25-14
Catalyst 2950 Desktop Switch Software Configuration Guide
78-11380-05
Chapter 25 Configuring QoS
Configuring QoS
However, if a user bypasses the telephone and connects the PC directly to the switch, the CoS labels
generated by the PC are trusted by the switch (because of the trusted CoS setting) and can allow misuse
of high-priority queues. The trusted boundary feature solves this problem by using the Cisco Discovery
Protocol (CDP) to detect the presence of a Cisco IP phone (such as the Cisco IP Phone 7910, 7935, 7940,
and 7960) on a switch port. If the telephone is not detected, the trusted boundary feature disables the
trusted setting on the switch port and prevents misuse of a high-priority queue.
Beginning in privileged EXEC mode, follow these steps to configure trusted boundary on a switch port:
When you enter the no mls qos trust interface configuration command, trusted boundary is not disabled.
If this command is entered and the port is connected to a Cisco IP phone, the port does not trust the
classification of traffic that it receives. To disable trusted boundary, use the no mls qos trust device
interface configuration command
If you enter the mls qos cos override interface configuration command, the port does not trust the
classification of the traffic that it receives, even when it is connected to a Cisco IP phone.
Table 25-2 lists the port configuration when an IP phone is present or absent.
Command Purpose
Step 1
configure terminal Enter global configuration mode.
Step 2
cdp enable Enable CDP globally. By default, it is enabled.
Step 3
interface interface-id Enter interface configuration mode, and specify the interface to be
trusted.
Valid interfaces include physical interfaces.
Step 4
cdp enable Enable CDP on the interface. By default, CDP is enabled.
Step 5
mls qos trust device cisco-phone Configure the Cisco IP phone as a trusted device on the interface.
Step 6
mls qos trust cos Configure the port trust state to trust the CoS value of the ingress
packet.
By default, the port is not trusted.
Note In software releases earlier than Release 12.1(11)EA1, the
mls qos trust cos command is available only when the
switch is running the EI.
For more information on this command, refer to the command
reference for this release.
Step 7
end Return to privileged EXEC mode.
Step 8
show mls qos interface [interface-id]
[policers]
Verify your entries.
Step 9
copy running-config startup-config (Optional) Save your entries in the configuration file.