I need some advice concerning QoS and how to use on EOS gear. We have Bs and Cs
at the edge, DFEs in the distribution, and 7100 in the core. Essentially we
plan to introduce a little VoIP but I'd like to keep the discussion general.
As far as I understand QoS you have to define a trust boundary which obviously
is at the edge. But how do you do that on EOS? As far as I understand, the
switches simply trust a packet with a 802.1p/q PCP set (0-7) and assign it to
the corresponding queue. --> Is this maybe an issue of needing NAC / endpoint
security? It would already be an advantage if you could tell the devices not to
trust any such priority at the edge except for certain VLANs (like VoIP phones,
which have limited access to the Call Server anyway).
Furthermore, what if the device only sets a DiffServ priority because, for
example, it does not emit tagged traffic but still wants it to be prioritized?
The same question holds if there are firewalls in the data path which do not
consider nor set any 802.1p priority but only DSCP.
I tried stuff like:
set policy profile 1 name "PriorityForPhones" cos-status enable cos 5
set policy rule admin-profile vlantag 406 admin-pid 1
Hoping this would set some CoS for that VLAN. However I see no prio having been
set when mirroring the uplink. In any case that would not mean others would not
be able to "inject" similar packets anyway (see my remark above).
I also tried things like:
set cos settings 5 tos-value 46.0
set cos state enable
Hoping this would perform the mapping from DSCP 46 to CoS 5 internally and also
on egress. Nope. (B/C series have no "tci-overwrite" BTW.)
So how do you effectively define the trust boundary and set the following
priorities efficiently throughout your network?
To unsubscribe from enterasys, send email to lists...@unc.edu with the body:
unsubscribe enterasys arch...@mail-archive.com