Upcoming Maintenance Alert:

The UBNT Community will be upgraded at 5pm MDT on April 25th. During this time the community forums will be set to read-only status.

Learn more

×
Reply
Highlighted
New Member
Posts: 10
Registered: ‎02-22-2011

Help with DSCP/CoS on trunks

Hi everyone, have been tasked with quoting on upgrading an old 10/100 network and am hoping for some advice on DSCP/CoS for trunk ports (and possibly correcting my testing setup if I'm barking up the wrong tree).

 

To summarise, I'm planning a few ES24 PoE switches trunked back to an ES48 via fibre SFP. All computers and servers will connect to VLAN 1.

 

Voice VLAN is enabled (VLAN ID 192), LLDP is advertising the VLAN & DSCP 46 to my Yealink SIP phones, plug a phone into any switch and it gets an IP in the correct VLAN. Plug a PC into a switch or into a phone and it gets an IP from VLAN 1. Plug in an IP camera into any surveillance VLAN designated port and it gets an IP in the surveillance VLAN (VLAN ID 172).

 

I'm trusting DSCP on the phone & camera ports, phones are DSCP 46 (RTP) & 26 (SIP), cameras are DSCP 38 (VIDEO).

 

Have setup a DiffServ policy inbound (IN), it matches DSCP 46/38/24 and assigns it to queue 5/4/3 respectively. So far so good, can see packets offered under DiffServ Policy Statistics.

 

My question or rather questions now are:

 

  1. For the trunk ports connecting to other switches or UniFi AP, do I continue to trust DSCP or should I rather map the needed DSCP values 46/38/24 to CoS 5/4/3 and trust CoS on the "trunk" ports? (I understand the native VLAN will get a CoS priority of 0)
  2. Besides having higher priority queues serviced first, how can I guarantee 20mbit of a 1gbit trunk to VOIP and 50mbit to VIDEO?
  3. Will the DSCP markings be preserved throughout the network even if I map DSCP to CoS and trust CoS on the trunks?
  4. If on one side of the trunk I map DSCP to CoS, surely on the other side I need to map CoS to DSCP?  Not quite grasping the concept of an IN vs OUT policy.

 

I think I'm on the right track so far with trusting DSCP and having the policy inbound for the access ports, just stuck on the trunk ports at present.  However, if I am incorrect, please do pipe up and say so!

 

Any answers, comments or advice appreciated.

 

Thanks

 

 

 

 

Reply