hit counter script

Configuring A Trusted Boundary To Ensure Port Security - Cisco IE-3000-8TC Software Configuration Manual

Software configuration guide
Hide thumbs Also See for IE-3000-8TC:
Table of Contents

Advertisement

Chapter 36
Configuring QoS
Command
Step 3
mls qos cos {default-cos | override}
Step 4
end
Step 5
show mls qos interface
Step 6
copy running-config startup-config
To return to the default setting, use the no mls qos cos {default-cos | override} interface configuration
command.

Configuring a Trusted Boundary to Ensure Port Security

In a typical network, you connect a Cisco IP Phone to a switch port, as shown in
page
Phone guarantees the voice quality through a shared data link by marking the CoS level of the voice
packets as high priority (CoS = 5) and by marking the data packets as low priority (CoS = 0). Traffic sent
from the telephone to the switch is typically marked with a tag that uses the IEEE 802.1Q header. The
header contains the VLAN information and the class of service (CoS) 3-bit field, which is the priority
of the packet.
For most Cisco IP Phone configurations, the traffic sent from the telephone to the switch should be
trusted to ensure that voice traffic is properly prioritized over other types of traffic in the network. By
using the mls qos trust cos interface configuration command, you configure the switch port to which
the telephone is connected to trust the CoS labels of all traffic received on that port. Use the mls qos
trust dscp interface configuration command to configure a routed port to which the telephone is
connected to trust the DSCP labels of all traffic received on that port.
With the trusted setting, you also can use the trusted boundary feature to prevent misuse of a
high-priority queue if a user bypasses the telephone and connects the PC directly to the switch. Without
trusted boundary, the CoS labels generated by the PC are trusted by the switch (because of the trusted
CoS setting). By contrast, trusted boundary uses CDP to detect the presence of a Cisco IP Phone (such
as the Cisco IP Phone 7910, 7935, 7940, and 7960) on a switch port. If the telephone is not detected, the
OL-13018-03
Purpose
Configure the default CoS value for the port.
Return to privileged EXEC mode.
Verify your entries.
(Optional) Save your entries in the configuration file.
36-33, and cascade devices that generate data packets from the back of the telephone. The Cisco IP
For default-cos, specify a default CoS value to be assigned to a port. If
the packet is untagged, the default CoS value becomes the packet CoS
value. The CoS range is 0 to 7. The default is 0.
Use the override keyword to override the previously configured trust
state of the incoming packet and to apply the default port CoS value to
the port on all incoming packets. By default, CoS override is disabled.
Use the override keyword when all incoming packets on specified
ports deserve higher or lower priority than packets entering from other
ports. Even if a port was previously set to trust DSCP, CoS, or IP
precedence, this command overrides the previously configured trust
state, and all the incoming CoS values are assigned the default CoS
value configured with this command. If an incoming packet is tagged,
the CoS value of the packet is modified with the default CoS of the port
at the ingress port.
Cisco IE 3000 Switch Software Configuration Guide
Configuring Standard QoS
Figure 36-11 on
36-35

Hide quick links:

Advertisement

Table of Contents
loading

This manual is also suitable for:

Ie 3000

Table of Contents