desired to be
treated.
Most of us don't want all traffic treated the same, do we?
On Sun, Jul 26, 2009 at 9:11 PM, Evan Weston <evan_weston_at_hotmail.com>wrote:
> Yes exactly. It means my customers can�t mark all their web browsing
> traffic as DSCP EF and get put in priority queues with whatever voice stuff
> I may have. Good command to have on by default IMO. Still not seeing the
> negligent.
>
>
>
> *From:* Darby Weaver [mailto:ccie.weaver_at_gmail.com]
> *Sent:* Monday, 27 July 2009 11:09 AM
> *To:* Evan Weston
> *Cc:* CCIE Groupstudy
> *Subject:* Re: mls Qos
>
>
>
> I think the part being missed is if you enable mls qos and nothing else...
>
>
>
> All packets that enter the switch are re-written to null aka NO QOS
> Value... AT ALL.
>
>
>
> If one does not ALSO trust ports, this is likely not the desired behavior
> that most of think we are buying when we invoke the command.
>
>
>
> So...
>
>
>
> conf t
>
> mls qos
>
> exit
>
>
>
> By itself - it is inherently counter-productive and does opposite of what
> most people might expect it to do. The switch now speaks mls qos BUT...
>
>
>
> DOES NOT TRUST ANY PORTS.
>
>
>
> Until those ports are explicitly confgiured to be trusted.
>
>
>
> See what I mean by "negligent".
>
>
>
> Basically turning on mls qos on a switch and doing nothing else -
> EFFECTIVELY means that all traffic now entering OR traversing the switch in
> question.... has its dscp/cos marking re-written to 0 and now are assigned
> to class default.
>
>
>
> Is that what most of us want to do when we enable the command?
>
>
>
> Probably not if we have those things.... what are they called... like IP
> Phones.... some of us have those and as a result...
>
>
>
> Just turning on mls qos - probably did not solve our problem...
>
>
>
>
>
> One of my team-mates went to a QoS class and returned with one main theme -
> "TRUST" the interfaces, "TRUST" the trunks, etc.
>
>
>
> That's not a bad thing to remember...
>
>
>
> Next question is what exactly do you want to trust? rewrite, etc.
>
>
>
>
>
>
>
> On Sun, Jul 26, 2009 at 8:57 PM, Evan Weston <evan_weston_at_hotmail.com>
> wrote:
>
> How is it negligent? In a prod network I would have thought it better to
> not
> trust anything by default at the edge. Just a thought.
>
>
>
> -----Original Message-----
> From: nobody_at_groupstudy.com [mailto:nobody_at_groupstudy.com] On Behalf Of
> Darby Weaver
> Sent: Monday, 27 July 2009 10:47 AM
> To: Keegan.Holley_at_sungard.com
> Cc: CCIE Groupstudy; kaniyath minha
>
> Subject: Re: mls Qos
>
> True enough.
>
> However to simply turn mls qos on by itself without being aware of what it
> does and what it does not do is probably negligent at best.
>
>
>
>
> On Sun, Jul 26, 2009 at 7:56 PM, <Keegan.Holley_at_sungard.com> wrote:
>
> > Off the top of my head I think it's needed when ever QOS is being applied
> > to switched traffic and not routed traffic or routed traffic during the
> > switching operation. uch as being applied to a vlan or a layer-2 switch
> > port. Examples of when it's not needed are policy maps (depending on
> > their contents) added to vlan interfaces or layer-3 ports.
> >
> >
> > Blogs and organic groups at http://www.ccie.net
> >
> > _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
Received on Sun Jul 26 2009 - 21:16:50 ART