[cisco-voip] Port-Security question and port qos question

Jason Aarons (US) jason.aarons at us.didata.com
Sat Jul 18 15:21:23 EDT 2009 

I've been burned a few times by Port-Security and having ports
err-disabled due to it...any thoughts on this template for my 2960
switches. Came from the WebGUI port-macro thing....unfortunately this is
from remote lab and I don't have anything in front of me to test;

 

config

!

udld aggressive

!

mls qos srr-queue output cos-map queue 1 threshold 3 5

mls qos srr-queue output cos-map queue 2 threshold 3 3 6 7

mls qos srr-queue output cos-map queue 3 threshold 3 2 4

mls qos srr-queue output cos-map queue 4 threshold 2 1

mls qos srr-queue output cos-map queue 4 threshold 3 0

!

mls qos rewrite ip dscp

!

macro global description cisco-global

!

errdisable recovery cause link-flap

errdisable recovery interval 60

!

spanning-tree mode rapid-pvst

spanning-tree loopguard default

mls qos rewrite ip dscp

!

interface range f0/1 - 48

 switchport port-security maximum 2

 switchport port-security

 switchport port-security aging time 2

 switchport port-security violation restrict

 switchport port-security aging type inactivity

 mls qos trust cos

 spanning-tree bpduguard enable

 macro description cisco-phone

 

Also I'm thinking for 7911/79411 phones I should have just "mls qos
trust". Also the LAN Lite 2960 doesn't have "auto-qos voip Cisco-phone"
so I have to manully set qos ...  You get what you pay for....

 

Jason Aarons

Consultant

Dimension Data

  <tel:704.97>    904.338.3245 <tel:+19043383245> 

  <tel:864.40>     904-338-3245 <tel:+19043383245> 

  <mailto:mark.levesque at us.dida>    Jason.Aarons at us.didata.com
<mailto:Jason.Aarons at us.didata.com> 
  <sip:mark.levesque at us.dida>    Jason.Aarons at us.didata.com
<sip:Jason.Aarons at us.didata.com> 

                      

For more information about Dimension Data, please go to
www.dimensiondata.com

 

For urgent issues notify your Project Manager, for 24x7 support contact
the Dimension Data NOC at +1-800-974-6584 or Cisco TAC at
+1-800-553-2447.

 




-----------------------------------------
Disclaimer:

This e-mail communication and any attachments may contain
confidential and privileged information and is for use by the
designated addressee(s) named above only.  If you are not the
intended addressee, you are hereby notified that you have received
this communication in error and that any use or reproduction of
this email or its contents is strictly prohibited and may be
unlawful.  If you have received this communication in error, please
notify us immediately by replying to this message and deleting it
from your computer. Thank you.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20090718/e457e747/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/png
Size: 1104 bytes
Desc: image001.png
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20090718/e457e747/attachment.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/gif
Size: 699 bytes
Desc: image002.gif
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20090718/e457e747/attachment.gif>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/gif
Size: 1076 bytes
Desc: image003.gif
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20090718/e457e747/attachment-0001.gif>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/gif
Size: 1169 bytes
Desc: image004.gif
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20090718/e457e747/attachment-0002.gif>

More information about the cisco-voip mailing list