QoS Trust Boundary in the LAN Classify and Mark Where

Personal Computer Frames are typically unmarked (CoS=0) unless NIC is 802.1P- or 802.1Q-capable If marked, IP Phone can (and by default does) reclassify CoS but not DSCP

IP Phone Marks voice as Layer 2 CoS (default) or Layer 3 ToS or DSCP Reclassifies incoming PC data frames

Access Layer Based on switch capabilities Accept or remap here

Distribution Layer Example: Catalyst 6000

Marks traffic Accepts CoS/ToS Remaps CoS to ToS or DSCP

Cisco QoS model assumes that the CoS carried in a frame may or may not be trusted by the network device.

Classification should be done as close to the edge as possible.

End hosts like user PCs can mostly not be trusted to tag a packet priority correctly.

Classification should take place at the network edge, typically in the wiring closet or within video endpoints or IP Phones themselves.

The figure demonstrates this with an IP telephony example. Packets can be marked as important by using Layer 2 CoS settings in the user priority bits of the 802.1P portion of the 802.1P or 802.1Q fields, or the IP precedence and differentiated services code point (DSCP) bits in the type of service (ToS) or Differentiated Services (DiffServ) field in the IPv4 header. Cisco IP Phones can mark voice packets as high priority using CoS and DSCP. By default, the IP Phone sends 802.1P-tagged packets with the CoS set to a value of 5 and the DSCP set to Expedited Forwarding (46).

In a Cisco IP telephony environment, PCs are placed in a native VLAN, meaning that their Ethernet packets are untagged. This means that (properly formatted) Ethernet frames originating from a PC will not have an 802.1P field and thus no provision to set CoS values. Additionally, by default, DSCP values or packets originating from PCs are set to 0.

A special case exists when the networking stack in the PC has been modified to send packets with a CoS or DSCP value other than zero. Typically, this does not happen, but even if the PC sends tagged frames with a specific CoS value, Cisco IP Phones can zero out the CoS value before sending the frames to the switch. This is the default behavior. Voice frames coming from the IP Phone have a CoS of 5 and data frames coming from the PC have a CoS of 0. When the switch receives these frames, it can take into account these values for further processing based on its capabilities.

Some switches also use queues to buffer incoming frames before sending the frames to the switching engine. (It is important to remember that input queuing, such as output queuing, comes into play only when there is congestion.) The switch uses the CoS values to put the frames in appropriate queues. The switch can employ congestion management mechanisms, such as WRR or SRR, as well as congestion avoidance mechanisms, such as weighted random early detection (WRED), or weighted tail drop (WTD) on either input or output queues.

802.1Q trunking between the switch and IP Phone for multiple VLAN support (separation of voice and data traffic) is preferred.

The 802.1Q header contains the VLAN information and the CoS 3-bit field, which determines the priority of the packet.

802.1Q trunking between the switch and IP Phone for multiple VLAN support (separation of voice and data traffic) is preferred.

The 802.1Q header contains the VLAN information and the CoS 3-bit field, which determines the priority of the packet.

For most Cisco IP Phone configurations, traffic sent from the IP Phone to the switch is trusted to ensure that voice traffic is properly prioritized over other types of traffic in the network.

The trusted boundary feature uses CDP to detect an IP Phone and otherwise disables the trusted setting on the switch port to prevent misuse of a high-priority queue.

In a typical network, a Cisco IP Phone is connected to a switch port as shown in the figure. Traffic sent from the telephone to the switch is typically marked with a tag that uses the 802.1Q header. The header contains the VLAN information and the CoS three-bit field, which determines the priority of the packet. For most Cisco IP Phone configurations, the traffic sent from the telephone to the switch is trusted to ensure that voice traffic is properly prioritized over other types of traffic in the network. By using the mls qos trust device cisco-phone and the mls qos trust cos interface configuration commands, the switch port to which the telephone is connected can be configured to trust the CoS labels of all traffic received on that port.

Systems, Inc. All rights reserved

Was this article helpful?

0 0

Post a comment