LegacyPFC QoSUncategorized

Using Trusted Ports

Simon Birtles

A port can be set to trust on ingress for CoS, IPP, or DSCP.
‘mls qos trust cos’
‘mls qos trust ip-precedence’
‘mls qos trust dscp’

using ‘mls qos trust’ will default to trust dscp.

trust cos

If the port receives an ingress Ethernet frame 802.1, as this frame does not have any CoS bits the port applies the ingress port CoS value to the internal DSCP value. The ingress port CoS value is configured using ‘mls qos cos x’

If the port recieved an ingress 802.1q/p frame, the CoS bits in the 801.p bits are used to derive the internal DSCP value.

Both of these mapping use the cos-dscp map.

Deriving Internal DSCP Values from CoS

The internal DSCP values that are derived from a port CoS, IPP use the CoS-DSCP map which can be viewed by using:

'show mls qos maps'

   Cos-dscp map:
        cos:   0  1  2  3  4  5  6  7
       ----------------------------------
       dscp:   0  1  2  3  4  5  6  7

The map can be modified by using the global command ‘mls qos map cos-dscp’ which takes up to 8 DSCP values as arguments, each ones of these maps to a CoS value.

e.g mls qos map cos-dscp 8 16 22 32 35 45 46 47′

which will map DSCP value 8 to CoS 0, this means that a frame arriving or having CoS 0, will have an internal DSCP value of 8 assigned whilst being processed through the switch.

trust ip-precedence

If the port recieves a frame with a valid IP packet with TOS bits, the port will derive a internal DSCP value using a ip-prec-dscp map.

Deriving Internal DSCP Values from ip-precedence

The internal DSCP values that are derived from the IPP value use the ip-prec-dscp map, which can be viewed by using

'show mls qos maps'
 IpPrecedence-dscp map:

     ipprec:   0  1  2  3  4  5  6  7
    ----------------------------------
       dscp:   0  1  2  3  4  5  6  7

The map  can be modified by using the global command ‘mls qos map ip-prec-dscp’ which takes up to 8 DSCP values as arguments, each ones of these maps to a IPP value.

e.g mls qos map ip-prec-dscp 3 4 2 1 4 5 6 7

which will map IPP value 1 to DSCP 4, this means that a frame arriving with IPP value 1, will have an internal DSCP value of 4 assigned whilst being processed through the switch.

trust dscp

The ‘mls qos trust dscp’ enables the switch to used the DSCP value in a IP packet arriving on the switchport. The DSCP value is then mapped directly to the internal DSCP value. No map is required for this as it is a direct copy.

Simon Birtles

I have been in the IT sector for over 20 years with a primary focus on solutions around networking architecture & design in Data Center and WAN. I have held two CCIEs (#20221) for over 12 years with many retired certifications with Cisco and Microsoft. I have worked in demanding and critical sectors such as finance, insurance, health care and government providing solutions for architecture, design and problem analysis. I have been coding for as long as I can remember in C/C++ and Python (for most things nowadays). Locations that I work without additional paperwork (incl. post Brexit) are the UK and the EU including Germany, Netherlands, Spain and Belgium.