Cisco Systems OL-8978-02 manual Trusted Boundary Configuration Guidelines, 55-35

Page 35

Chapter 55 Configuring a VoIP Network

Configuring VoIP on a Switch

Trusted Boundary Configuration Guidelines

This section describes the guidelines for configuring the trusted boundary:

Common Open Policy Service (COPS) considerations

COPS directly affects how the QoS parameters are applied. A port may have either a local policy or a COPS policy. This setting specifies whether the port should get its QoS configuration information from the local configuration or through a COPS server. If COPS is enabled on a port and is also globally enabled, the policy that is specified by the COPS server applies. If COPS is disabled and/or the run-time policy is local, the local configuration QoS policy applies. The extended trust boundary feature overrides the “local” policy on a port.

QoS configuration support

All the QoS port trust configuration settings are supported (trust-cos, trust-ipprec, trust-dscp), but you should use trust-cosfor the Cisco IP Phone networks.

System log messaging

New QoS syslogs were added for the trusted boundary to notify you of the changes to a port’s trust state and to warn of improper configuration. To see these syslogs, set the QoS logging level to 5 (set logging level qos 5). The default is 3. Refer to the Catalyst 6500 Series System Message Guide for the descriptions of the syslogs.

Final run-time port trust value

The final run-time port trust on any port is dependent on the following:

Trusted boundary configuration

Phone’s presence on the port

QoS configuration

COPS configuration

To enable the trusted boundary, you must enable QoS and you must enable CDP globally and on the port, running in version 2 mode. You must set COPS to local policy (the COPS default) or to disabled (the COPS default). When ciscoipphone is configured as the trust-device on the port, the feature is enabled and detects the presence of a Cisco IP Phone and sets the trust values.

See Figure 55-6to determine the final trust value on a port.

 

 

Catalyst 6500 Series Switch Software Configuration Guide—Release 8.7

 

 

 

 

 

 

OL-8978-02

 

 

55-35

 

 

 

 

 

Page 34 Page 36
Image 35
Page 34 Page 36
Contents 55-1 A P T E R55-2 Cisco IP Phone55-3 55-4 55-5 Access GatewaysCisco CallManager Analog Station Gateway55-6 FXS Interface FeaturesAnalog Trunk Gateway Digital Trunk Gateway55-7 Digital Signal Processing Per T1/E1 PortConverged Voice Gateway Link Management55-8 How a Call Is Made55-9 Switch-to-Phone ConnectionsShow port inlinepower Voice-Related CLI CommandsCLI Commands Ethernet Module1 WS-X6608-T1/E12 WS-X6624-FXS3 Set port inlinepower Set inlinepower defaultallocation55-11 Configuring Per-Port Power ManagementShow environment power 55-12 Task CommandShow module mod 55-13 Power Management ModesShow version mod 55-14 Power RequirementsPhone Class Required Power W Phone Removal Available PowerWall-Powered Phones Powering Off the Phone55-16 Phone Detection SummaryHigh-Availability Support 55-17 Setting the Power Mode of a Port or a Group of PortsSetting the Default Power Allocation Set port inlinepower mod/port auto static55-18 Set inlinepower notify-threshold percentageShow port inlinepower mod /port detail Console enable show environment power Displaying the Switch Power Environment for ModulesShow environment power mod Console show port inlinepower 4/1 detail55-20 Configuring the Auxiliary VLANs on Catalyst LAN SwitchesEnter the set port auxiliaryvlan mod/port auxvlanid command Understanding the Auxiliary VLANsUntagged dot1p none Auxiliary Vlan Configuration GuidelinesConfiguring the Auxiliary VLANs Set port auxiliaryvlan mod /ports vlan55-22 Verifying the Auxiliary Vlan ConfigurationDisabling the Auxiliary VLANs Until an IP Phone is Detected Keyword Action55-23 Configuring the Access GatewaysConfiguring a Port Voice Interface Show port voice fdl mod /port Displaying a Port Voice Interface ConfigurationDisplaying the FDL Statistics Show port voice interface mod /portShow port mod /port Displaying the Port Configuration for the Individual PortsConsole enable show port voice fdl 7/1-3 Field DescriptionConsole show port Port T1/E1 Pstn Interface Module55-26 55-27 55-28 Port FXS Analog Interface Module55-29 Displaying the Active Call InformationShow port voice active mod/port All call conference transcode ipaddrConsole show port voice active 3/2 55-30Console show port voice active 55-31 Configuring QoS in the Cisco IP PhoneUnderstanding How QoS Works in the Cisco IP Phone Untrusted Configuring QoS in the Cisco IP PhoneSetting the Phone Access Port Trust Mode Set port qos mod/ports...trust-ext trusted55-33 Configuring a Trusted Boundary to Ensure Port SecuritySetting the Phone Access Port CoS Value Verifying the Phone Access Port QoS Configuration55-34 QoS and Cisco IP Phone ConfigurationQoS, Cisco IP Phone, and PC Configuration Supported Cisco IP Phones55-35 Trusted Boundary Configuration Guidelines55-36 Configuring a Trusted Boundary55-37 Default ConfigurationSpecifying a Cisco IP Phone as the Trust Device Verifying a Port’s Trust-Device State55-38 Understanding SmartPorts Macros55-39 SmartPorts-Cisco IP PhoneSmartPorts-Cisco Softphone SmartPorts Guidelines and Restrictions 55-41 Command DescriptionCiscoipphone Command Output CLI Interface for SmartPortsDetailed SmartPorts Statements Ciscosoftphone Command OutputConsole enable set port macro 3/1 ciscoipphone vlan Console enable set port macro 3/1 ciscosoftphone vlanKeyword Port Type How to Use SmartPorts in Your NetworkCiscoipphone Macro Statement Ciscosoftphone Macro Statement55-44 SmartPorts Enhancements in Software ReleaseCiscorouter SmartPorts Template Set port macro mod/port ciscodesktop vlan vlan Ciscoswitch SmartPorts TemplateCiscodesktop SmartPorts Template 55-45Set port macro mod/port ciscosoftphone vlan nativevlan Ciscoipphone SmartPorts TemplateCiscosoftphone SmartPorts Template 55-4655-47 Configuring User-Definable SmartPorts MacrosGlobal SmartPorts Template Overview55-48 Using the CLI to Configure User-Definable SmartPorts MacrosConsole enable set macro name videophone Creating User-Defined Macros55-49 Modifying Existing User-Defined MacrosDefining Variables 55-50 Using Special VariablesApplying a User-Defined Macro 55-51 Console enable set port macro 3/2 videophoneConsole enable set port macro 3/7 videophone 55-52 Displaying MacrosDisplaying Macro Variables Show macro name nameofmacro show macro all55-53 Clearing Macros and Macro VariablesClear macro name nameofmacro clear macro all 55-54 Displaying Macro Port MappingsShow macro map all name nameofmacro port mod/port 55-55 Configuring a Macro within a MacroConsole enable show macro map port 3/2 55-56

OL-8978-02 specifications

Cisco Systems OL-8978-02 is a comprehensive training curriculum designed to enhance the skills and knowledge of network professionals seeking to advance their careers in network management and security. This curriculum offers a significant focus on Cisco networking technologies and concepts, ensuring that learners are well-equipped to handle the intricacies of modern network environments.

One of the primary features of OL-8978-02 is its in-depth coverage of foundational networking concepts, which are crucial for effective network administration. The curriculum includes detailed modules on networking fundamentals, such as OSI and TCP/IP models, LAN and WAN architectures, and network protocols. This solid foundation enables learners to understand how different networking components interact and function together, forming the backbone of corporate and enterprise environments.

In addition to foundational knowledge, OL-8978-02 integrates a strong focus on security technologies and practices. Considering the increasing prevalence of cyber threats, the course emphasizes the importance of implementing robust security measures. Participants will learn about firewalls, intrusion prevention systems, VPNs, and other critical security technologies. This focus ensures that learners are prepared to safeguard networks against evolving security threats, a necessity in today’s digital landscape.

Another distinguishing characteristic of the OL-8978-02 curriculum is its emphasis on hands-on experience. The program often includes practical labs and simulations, allowing participants to apply theoretical knowledge in real-world scenarios. This experiential learning approach is pivotal for solidifying skills and boosting confidence in network management tasks.

Furthermore, OL-8978-02 addresses the latest advancements in networking technology, including software-defined networking (SDN) and cloud computing. By introducing emerging technologies, this curriculum ensures that professionals remain ahead of the curve, ready to adapt to the future demands of networking.

Finally, Cisco Systems OL-8978-02 positions itself not only as an educational tool but also as a career catalyst, providing learners with skills that are highly sought after in the IT job market. Upon completion, participants often find themselves well-prepared for various Cisco certifications, which can enhance their employability and professional growth opportunities in a competitive landscape. Through its thorough approach, OL-8978-02 plays a vital role in shaping the next generation of network professionals.
Top Page Image Contents