I have seen many workbook lab tasks about configure things “as per best practice“. Few examples are ask us to configure QoS of a switchport where cisco phone or AP, WLC connected, configure 802.11 data rates for VoWLAN, wireless QoS.
How do we determine what is the best practice configs for these situations ? For example “A 7960 phone is connected to Fa1/0/10 of switch B. Configure QoS on this port to support this phone as per best practice”. How we should approach this ? One quick way is Auto QoS.
You can configure auto-qos on a given switchport to support VoIP phone connection by using “auto qos voip cisco-phone” CLI command. Keep in mind this will add whole bunch of other global commands to enable QoS, classification, Scheduling, etc. See below example where I have configured auto QoS on fa1/0/10 in a 3750 switch.
3750-b(config)#int fa1/0/10 3750-b(config-if)#auto qos voip cisco-phone ! ! You can see the configuration lines added by this command by using show archive CLI command ! 3750-b#show archive config differences nvram:startup-config system:running-config ! !Contextual Config Diffs: +mls qos map policed-dscp 0 10 18 24 46 to 8 +mls qos map cos-dscp 0 8 16 24 32 46 48 56 +mls qos srr-queue input bandwidth 70 30 +mls qos srr-queue input threshold 1 80 90 +mls qos srr-queue input priority-queue 2 bandwidth 30 +mls qos srr-queue input cos-map queue 1 threshold 2 3 +mls qos srr-queue input cos-map queue 1 threshold 3 6 7 +mls qos srr-queue input cos-map queue 2 threshold 1 4 +mls qos srr-queue input dscp-map queue 1 threshold 2 24 +mls qos srr-queue input dscp-map queue 1 threshold 3 48 49 50 51 52 53 54 55 +mls qos srr-queue input dscp-map queue 1 threshold 3 56 57 58 59 60 61 62 63 +mls qos srr-queue input dscp-map queue 2 threshold 3 32 33 40 41 42 43 44 45 +mls qos srr-queue input dscp-map queue 2 threshold 3 46 47 +mls qos srr-queue output cos-map queue 1 threshold 3 4 5 +mls qos srr-queue output cos-map queue 2 threshold 1 2 +mls qos srr-queue output cos-map queue 2 threshold 2 3 +mls qos srr-queue output cos-map queue 2 threshold 3 6 7 +mls qos srr-queue output cos-map queue 3 threshold 3 0 +mls qos srr-queue output cos-map queue 4 threshold 3 1 +mls qos srr-queue output dscp-map queue 1 threshold 3 32 33 40 41 42 43 44 45 +mls qos srr-queue output dscp-map queue 1 threshold 3 46 47 +mls qos srr-queue output dscp-map queue 2 threshold 1 16 17 18 19 20 21 22 23 +mls qos srr-queue output dscp-map queue 2 threshold 1 26 27 28 29 30 31 34 35 +mls qos srr-queue output dscp-map queue 2 threshold 1 36 37 38 39 +mls qos srr-queue output dscp-map queue 2 threshold 2 24 +mls qos srr-queue output dscp-map queue 2 threshold 3 48 49 50 51 52 53 54 55 +mls qos srr-queue output dscp-map queue 2 threshold 3 56 57 58 59 60 61 62 63 +mls qos srr-queue output dscp-map queue 3 threshold 3 0 1 2 3 4 5 6 7 +mls qos srr-queue output dscp-map queue 4 threshold 1 8 9 11 13 15 +mls qos srr-queue output dscp-map queue 4 threshold 2 10 12 14 +mls qos queue-set output 1 threshold 1 100 100 50 200 +mls qos queue-set output 1 threshold 2 125 125 100 400 +mls qos queue-set output 1 threshold 3 100 100 100 400 +mls qos queue-set output 1 threshold 4 60 150 50 200 +mls qos queue-set output 1 buffers 15 25 40 20 +mls qos +auto qos srnd4 +class-map match-all AUTOQOS_VOIP_DATA_CLASS +match ip dscp ef +class-map match-all AUTOQOS_DEFAULT_CLASS +match access-group name AUTOQOS-ACL-DEFAULT +class-map match-all AUTOQOS_VOIP_SIGNAL_CLASS +match ip dscp cs3 +policy-map AUTOQOS-SRND4-CISCOPHONE-POLICY +class AUTOQOS_VOIP_DATA_CLASS +set dscp ef +police 128000 8000 exceed-action policed-dscp-transmit +class AUTOQOS_VOIP_SIGNAL_CLASS +set dscp cs3 +police 32000 8000 exceed-action policed-dscp-transmit +class AUTOQOS_DEFAULT_CLASS +set dscp default +police 10000000 8000 exceed-action policed-dscp-transmit interface FastEthernet1/0/10 +srr-queue bandwidth share 1 30 35 5 +priority-queue out +mls qos trust device cisco-phone +mls qos trust cos +auto qos voip cisco-phone +service-policy input AUTOQOS-SRND4-CISCOPHONE-POLICY +ip access-list extended AUTOQOS-ACL-DEFAULT +permit ip any any
From exam perspective, they would not expect all of the above commands & interesting on interface specifics with basic QoS global configs. I would not worry about specific input service policy unless they give instructions to define these class maps & policy maps.
Below is my answer to this configuration task. Points are enable QoS, DSCP 46 mapping to CoS 5 voice traffic, “Trusting CoS & conditional trust for cisco-phone”, “VoIP traffic put into egress PQ with bandwidth sharing mechanism- means unused bandwidth can be used by other traffic classes”
mls qos mls qos map cos-dscp 0 8 16 24 32 46 48 56 ! int fa1/0/10 srr-queue bandwidth share 1 30 35 5 priority-queue out mls qos trust device cisco-phone mls qos trust cos
Once you copy this interface configs to a notepad you can simply reload switch without saving the configs to remove those all global configs. Once reloaded you can simply apply interface configurations from the notepad.
If it is AP connected switch port, as you know we have to trust DSCP. So best practice configs for those ports is something like below.
mls qos mls qos map cos-dscp 0 8 16 24 32 46 48 56 ! int fa1/0/10 mls qos trust dscp
If it is WLC connected switch port we have to trust CoS & best practice configs for those ports is something like below.
mls qos mls qos map cos-dscp 0 8 16 24 32 46 48 56 ! int fa1/0/10 mls qos trust cos
mrn-cciew 
Hi Nayarasi,
How about mls qos vlan-base? Do we need it on switchport access vlans configured on the port ? (tipical switch L2 port config for AP’s with associate van)
Hi JT,
This command is used when we apply QoS on per VLAN basis instead of port basis.If you need to classify traffic per vlan level, a policy map can be applied on SVI interface with “mls qos vlan-based” command on physical ports.
In our QoS configs listed in this post, simply use per port basis & therefore “mls qos vlan -based” is not required. Refer the 3560 command reference given below.
http://www.cisco.com/en/US/docs/switches/lan/catalyst3560/software/release/12.2_55_se/command/reference/cli1.html#wp13311518
Reblogged this on ytd2525.
Good article!
Thanks Prasanna..
Hi Rasika,
Any suggestions for QOS on SUP7?I’m a bit confused..
I understand that the only way for classification is using class maps.
For example if i want to mark only voice packets i’ll create 2 classes,one for RTP and one for Signalling setting to EF & CS3.In that way the APs will trust the DSCP field from the input policy.
What about the connection to WLC?
Is the same logic with the difference of setting the same classes to cos 5 and cos 3?
Best regards,
Christos.
Hi Rasika,
Great, this is a simple and concise right on money. Person like me don’t know depth in QoS really helped me get my job done.
Thanks.
Prageeth
Hi Rasika,
What Would be the Config between trunk port between two switches in above situation?
Just putting #mls qos trust cos in trunk port is enough ?
Hi Rasika,
My 5508 WLC in a HA setup. It connects 6 trunk ports with the switch Cisco Catalyst 3850. and all 6 trunks are in a port-channel . How we going to achieve QoS there?
Prageeth
3850 QoS is little different from other catalyst platform. It is based on MQC and therefore this post is not applicable for that.
Please refer 3850 QoS related posts in my blog
Rasika
Hi I am looking for the QoS on 3750 switch but for IP phones. could you please guide with that.
You can use AutoQoS if you want.
Refer this document for more detail
http://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/WAN_and_MAN/QoS_SRND_40/QoSCampus_40.html#pgfId-998207
HTH
Rasika
Hello Rasika,
can you please explain a scenario for an autonomous access point?
Since the autonomous is connected to a trunk port, i speculate that the trust should be set to CoS.
Can you please comment?
Thanks
Yes, if it is trunk then COS, always check how AP connected port configured. Do not assume it is Trunk always.
thanks,
so to conclude, as a rule of thumb for lab exam v.20:
access port: dscp
trunk port: cos
Always read carefully and see what they ask for, accordingly you should configure. H-REAP is one example. Once you classify your traffic at the access layer, you do not want to rewrite in transit switches, so trusting DSCP on inter-switch trunk link is good practice.
Keep those points in mind
Rasika
Hi Nayarasi
We recently went to a new ISP with double the bandwidth but we are seeing the same rate of download speeds. Just to point out we see 45 Mbit download speed and 100Mbit Upload speeds. We went from a 45Mbit circuit to a 100 Mbit circuit but are still seeing the same speeds from before. The ISP says it’s an issue on our end. These are the QOS settings on our core switch.
Thanks so much for your help sir.
Is there a way to test your ISP link without connecting it to your network. (ie if they give connection via Ethernet, you can connect it directly to your PC & do a speedtest & see)
If that also shows 45Mbps download, I think ISP may still have some shaping rules configured for you with previous connection
HTH
Rasika
Thanks Rasika
I tried the test with my laptop straight to the 3925 router inside interface and got 100/100. I also did this going to the ASA and got 95 down and 4 up.
Probably you are on right track to find out which device is the culprit
Rasika
These are the qos settings i forgot to post.
mls qos map cos-dscp 0 8 16 24 32 46 48 56
mls qos srr-queue input bandwidth 70 30
mls qos srr-queue input threshold 1 80 90
mls qos srr-queue input priority-queue 2 bandwidth 30
mls qos srr-queue input cos-map queue 1 threshold 2 3
mls qos srr-queue input cos-map queue 1 threshold 3 6 7
mls qos srr-queue input cos-map queue 2 threshold 1 4
mls qos srr-queue input dscp-map queue 1 threshold 2 24
mls qos srr-queue input dscp-map queue 1 threshold 3 48 49 50 51 52 53 54 55
mls qos srr-queue input dscp-map queue 1 threshold 3 56 57 58 59 60 61 62 63
mls qos srr-queue input dscp-map queue 2 threshold 3 32 33 40 41 42 43 44 45
mls qos srr-queue input dscp-map queue 2 threshold 3 46 47
mls qos srr-queue output cos-map queue 1 threshold 3 4 5
mls qos srr-queue output cos-map queue 2 threshold 1 2
mls qos srr-queue output cos-map queue 2 threshold 2 3
mls qos srr-queue output cos-map queue 2 threshold 3 6 7
mls qos srr-queue output cos-map queue 3 threshold 3 0
mls qos srr-queue output cos-map queue 4 threshold 3 1
mls qos srr-queue output dscp-map queue 1 threshold 3 32 33 40 41 42 43 44 45
mls qos srr-queue output dscp-map queue 1 threshold 3 46 47
mls qos srr-queue output dscp-map queue 2 threshold 1 16 17 18 19 20 21 22 23
mls qos srr-queue output dscp-map queue 2 threshold 1 26 27 28 29 30 31 34 35
mls qos srr-queue output dscp-map queue 2 threshold 1 36 37 38 39
mls qos srr-queue output dscp-map queue 2 threshold 2 24
mls qos srr-queue output dscp-map queue 2 threshold 3 48 49 50 51 52 53 54 55
mls qos srr-queue output dscp-map queue 2 threshold 3 56 57 58 59 60 61 62 63
mls qos srr-queue output dscp-map queue 3 threshold 3 0 1 2 3 4 5 6 7
mls qos srr-queue output dscp-map queue 4 threshold 1 8 9 11 13 15
mls qos srr-queue output dscp-map queue 4 threshold 2 10 12 14
mls qos queue-set output 1 threshold 1 100 100 50 200
mls qos queue-set output 1 threshold 2 125 125 100 400
mls qos queue-set output 1 threshold 3 100 100 100 400
mls qos queue-set output 1 threshold 4 60 150 50 200
mls qos queue-set output 1 buffers 15 25 40 20
mls qos
I do not these settings causing the problem you face.
HTH
Rasika
can you pls show me how to config the qos on the layer 3 as you said to trust to to reclassify again. i am new to cisco voice thanks i have layer 2 switch(3560) connnect to my router (2811) as a router on a stic and then outside to the WAN. pls help me cause i have knowledge about the qos for VOIP
QoS is a complex topic. If you keen to learn, here is a very good CiscoLive presentation.
https://cisco.app.box.com/v/QoS-5-Techtorial
HTH
Rasika