Hello and good afternoon,
A couple of thoughts / comments. Can you paste your configs? So many
different ways to accomplish a task ...it might be helpful to see whatcha
got running.
It does support voice vlans ... are the phones running on the voice vlans?
Here is a config guide, the latest release is much much better:
http://www.cisco.com/en/US/docs/switches/lan/catalyst2960/software/release/12.2_37_se/configuration/guide/swqos.html#wp1231446
A couple of general thoughts and comments.
1) For real world deployments, use the smartport macros when and wherever
you can. These are sweet, and better than worrying about auto qos.
2) do not enable auto qos with the trust options, unless the port is
connected to another device that has already performed the marking /
remarking for you. This command assumes that the marking and classification
has already been done by a trusted neighbor.
- In general, wireless APs should not be trusted. It sounds as though you
are simply trusting DSCP and COS, is this correct? If so, this is a
problem.
If you are running Voice over WLAN, then voice should have it's own VLAN,
and so the CoS values can be trusted. This adds some complexity though!
Example config when running voice over wlan, and this assumes only 2 vlans
present on the wireless network:
auto qos voip trust
mls qos trust cos
3) use the cisco-phone option w/ auto qos if you have a hard phone or
cisco-softphone if a softphone. The softphone option creates some policy
maps and all.
I do not understand your question about the CIR versus AR. Are you
connecting to a lower speed link / network?
You can check the configs with the show auto qos command and show mls
commands.
To check the jitter you need some additional monitoring tools. You can also
check the IP phone and it will give you network stats and call statistics.
This is sometimes helpful when tshooting.
4) for anyone wanting to learn QoS at a bare minimum level, i would suggest
playing with the smartports ... you will see best practices for security and
QoS, associated configs, etc...
Do please respond as I do not think I fully grasp what you have running /
encountering.
HTH,
Andrew Lee Lissitz
.
On Tue, Jan 12, 2010 at 1:54 PM, Rob Clav <robclav_at_gmail.com> wrote:
> Hi Guys,
>
> I have an escenario where auto-qos is enabled. The customer has three
> vlans;
> One vlan for voice, one vlan for data and other vlan for wifi.
> The problem cames when a virus becomes active and start flooding the
> network, in order to use as much bandwith as possible. Then Auto-Qos
> should
> protect and priorize critical traffic, and it doesn't. Checking
> configuration I review that traffic is marked in origin, by cisco IP
> phones,
> and the access port is configured to trust DSCP and COS. So at this point
> we
> are sure something is not working when It should.
>
> So a couple of unconfigurations than can cause the problem:
> -the layer 2 config vlan for voice, has not being identified as "voice"
> when
> was created, it seems than C2960 with lan base doesn't support this
> command.
>
> -The connection has a CIR of 10Mb but the interface connection speed
> is 100Mb (AR), so it should be a problem when auto-qos is in place? I will
> fix it using "srr-queue bandwidth limit 10" under the interface config
> mode,
> is the better way? Can I use auto-qos and also modify some parameters?
>
> How to check it?
> -How can I check if some action has been taken in the past? I wish to check
> if the last hour the switch has priorized voice over the link.
> -By the other hand, how can I check without IP SLA command, because there's
> not possible at Catalyst, if the customer lose connectivity and also if
> there is jitter problem involved?
>
> Thank you,
> Robclav
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
>
>
>
>
>
>
-- Andrew Lee Lissitz all.from.nj_at_gmail.com Blogs and organic groups at http://www.ccie.netReceived on Tue Jan 12 2010 - 15:13:36 ART
This archive was generated by hypermail 2.2.0 : Thu Feb 04 2010 - 20:28:41 ART