Just wanted to add to what Jummy said....
Snippet from http://www.cisco.com/en/US/docs/ios/qos/command/reference/qos_m2.html#wp1044294 Packets that enter a QoS domain are classified at its edge. Because the packets are classified at the edge, the switch port within the QoS domain can be configured to a trusted state. It is not necessary to classify the packets at every switch within the domain. Use the *mls qos trust* command to set the trusted state of an interface and to indicate which fields of the packet are used to classify traffic. When a port is configured with trust DSCP or trust IP precedence and the incoming packet is a non-IP packet, the CoS-to-DSCP map is used to derive the corresponding DSCP value from the CoS value. The CoS can be the packet CoS for trunk ports or the port default CoS for nontrunk ports. If the DSCP is trusted, the DSCP field of the IP packet is not modified. However, it is still possible that the CoS value of the packet is modified (according to DSCP-to-CoS map). If the CoS is trusted, the CoS field of the packet is not modified, but the DSCP can be modified (according to CoS-to-DSCP map) if the packet is an IP packet. The trusted boundary with Cisco device verification feature, implemented with the *device cisco-phone* keywords, prevents security problems if users connect a non-phone device to a switch port that is configured to support a Cisco IP phone. You must globally enable CDP on the switch and on the port connected to the IP phone. If a Cisco IP phone is not detected, QoS does not apply any configured nondefault trust setting, which prevents misuse of a high-priority queue. If you configure the trust setting for DSCP or IP precedence, the DSCP or IP precedence values in the incoming packets are trusted. If you configure the *mls qos cos override* interface configuration command on the switch port connected to the IP phone, the switch overrides the CoS of the incoming voice and data packets and assigns the default CoS value to them. For an inter-QoS domain boundary, you can configure the port to the DSCP-trusted state and apply the DSCP-to-DSCP-mutation map if the DSCP values are different between the QoS domains. Classification using a port trust state (for example, mls qos trust [*cos* | *dscp* | *ip-precedence*] and a policy map (for example, *service-policy input* *policy-map-name*) are mutually exclusive. The last one configured overwrites the previous configuration. The following conditions apply to the *mls qos trust* command running on the Catalyst 6500 series switches or the Cisco 7600 series routers: •The *cos* keyword is not supported for *pos* or *atm* interface types. •The trust state does not apply to FlexWAN modules. •The trust state does not apply to 1q4t LAN ports except for Gigabit Ethernet ports. •Incoming queue drop thresholds are not implemented when you enter the *mls qos trust cos* command on 4-port Gigabit Ethernet WAN modules. ------------------------------ *Note *Use the *set qos-group* command to set the trust state on Catalyst 6500 series switch and Cisco 7600 series router Layer 2 WAN interfaces. ------------------------------ Examples The following example shows how to set the trusted state of an interface to IP precedence: Router(config-if)# *mls qos trust ip-precedence* The following example shows how to configure CDP to detect a Cisco IP phone connected to the port: Router(config-if)# *mls qos trust device cisco-phone* With regards Kings On Wed, Jun 22, 2011 at 2:13 AM, Jim Terry <[email protected]> wrote: > Hi Mark, > > here is my .02- > > yes unless specified- all switch ports remark traffic to BE. Routers trust > everything. > > > > JT > > > > > On Tue, Jun 21, 2011 at 1:29 PM, Mark Senteza <[email protected]>wrote: > >> Hi, >> >> When asked to configure outbound traffic, say telnet, on a certain router >> interface with an IP Precedence value of 3, I've seen the following >> configuration on the connecting switch port, which I dont understand. >> >> interface FastEthernet0/6 >> desc Connection to Router R1 interface fa0/0 >> *mls qos trust ip-precedence* >> >> What's the purpose of the above "mls qos trust ip-precedence" command on >> the switch's port, and if not set, would the switch change the precedence >> value that had been set by the router configuration ? >> >> Mark >> >> _______________________________________________ >> For more information regarding industry leading CCIE Lab training, please >> visit www.ipexpert.com >> >> Are you a CCNP or CCIE and looking for a job? Check out >> www.PlatinumPlacement.com <http://www.platinumplacement.com/> >> > > > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com > > Are you a CCNP or CCIE and looking for a job? Check out > www.PlatinumPlacement.com >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
