With your configuration you would trust ANY dscp marking received from the IP phone port. No matter if it was sent by cisco ip phone or a rogue PC behind it. You loose the benefit of conditional trust boundary... I suspect that these tasks are contradictory.
regards kobel On Wed, Jan 26, 2011 at 21:28, Friderich Claude <cfrider...@netcore.lu>wrote: > Hello Miron, > > > > I agree with you and the same remark in the attached file p.4 > > You can use either one of these three methods. You cannot use more than one > method in a port. For example, > > you have configured the mls qos trust cos command on a port. When you > configure the port with the > > service−policy input <policy−map−name> command, it removes the mls qos > trust cos command > > automatically. > > > > I think we have to put the service-policy input <policy-map> with the > following class-map in this policy-map > > > > policy-map myname > > class myname > > trust dscp > > > > and create the class before with a match ip dscp ef > > > > My opinion …. But remarks appreciated J > > > > Regards > > Claude > > > > *Claude Friderich* > > *PreSales Support* > > *[image: ccvp_voice_sm]*** > > *NETCORE PSF S.A.*** > > 49 rue du Baerendall > > B.P.65 L-8201 Mamer > > Téléphone: 31 33 80-407 > > Fax: 31 33 80 8-407 > > GSM: 621 303 616 > > E-mail: cfrider...@netcore.lu > > > > *From:* ccie_voice-boun...@onlinestudylist.com [mailto: > ccie_voice-boun...@onlinestudylist.com] *On Behalf Of *Miron Kobelski > *Sent:* mercredi 26 janvier 2011 19:07 > *To:* ccie_voice@onlinestudylist.com > *Subject:* [OSL | CCIE_Voice] 3750 QoS: service-policy + mls qos > trustcommands on the same port > > > > Hello, > > I'm working on Vol2 Lab8 QoS section. Task 5.2 requires to conditionally > trust DSCP markings from the Cisco IP phone, which can be accomplished with: > > mls qos trust device cisco-phone > mls qos trust dscp > > But 5.3 requires policing and remarking using service-policy for the same > switch port. > In the Enterprise QoS SRND page 106 we have: > > At the time of writing, the Catalyst 2970/3560/3750 does not support a > trust statement (such as mls qos > trust device cisco-phone) in conjunction with a service-policy input > statement applied to given port at > the same time. While this may be configurable, if the switch is reset, one > or the other statement may be > removed when the switch reloads. This limitation is to be addressed; > consult the latest Catalyst > 2970/3560/3750 QoS documentation for updates on this limitation > > PG's solution seems to ignore this fact. What's your opinion on this? I was > unable to find anything on this in the archive. > > BTW, how can I find QoS SRND via cisco.com documentation portal? > > regards > kobel > > > > -- > > This email was Anti Virus checked. > >
<<image001.gif>>
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com