Re: mls Qos

I stand corrected..

Re: mls Qos

Dale Shaw
to:
Evan Weston
07/26/09 09:13 PM

Sent by:
nobody_at_groupstudy.com
Cc:
Darby Weaver, CCIE Groupstudy
Please respond to Dale Shaw

Rightly or wrongly, I know lots of production networks where turning
this on would break stuff severely.

Consider this common scenario:

- IPTel/VoIP is deployed in a distributed network
- QoS is enabled only on the WAN routers (not in the LANs), where
interface congestion is a real problem
- WAN routers 'trust' packets marked by IP phone endpoints -- i.e.
marking is done by the phone

Yes, QoS should be enabled end-to-end, but it's often not. Switching
on 'mls qos' on the LAN switches without also applying the appropriate
trust configuration would wreak havoc. Suddently, voice traffic would
be fighting it out with YouTube.

So, *cue twilight zone theme music and raise left eyebrow David
Copperfield style*, I agree with Darby.

cheers,
Dale

On Mon, Jul 27, 2009 at 10:57 AM, Evan Weston<evan_weston_at_hotmail.com>
wrote:
> How is it negligent? In a prod network I would have thought it better to
not
> trust anything by default at the edge. Just a thought.
>
>
> -----Original Message-----
> From: nobody_at_groupstudy.com [mailto:nobody_at_groupstudy.com] On Behalf Of
> Darby Weaver
> Sent: Monday, 27 July 2009 10:47 AM
> To: Keegan.Holley_at_sungard.com
> Cc: CCIE Groupstudy; kaniyath minha
> Subject: Re: mls Qos
>
> True enough.
>
> However to simply turn mls qos on by itself without being aware of what
it
> does and what it does not do is probably negligent at best.

Blogs and organic groups at http://www.ccie.net
Received on Sun Jul 26 2009 - 21:22:26 ART