Solved

diffserv questions

Posted on 2010-11-15
2
406 Views
Last Modified: 2012-05-10
I'm trying to understand diffserv a bit more

Is it true, that when marked traffic (say dscp ef) hits a switch inbound, the switch strips the marking if "trust dscp" is not enabled on the switchport?

Should you do your tagging on your edge devices (routers) and then trust dscp in your switch? Our routers have a service policy out on the outside interface and inbound on the inside interface

thanks
0
Comment
Question by:orus
2 Comments
 
LVL 21

Assisted Solution

by:from_exp
from_exp earned 100 total points
ID: 34142918
hi!
QoS is required by VoIP solutions to provide reasonable level of voice/video quality.
VoIP packets, leaving VoIP devices like ip-phones, PCs with softphones (btw, for windows you have to switch on QoS marking in registry) etc, are marked with appropriate diffserv values.
Modern QoS capable switches have a predefined set of diffserv settings, so when the switch trust dscp markings, it can handle traffic according to defined policies.
However not always VoIP device QoS markings correspond with switch markings, in this case you have to redefine qos policies on the switch instead of trusting incoming traffic.

As a general practice you can really trust dscp for ip-phones and voip pbxes, however you should be cautious with softphones, due malicious programs being able to set better priority for non voip traffic.
0
 
LVL 9

Accepted Solution

by:
Alex Bahar earned 400 total points
ID: 34145058
>>Is it true, that when marked traffic (say dscp ef) hits a switch inbound, the switch strips the marking if "trust dscp" is not enabled on the switchport?

"trust dscp" or "trust cos" refers to whether the switch should QUEUE the packets/frames by inspecting the IP DSCP value or the ETHERNET COS value. Please note that a layer 2 switch should normally trust COS, and a router should trust DSCP. Also note that ETHERNET COS value has to be mapped to a DSCP value when crossing the routing boundary, mainly because Ethernet is a layer 2 technology, and WAN links like frame relay, ATM, DSL, etc does not have COS bits in the protocol header. Please read Cisco documentation about COS-DSCP mappings.

>>Should you do your tagging on your edge devices (routers) and then trust dscp in your switch? Our routers have a service policy out on the outside interface and inbound on the inside interface

Tagging should be performed at the endpoint. In other words,  the ip phone, video endpoint, voice gateway, IPPBX, etc should mark the packets/frames properly. Network infrastructure should (ideally) just inspect and queue the traffic based on (trusted) markings as sent by the voip endpoints. General practice is to un-trust the PC VLAN, and trust the voip device markings. If your voip devices cannot provide QoS markings, or the markings are not complying with the rest of your network, then you may want to remark them at the switch interface. Or, if your service provider is expecting different markings, then you may need to remark your DSCP/TOS at your edge router to be compatible.
0

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

Suggested Solutions

Tired of waiting for your show or movie to load?  Are buffering issues a constant problem with your internet connection?  Check this article out to see if these simple adjustments are the solution for you.
Skype is a P2P (Peer to Peer) instant messaging and VOIP (Voice over IP) service – as well as a whole lot more.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now