How can we mark frames coming from a PC on a switch port when it is daisy chained via an IP phone? Lets go through traffic prioritisation at using CoS markings for two different VLANs. Why two? Well when we configure the port on the switch which the IP Phone will be plugged into we setup a DATA vlan and a VOICE vlan. These 'psuedo trunk' links go up to the phone and then the phone has a PC port on the back which you plug the PC into.
Now sometimes a PC can send data with a CoS value in the ethernet header...do we want to trust this traffic? What ifg in your network you've setup the QoS policy to expedite voice traffic across the network. If you are a data dude you could easily make your data frames look like voice frames to the QoS policy and end up having the best data access or worst case swamping your network with data and destroying the voice quality because you filled the QoS queues!
First things first - lets allow the catalyst switch to understand QoS. To do this we need to issue the following:
Now by default voice frames sent by the IP Phone are marked with a layer 3 marking of DSCP 46 in the IP header. The phone also send ethernet frames with a COS (Class of Service) value of CS5. Also by default the IP Phone will translate the frames coming from any device connected to the PC port as COS 0.
Now - lets configure the switch port so that it will allow the phone to register in a voice vlan and the PC which is connected to the switchport at the back of the IP Phone into the data vlan. For the demonstration I have created two vlans 10 and 20 where 10 is the data vlan and 20 is the voice vlan.
First lets configure the switchport for access (rather than dynamic or trunk)
C3750(config-if)#switchport mode access
Now lets setup the DATA vlan
C3750(config-if)# switchport access vlan 10
Finally setup the voice vlan. See the options available?
C3750(config-if)#switchport voice vlan ?
<1-4094> Vlan for voice traffic
dot1p Priority tagged on PVID
none Don't tell telephone about voice vlan
untagged Untagged on PVID
C3750(config-if)# switchport voice vlan 20
OK so on the switch we now need to get it to trust the frame markings from the phones. After all - thats the point right? We want to make sure the CS5 traffic is kept as high proiority across the network).
Under the switchport interface we need to look at the qos trust command:
C3750(config-if)#mls qos trust ?
cos cos keyword
device trusted device class
dscp dscp keyword
ip-precedence ip-precedence keyword
We will issue the tust cos command to make sure we are not stamping all over the IP phone CoS values:
C3750(config-if)#mls qos trust cos
But this command makes the switch trust ANY CoS values it sees on the port. What if we only trusted the CoS values sent my our Cisco phones? To do that we can issue the command:
C3750(config-if)#mls qos trust device cisco-phone
So finally what if we want to trust the CoS values from the PC? Remember we said PC CoS by default will be changed to 0 by the IP Phone? Maybe the port is a directors phone and you want to keep your job? So lets mark these frames higher to match them later and expedite them out. We can change the behaviour using the override statement where we push control of the CoS beyond the phone:
C3750(config-if)#switchport priority extend cos ?
<0-7> Priority for devices on appliance
Note that we can choose CoS from 0-7 where 0 is worst and 7 is highest? Well it's not good practice to use 6 or 7 because those are reserved for operational traffic for the network device...use at your peril...best practice says DO NOT USE. So we'll set the PC port traffic to CoS 3
C3750(config-if)#switchport priority extend cos 3
Right so now we've got the frames coming in marked by the phone how do we influence the switch to move them through faster? Thats for the next time where we talk about wrr and srr queues.
Thanks for reading