Re: mls Qos from Darby Weaver on 2009-07-26 (Ccielab archives 07/2009)

From: Darby Weaver <ccie.weaver_at_gmail.com>
Date: Sun, 26 Jul 2009 22:58:03 -0400

Yep and even evenly matched port channels can react strangely and
err-disable so one might be cautious in both lab and production
environments.

On Sun, Jul 26, 2009 at 10:52 PM, Greg Wendel <gwendel_at_gmail.com> wrote:

> One other interesting issue is that turning on MLS QOS on a 650x/760x can
> cause port channels to drop if you are crossing modules that aren't
> identical. In a lab environment we had 1 member of the port channel in a
> ten gig etherchannel on a 4 port card and one on a 8 port card. turning on
> QOS disabled one of the members of the port channel due to the different QOS
> treatment of the ten gig modules. We saw this in our lab environment so
> there was no production impact.
> Hope this helps,
> Gregory Wendel
> CCIE #20179
>
>
> On Sun, Jul 26, 2009 at 10:13 PM, Ryan West <rwest_at_zyedge.com> wrote:
>
>> I think the horse has been properly beaten. It's already a long thread,
>> so if I'm repeating anything it won't be anything new :) The default
>> behavior is that QoS is disabled, so as Evan said all traffic from any port
>> can have any marking that it likes. This isn't the end of the world, but it
>> requires that your voice routers crack the packets further to properly mark
>> and then queue them, then you're looking at least three packet remarks to
>> classify voice bearer, signaling and then remarking default to ... default.
>>
>> As Darby pointed out a long time ago (and sort of swayed away from), there
>> is the SRND (I haven't read it a long time), but I'm pretty sure it says to
>> mark at the endpoints and setup proper trust boundaries. So, while in the
>> hands of the "wrong admin" someone might turn on QoS and then forget to
>> trust ports / trunks / uplinks, Cisco has taken measures to prevent this
>> with products like CNA and the basic built in web server. If CLI is scary,
>> people have options like global macros and smartports (aka interface
>> macros).
>>
>> Tracking down improper marking and trust boundaries should be completed
>> way before implementing voice. I think it would negligent to have some
>> setting up your QoS who doesn't have a clue.
>>
>> In short, I think you're right on Evan.
>>
>> -ryan
>>
>> -----Original Message-----
>> From: nobody_at_groupstudy.com [mailto:nobody_at_groupstudy.com] On Behalf Of
>> Evan Weston
>> Sent: Sunday, July 26, 2009 9:37 PM
>> To: 'Darby Weaver'; 'CCIE Groupstudy'
>> Subject: RE: mls Qos
>>
>> Basic CCNP principle here, I can't believe what Im reading.
>>
>> Set your trust boundary as close to the endpoints as possible. No mls qos
>> =
>> no trust boundary, you trust everything.
>>
>> Leaving mls qos turned off on an access switch because it will break
>> things
>> is just sloppy admin.
>>
>> -----Original Message-----
>> From: nobody_at_groupstudy.com [mailto:nobody_at_groupstudy.com] On Behalf Of
>> Darby Weaver
>> Sent: Monday, 27 July 2009 11:19 AM
>> To: CCIE Groupstudy
>> Subject: Re: mls Qos
>>
>> Again, let me refer you to the SRND by Cisco for further review of the
>> subject:
>>
>> http://www.cisco.com/univercd/cc/td/doc/solution/esm/qossrnd.pdf
>>
>> A lot of classes explain it, but not everyone makes it that class and if
>> they did let's face it QoS is a lot of material to cover in the the time
>> usually given to it.
>>
>> Now if you actually have to work on a topic like video conferencing and
>> video streaming there is a white paper I strongly recommend reading...
>>
>>
>>
>> http://www.cisco.com/en/US/solutions/collateral/ns340/ns394/ns158/ns280/net_
>> design_guidance09186a00800d67f6.pdf<http://www.cisco.com/en/US/solutions/collateral/ns340/ns394/ns158/ns280/net_%0Adesign_guidance09186a00800d67f6.pdf>
>>
>> http://www.cisco.com/en/US/docs/video/cuvc/design/guides/srnd/vidpref.html
>>
>>
>> Blogs and organic groups at http://www.ccie.net
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
>>
>>
>> Blogs and organic groups at http://www.ccie.net
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
>>
>>
>> Blogs and organic groups at http://www.ccie.net
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
>>
>>
>>
>>
>>
>>
>>
>>
>
>
> --
> Gregory Wendel
> Springfield VA, 22153

Blogs and organic groups at http://www.ccie.net
Received on Sun Jul 26 2009 - 22:58:03 ART

This archive was generated by hypermail 2.2.0 : Sat Aug 01 2009 - 13:10:23 ART