How can we mark frames coming from a PC on a switch port when it is daisy chained via an IP phone? Lets go through traffic prioritisation at using CoS markings for two different VLANs. Why two? Well when we configure the port on the switch which the IP Phone will be plugged into we setup a DATA vlan and a VOICE vlan. These 'psuedo trunk' links go up to the phone and then the phone has a PC port on the back which you plug the PC into.

Now sometimes a PC can send data with a CoS value in the ethernet header...do we want to trust this traffic? What ifg in your network you've setup the QoS policy to expedite voice traffic across the network. If you are a data dude you could easily make your data frames look like voice frames to the QoS policy and end up having the best data access or worst case swamping your network with data and destroying the voice quality because you filled the QoS queues!

First things first - lets allow the catalyst switch to understand QoS. To do this we need to issue the following:

C3750(config)#mls qos


Now by default voice frames sent by the IP Phone are marked with a layer 3 marking of DSCP 46 in the IP header. The phone also send ethernet frames with a COS (Class of Service) value of CS5. Also by default the IP Phone will translate the frames coming from any device connected to the PC port as COS 0.

Now - lets configure the switch port so that it will allow the phone to register in a voice vlan and the PC which is connected to the switchport at the back of the IP Phone into the data vlan. For the demonstration I have created two vlans 10 and 20 where 10 is the data vlan and 20 is the voice vlan.

First lets configure the switchport for access (rather than dynamic or trunk)

C3750(config-if)#switchport mode access

Now lets setup the DATA vlan

C3750(config-if)# switchport access vlan 10

Finally setup the voice vlan. See the options available?

C3750(config-if)#switchport voice vlan ?
  <1-4094>  Vlan for voice traffic
  dot1p     Priority tagged on PVID
  none      Don't tell telephone about voice vlan
  untagged  Untagged on PVID

C3750(config-if)# switchport voice vlan 20

OK so on the switch we now need to get it to trust the frame markings from the phones. After all - thats the point right? We want to make sure the CS5 traffic is kept as high proiority across the network).

Under the switchport interface we need to look at the qos trust command:

C3750(config-if)#mls qos trust ?
  cos            cos keyword
  device         trusted device class
  dscp           dscp keyword
  ip-precedence  ip-precedence keyword

We will issue the tust cos command to make sure we are not stamping all over the IP phone CoS values:

C3750(config-if)#mls qos trust cos

But this command makes the switch trust ANY CoS values it sees on the port. What if we only trusted the CoS values sent my our Cisco phones? To do that we can issue the command:

C3750(config-if)#mls qos trust device cisco-phone

So finally what if we want to trust the CoS values from the PC? Remember we said PC CoS by default will be changed to 0 by the IP Phone? Maybe the port is a directors phone and you want to keep your job? So lets mark these frames higher to match them later and expedite them out. We can change the behaviour using the override statement where we push control of the CoS beyond the phone:

C3750(config-if)#switchport priority extend cos ?
  <0-7>  Priority for devices on appliance

Note that we can choose CoS from 0-7 where 0 is worst and 7 is highest? Well it's not good practice to use 6 or 7 because those are reserved for operational traffic for the network device...use at your peril...best practice says DO NOT USE. So we'll set the PC port traffic to CoS 3

C3750(config-if)#switchport priority extend cos 3

Right so now we've got the frames coming in marked by the phone how do we influence the switch to move them through faster? Thats for the next time where we talk about wrr and srr queues.

Thanks for reading
© 2011 defaultrouteuk.com

Cisco, IOS, CCNA, CCNP, CCIE are trademarks of Cisco Systems Inc.
JunOS, JNCIA, JNCIP, JNCIE are registered trademark of Juniper Networks Inc.