Enterprise QoS Solution Reference Network Design Guide
Enterprise QoS Solution Reference Network Design Guide
Enterprise QoS Solution Reference Network Design Guide
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Catalyst 2970/3560/3750—<strong>QoS</strong> Considerations and <strong>Design</strong><br />
2-54<br />
<strong>Enterprise</strong> <strong>QoS</strong> <strong>Solution</strong> <strong>Reference</strong> <strong>Network</strong> <strong>Design</strong> <strong>Guide</strong><br />
Chapter 2 Campus <strong>QoS</strong> <strong>Design</strong><br />
! Only one voice call is permitted per switchport VVLAN<br />
CAT2970(config-pmap-c)#class VVLAN-CALL-SIGNALING<br />
CAT2970(config-pmap-c)# set ip dscp 24 ! DSCP CS3 (Call-Signaling)<br />
CAT2970(config-pmap-c)# police 32000 8000 exceed-action policed-dscp-transmit<br />
! Out-of-profile call signaling is marked down to Scavenger (CS1)<br />
CAT2970(config-pmap-c)#class VVLAN-ANY<br />
CAT2970(config-pmap-c)# set ip dscp 0<br />
CAT2970(config-pmap-c)# police 32000 8000 exceed-action policed-dscp-transmit<br />
! Unauthorized VVLAN traffic is marked down to Scavenger (CS1)<br />
CAT2970(config-pmap-c)#class class-default<br />
CAT2970(config-pmap-c)# set ip dscp 0<br />
CAT2970(config-pmap-c)# police 5000000 8000 exceed-action policed-dscp-transmit<br />
! Out-of-profile data traffic is marked down to Scavenger (CS1)<br />
CAT2970(config-pmap-c)# exit<br />
CAT2970(config-pmap)#exit<br />
CAT2970(config)#<br />
CAT2970(config)#<br />
CAT2970(config)#interface GigabitEthernet0/1<br />
CAT2970(config-if)# switchport access vlan 10 ! DVLAN<br />
CAT2970(config-if)# switchport voice vlan 110 ! VVLAN<br />
CAT2970(config-if)# service-policy input IPPHONE+PC-BASIC ! Attaches policy<br />
CAT2970(config-if)#exit<br />
CAT2970(config)#<br />
CAT2970(config)#<br />
CAT2970(config)#ip access list extended VVLAN-VOICE<br />
CAT2970(config-ext-nacl)#permit udp 10.1.110.0 0.0.0.255<br />
any range 16384 32767<br />
! Voice is matched by VVLAN subnet and VoIP UDP port-range<br />
CAT2970(config-ext-nacl)#exit<br />
CAT2970(config)#<br />
CAT2970(config)#ip access list extended VVLAN-CALL-SIGNALING<br />
CAT2970(config-ext-nacl)#permit tcp 10.1.110.0 0.0.0.255<br />
any range 2000 2002<br />
! Call Signaling is matched by VVLAN subnet and Call-Signaling TCP port-range(s)<br />
CAT2970(config-ext-nacl)#exit<br />
CAT2970(config)#<br />
CAT2970(config)#ip access list extended VVLAN-ANY<br />
CAT2970(config-ext-nacl)# permit ip 10.1.110.0 0.0.0.255 any<br />
! Matches all other traffic sourced from the VVLAN subnet<br />
CAT2970(config-ext-nacl)#end<br />
CAT2970#<br />
Note At the time of writing, the Catalyst 2970/3560/3750 does not support a trust statement (such as mls qos<br />
trust device cisco-phone) in conjunction with a service-policy input statement applied to given port at<br />
the same time. While this may be configurable, if the switch is reset, one or the other statement may be<br />
removed when the switch reloads. This limitation is to be addressed; consult the latest Catalyst<br />
2970/3560/3750 <strong>QoS</strong> documentation for updates on this limitation.<br />
Catalyst MLS <strong>QoS</strong> Verification Commands<br />
Catalyst MLS <strong>QoS</strong> verification commands for the Conditionally-Trusted IP Phone and PC with<br />
Scavenger-Class <strong>QoS</strong> (Basic) model include the following:<br />
show mls qos<br />
show mls qos map<br />
show mls qos interface<br />
show mls qos interface policers<br />
Version 3.3