Solved

diffserv questions

Posted on 2010-11-15
2
417 Views
Last Modified: 2012-05-10
I'm trying to understand diffserv a bit more

Is it true, that when marked traffic (say dscp ef) hits a switch inbound, the switch strips the marking if "trust dscp" is not enabled on the switchport?

Should you do your tagging on your edge devices (routers) and then trust dscp in your switch? Our routers have a service policy out on the outside interface and inbound on the inside interface

thanks
0
Comment
Question by:orus
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 21

Assisted Solution

by:from_exp
from_exp earned 100 total points
ID: 34142918
hi!
QoS is required by VoIP solutions to provide reasonable level of voice/video quality.
VoIP packets, leaving VoIP devices like ip-phones, PCs with softphones (btw, for windows you have to switch on QoS marking in registry) etc, are marked with appropriate diffserv values.
Modern QoS capable switches have a predefined set of diffserv settings, so when the switch trust dscp markings, it can handle traffic according to defined policies.
However not always VoIP device QoS markings correspond with switch markings, in this case you have to redefine qos policies on the switch instead of trusting incoming traffic.

As a general practice you can really trust dscp for ip-phones and voip pbxes, however you should be cautious with softphones, due malicious programs being able to set better priority for non voip traffic.
0
 
LVL 9

Accepted Solution

by:
Alex Bahar earned 400 total points
ID: 34145058
>>Is it true, that when marked traffic (say dscp ef) hits a switch inbound, the switch strips the marking if "trust dscp" is not enabled on the switchport?

"trust dscp" or "trust cos" refers to whether the switch should QUEUE the packets/frames by inspecting the IP DSCP value or the ETHERNET COS value. Please note that a layer 2 switch should normally trust COS, and a router should trust DSCP. Also note that ETHERNET COS value has to be mapped to a DSCP value when crossing the routing boundary, mainly because Ethernet is a layer 2 technology, and WAN links like frame relay, ATM, DSL, etc does not have COS bits in the protocol header. Please read Cisco documentation about COS-DSCP mappings.

>>Should you do your tagging on your edge devices (routers) and then trust dscp in your switch? Our routers have a service policy out on the outside interface and inbound on the inside interface

Tagging should be performed at the endpoint. In other words,  the ip phone, video endpoint, voice gateway, IPPBX, etc should mark the packets/frames properly. Network infrastructure should (ideally) just inspect and queue the traffic based on (trusted) markings as sent by the voip endpoints. General practice is to un-trust the PC VLAN, and trust the voip device markings. If your voip devices cannot provide QoS markings, or the markings are not complying with the rest of your network, then you may want to remark them at the switch interface. Or, if your service provider is expecting different markings, then you may need to remark your DSCP/TOS at your edge router to be compatible.
0

Featured Post

On Demand Webinar: Networking for the Cloud Era

Did you know SD-WANs can improve network connectivity? Check out this webinar to learn how an SD-WAN simplified, one-click tool can help you migrate and manage data in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
Skype is a P2P (Peer to Peer) instant messaging and VOIP (Voice over IP) service – as well as a whole lot more.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question