This document creates a subset of the quality-of-service (QoS) configuration specific to deployment of a Cisco® Catalyst® 6500 running Cisco IOS® Software as an access switch in an IP Communications environment.
This information was gathered from several QoS guides available for voice and the Cisco Catalyst 6500. These guides assume that the Cisco CatalystOperating System is running on a Cisco Catalyst 6500 used as an access switch. This document provides comparative QoS functionality fordeployments using Cisco IOS® Software. The reader is encouraged to review as many other QoS documents as possible to gain a deeper understanding of how QoS pertains to a Cisco Catalyst 6500 as well as a greater understanding of Cisco Systems® recommendations for QoS ingeneral. Note that the configuration contained herein should not be considered the only method to achieve a desired QoS result.
IMPORTANT INFORMATION REGARDING PORT QUEUING ON CISCO CATALYST 6500
Both the trust state and queue capabilities of a port are wholly module-dependent. Cisco Catalyst 6500 modules vary in their queue structures andtrust support. To see the queue structure and trust capabilities of a port, issue the show interface capabilities modulenumber command. To see how an interface is currently configured, use the show mls qos modulenumber or show running-config commands.
The Cisco 10/100 Ethernet modules addressed herein are listed in Tables 1 and 2. These modules, while similar, differ with respect to trust capabilities and the resulting QoS configuration for voice. As of release 12.2(17d)SXB and later the 10/100 Ethernet modules in Table 1 support port trust while those in Table 2 do not. Since support for QoS functionality with these and other modules may change over time, always review the latest documentation available before deploying any configuration.
Table 1. Cisco Catalyst 6148 Series 10/100 Ethernet Modules
Module
Description
WS-X6148-RJ21
Catalyst 6500 48-Port 10/100 RJ-21 Module (Upgradable to Voice)
WS-X6148-RJ21V
Catalyst 6500 48-Port 10/100 Inline Power RJ-21 Module
WS-X6148-RJ45
Catalyst 6500 48-Port 10/100; RJ-45 Module (Upgradable to Voice)
WS-X6148-RJ45V
Catalyst 6500 48-Port 10/100 Inline Power RJ-45 Module
Table 2. Cisco Catalyst 6248 and 6348 Series 10/100 Ethernet Modules
Module
Description
WS-X6348-RJ-21
Catalyst 6000 48-Port 10/100 RJ-21 Module
WS-X6348-RJ21V
Catalyst 6000 48-Port 10/100 Inline Power RJ-21 Module
WS-X6348-RJ-45
Catalyst 6500 48-Port 10/100 RJ-45 Module (Upgradable to Voice)
WS-X6348-RJ45V
Catalyst 6500 48-Port 10/100 Inline Power RJ-45 Module
WS-X6248-RJ-45
Catalyst 6000 Family 48-port 10/100 RJ-45 module
WS-X6248-TEL
Catalyst 6000 Family 48-port 10/100 Telco (RJ-21) module
This document assumes, and is limited to, the following:
• Cisco IP Phones listed in Table 3.
Table 3. Required Cisco IP Phones with this Sample Configuration
Module
Description
CP-7910G+SW
Cisco IP Phone 7910G+SW, Global
CP-7940G
Cisco IP Phone 7940G, Global
CP-7960G
Cisco IP Phone 7960G, Global
CP-7970G
Cisco IP Phone 7970G, Global
• The Cisco IP Phone is connected to one of the 10/100 Ethernet modules in Tables 1 or 2.
• The supervisor is running Cisco IOS Software Release 12.2(17d)SXB or greater.
CONFIGURATION OVERVIEW
This sample configuration implements one of several methods to provide QoS at the access layer of an IP Communications deployment. Specifically this configuration is limited to a "full trust" policy on the switch interface. The "full trust" policy assumes a Cisco IP Phone (from Table 3) will be connected to the port to which this policy is applied, as the IP phone is responsible for remarking the PC traffic to CoS = 0. If a PC is instead directly connected to an interface with "full trust" policy, and its traffic is untagged, the switch marks the traffic CoS = 0. However, if the directly connected PC is marking its traffic with a CoS value, the switch accepts it because the port is configured to trust any received CoS. A "conditional trust" policy may be used as an alternative to reduce this possible risk. Though supported on several other Cisco Catalyst switch platforms, Cisco IOS Software for the Cisco Catalyst 6500 does not currently support the mls qos trust device cisco-phone command, which is the simplest method toimplement a "conditional-trust" policy. Please see other Cisco documentation for more information regarding "conditional trust" policy configuration.
For the Cisco Catalyst 6500 to act as an access switch for a Cisco 7940/7960/7970 IP phone + PC, using a "full trust" policy, the following is required:
1. Enable switchwide QoS.
2. Configure interfaces used for IP phones:
• Enable trust so the switch accepts the phone class-of-service (CoS) markings.
• Extend the trust boundary to the access port on the IP phone and mark PC traffic as CoS = 0.
• Enable input queue scheduling.
• Configure CoS-to-queue mapping.
• Configure output scheduling.
• Configure CoS-to-differentiated services code point (DSCP) mapping.
• Optionally configure a policy for additional application traffic marking or policing (not covered).
3. Configure the uplink interfaces to the distribution switch:
• Enable trust to accept markings from the distribution switch. This can be either CoS or DSCP trust.
• Enable input queue scheduling.
• Configure CoS-to-queue mapping.
• Configure output scheduling.
• Verify and configure CoS-to-DSCP mapping.
• Optionally configure a policy for additional application traffic marking or policing (not covered).
ENABLING QoS ON THE SWITCH
To enable QoS on the access layer Cisco Catalyst 6500, do the following:
Enable switchwide QoS:
6509-Access(config)#mls qos
CONFIGURING AN INTERFACE FOR IP PHONE + PC
As stated previously, the access port configuration depends on the module in use. All of the 10/100 Ethernet series modules in Tables 1 and 2 have 1Q4T receive and 2Q2T transmit queue architectures. For modules in Table 1 the port is configured to trust the IP phone and not to trust the PC attached to the phone. For modules in Table 2 a workaround is used because these modules are unable to "trust" the CoS of incoming traffic. The workaround consists of using an access-control-list (ACL) policy to retain the CoS of the traffic. An access port also is configured to use output scheduling through multiple transmit queues.
To configure the interface for a module in Table 1,do the following:
Step 1. Select a port to configure.
6509-Access(config)#interface fastethernet 5/1
Step 2. Configure the port as a Layer 2 port in the access mode.
6509-Access(config-if)#switchport
6509-Access(config-if)#switchport mode access
Step 3. Define the voice VLAN.
6509-Access(config-if)#switchport voice vlan 111
Step 4. Define the data VLAN.
6509-Access(config-if)#switchport access vlan 11
Step 5. Configure the port as a host port.
6509-Access(config-if)#spanning-tree portfast
Step 6. Enable inline power.
6509-Access(config-if)#power inline auto
Step 7. Accept the incoming Layer 2 CoS. This lets the switch accept the phone marking of voice traffic at CoS = 5 and voice control traffic at CoS = 3 and enables input scheduling.
6509-Access(config-if)#mls qos trust cos
Step 8. Instruct the IP phone to rewrite the PC traffic to CoS = 0.
6509-Access(config-if)#mls qos trust extend cos 0
Step 9. Place CoS = 1 in queue 1 threshold 1.
6509-Access(config-if)#wrr-queue cos-map 1 1 1
Step 10. Place CoS = 0 in queue 1 threshold 2.
6509-Access(config-if)#wrr-queue cos-map 1 2 0
Step 11. Place CoS = 2, 3, 4, 6, and 7 in queue 2 threshold 1.
Step 13. Modify the CoS-to-DSCP mapping. The recommended settings are DSCP = CS3 (24) for voice-over-IP (VoIP) control and DSCP = EF (46) for VoIP media traffic. To map the Layer 2 CoS correctly to these DSCP values, you must modify the switch default CoS-to-DSCP mappings. All CoS are shown though only 0, 3, and 5 are directly related to IPT.
After you configure the access port queuing, you must also configure the uplink interfaces to the distribution, or core, switch. This involves enabling trust for Ethernet frames coming into the trunk port, enabling output scheduling, and manipulating the CoS-to-queue mapping entrance criteria, mapping the CoS values to the appropriate DSCP value.
This section includes information for two of the six types of queue structures: 1P2Q2T and 2Q2T.
Configuring an Uplink Port
Step 1. Accept incoming DSCP markings if incoming traffic is known to be properly marked at Layer 3. This is the preferred method.
6509-Access(config-if)#mls qos trust dscp
Alternate Step 1. Accept incoming CoS markings if incoming traffic is known to be properly marked at Layer 2 only.
6509-Access(config-if)#mls qos trust cos
Optional Step 2 (required when trusting CoS) Verify CoS-to-DSCP mapping. This should have been set in Step 10 in the interface configuration. Map CoS = 5 to DSCP = EF (46) and CoS = 3 to DSCP = CS3 (24).
All CoS = 5 traffic (VoIP media) is placed into the egress interface priority queue on 1P2Q2T interfaces and queue 2 threshold 2 on 2Q2T interfaces by default upon enabling switchwide QoS. To follow QoS best practices, additional configuration of the CoS queue admission rules is needed to ensure that all other CoS traffic, and most importantly CoS = 3 (VoIP control), is placed into the correct queue. Separate configurations follow for 1P2Q2T and 2Q2T interfaces. For configuration of different interface queue structures, refer to other Cisco Catalyst 6500 QoS documentation.
Configuring 1P2Q2T Transmit Queue
Step 1. (for 1P2Q2T) Place CoS = 1 in queue 1 threshold 1.
6509-Access(config-if)#wrr-queue cos-map 1 1 1
Step 2. (for 1P2Q2T) Place CoS = 0 in queue 1 threshold 2.
6509-Access(config-if)#wrr-queue cos-map 1 2 0
Step 3. (for 1P2Q2T) Place CoS = 2, 3, and 4 in queue 2 threshold 1.
Step 4. (for 1P2Q2T) Place CoS = 6 and 7 in queue 2 threshold 2.
6509-Access(config-if)#wrr-queue cos-map 2 2 6 7
Step 5. (for 1P2Q2T) Place CoS = 5 in the priority queue.
6509-Access(config-if)#priority-queue cos-map 1 5
Step 6. (for 1P2Q2T) Set the buffer allocations to 40 percent for Q1 and 30 percent for Q2, a process that indirectly sets the priority queue (Q3) size to equal Q2.
Step 8. (for 2Q2T) Set the WRR weights for 30:70 (Q1:Q2) bandwidth servicing.
6509-Access(config-if)#wrr-queue bandwidth 30 70
SAMPLE CONFIGURATION
This section lists the commands discussed previously as a sample configuration. The IP phone is connected to a WS-X6148-RJ45V module and the uplink port is on a WS-X6408A module.
mls qos
mls qos map cos-dscp 0 8 16 24 32 46 48 54
interface fastethernet 5/1
switchport mode access
switchport voice vlan 111
switchport access vlan 11
spanning-tree portfast
power inline auto
mls qos trust cos
mls qos trust extend cos 0
wrr-queue cos-map 1 1 1
wrr-queue cos-map 1 2 0
wrr-queue cos-map 2 1 2 3 4 6 7
wrr-queue cos-map 2 2 5
interface gi1/1
mls qos trust dscp
wrr-queue cos-map 1 1 1
wrr-queue cos-map 1 2 0
wrr-queue cos-map 2 1 2 3 4
wrr-queue cos-map 2 2 6 7
priority-queue cos-map 1 5
wrr-queue queue-limit 40 30
wrr-queue bandwidth 30 70
wrr-queue random-detect min-threshold 1 40 80
wrr-queue random-detect max-threshold 1 80 100
wrr-queue random-detect min-threshold 2 70 80
wrr-queue random-detect max-threshold 2 80 100
ADDITIONAL RESOURCES
The following resources are instrumental to understanding and applying QoS in Cisco Catalyst 6500 switches:
• Quality of Service Solution Reference Network Design Guide (SRND) on Cisco.com: Go to http://www.cisco.com/go/srnd and select "QualityofService SRND."
