[c-nsp] Qos Sup2T disable trust globally ? ports untrusted by default ?
Blake Dunlap
ikiris at gmail.com
Fri Jul 13 10:29:16 EDT 2012
>From the documentation:
7.1. Change in Default QoS Behavior
Prior to Supervisor 2T, there was a single global command to enable or
disable QoS, which applied both at the PFC and port level. The major change
with QoS in a PFC4 system is the behavior of default QoS at the PFC level.
By default, QoS will be enabled in the PFC4, and there will only be a
global command option to enable or disable QoS at the port level. The main
changes can be broadly summarized as follows:
• No global CLI required to enable QoS in the box
• QoS for an interface is always defined by the attached service policies
• By default, packets are passed through without a change in DSCP, EXP, or
CoS for L2 packets or L2-classified L3 packets
• Service-policy marking does not depend on port trust
• The port state has no effect on marking, by default.
The PFC3-based mls qos global command is replaced with the auto qos
defaultglobal command, which is used for enabling QoS just at the port
level and
not at the PFC level.
On Fri, Jul 13, 2012 at 8:42 AM, Chris Evans <chrisccnpspam2 at gmail.com>wrote:
> IIRC
>
> On the cat6k if you have mls qos disabled globally it will trust. If you
> enable qos i believe it will rewrite based on your mapping tables.
> On Jul 13, 2012 8:38 AM, "Blake Dunlap" <ikiris at gmail.com> wrote:
>
>> If you look at the documentation for the Sup2T it does actually specify
>> default trust when I looked yesterday. I was rather surprised myself.
>>
>>
More information about the cisco-nsp
mailing list