Ip telephony & Trust Boundary

eng_ahmedaseng_ahmedas Member Posts: 69 ■■□□□□□□□□
Dear Friends
I wish u r all in very good health .... I am very confused about a topic in voice over ip and i wish u could help me understand it ......

1)If i have a switch connected to cisco phone and the phone connect to pc, and i issue the command "mls qos trust cos" , i think that all cos from the phone and from the pc will be trust even if the user of the pc change its cos to gain some priority .. Is that true ???

2) Also what is the trust boundary ?? and in the previous case , will the trust boundary at the switch or the phone or the pc ??? and if i remove the phone will the trust boundary disabled ???

3)Also if i configure only the command "mls qos trust device cisco-phone" on an interface, i think that means that i will trust all cos if cisco phone dtected... but if it removed i will not trust any cos .... is that true????

please help, i am very confused

Thanks in advance


  • tmlerdaltmlerdal Member Posts: 80 ■■□□□□□□□□
    I'm just starting to refresh my memory on this working on the QoS exam, so I might be off a little bit, but I hope someone else out there will correct me if I am.

    1. My understanding is that with that command the cos from both the phone and the pc will be trusted.

    2. At that point the trust boundary is the switch. The way I've read it, is the trust boundary is the device at the point where you start trusting the cos value set.

    3. With that command you are then trusting the cos from the cisco phone only. The cos of any traffic from the pc will be reset back to zero. The trust point then becomes the phone.

    But please please, someone chime in if I'm right or wrong. I'm still learning this again myself, and need to re-review the trust boundary scenarios again.
  • eng_ahmedaseng_ahmedas Member Posts: 69 ■■□□□□□□□□
    Dear tmlerdal

    I wish u r fine ..... thanks tooo much for ur effort ... I have search on the net and asked on other forums and i think the most complete answers to my questions are :

    1) Be default, an IP phone remarks all packets recieved on the PC port to CoS 0. If you issue 'mls qos trust cos', it will trust any CoS marking on that port, no matter what is connected. If the phone is inline, it will trust the phone's marking. If you remove the phone and the PC is capable of CoS marking, the switch will trust the marking from the PC.

    2) 'mls qos trust device cisco-phone' extends the trust boundary to the connected phone. 'mls qos trust cos' extends the boundary to whatever device is connected to the switchport, regardless of whether or not it's a phone.

    3) 'mls qos trust device cisco-phone' uses CDP to determine if a phone is connected to the switchport. If the switch doesn't detect CDP packets coming from a phone, it doesn't trust any CoS coming from the device

    Thanks again

    Best wishes to u
  • tmlerdaltmlerdal Member Posts: 80 ■■□□□□□□□□
    Thanks. you did get a much clearer explanation that what I could have given.
Sign In or Register to comment.