Cisco Systems 2940

24-7

Catalyst 2940 Switch Software Configuration Guide

78-15507-02

Chapter24 Configuring QoS Configuring QoS

However, if a user bypasses the telephone and connects the PC directly to the switch, the CoS labels

generated by the PC are trusted by the switch (because of the trusted CoS setting) and can allow misuse

of high-priority queues. The trusted boundary feature solves this problem by using the CDP to detect the

presence of a Cisco IP Phone (such as the Cisco IP Phone 7910, 7935, 7940, and 7960) on a switch port.

If the telephone is not detected, the trusted boundary f eatur e disa bles t he t rus ted set ting o n t he sw itch

port and prevents misuse of a high-priority queue.

Beginning in privileged EXEC mode, follow these steps to configure trusted boundary on a switch port:

When you enter the no mls qos trust interface configuration command, trusted boundary is not disabled.

If this command is entered and the port is connected to a Cisco IP Phone, the port does not trust the

classification of traffic that it receives. To disable trusted boundary, use the no mls qos trust device

interface configuration command.

If you enter the mls qos cos override interface configuration command, the port does not trust the

classification of the traffic that it receives, even when it is connected to a Cisco IP Phone.

Table24-2 lists the por t c onfigura tio n whe n a n I P p hone is pr esent or a bsent .

Command Purpose

Step1 configure terminal Enter global configuration mode.

Step2 cdp enable Enable CDP globally. By default, it is enabled.

Step3 interface interface-id Enter interface configuration mode, and specify the interface to be

trusted.

Valid interfaces include physical interfaces.

Step4 cdp enable Enable CDP on the interface. By default, CDP is enabled.

Step5 mls qos trust device cisco-phone Configure the Cisco IP Phone as a trusted device on the interface.

Step6 mls qos trust cos Configure the port trust state to trust the CoS value of the ingress

packet. By default, the port is not trusted.For more information on

this command, refer to the command reference for this release.

Step7 end Return to privileged EXEC mode.

Step8 show mls qos interface [interface-id] Verify your entries.

Step9 copy running-config startup-config (Optional) Save your entries in the configuration file.

Table24-2 Port Configurations When Trusted Boundary is Enabled

Port Configuration When a Cisco IP Phone is Present When a Cisco IP Phone is Absent

The port trusts the CoS value

of the incoming packet. The packet CoS value is trusted. The packet CoS value is assigned

the default CoS value.

The port assigns the default

CoS value to incoming

packets.

The packet CoS value is assigned

the default CoS value. The packet CoS value is assigned

the default CoS value.