mls qos trust
mls qos trust
Use the mls qos trust interface configuration command on the switch stack or on a standalone switch to
configure the port trust state. Ingress traffic can be trusted, and classification is performed by examining
the packet Differentiated Services Code Point (DSCP), class of service (CoS), or IP-precedence field.
Use the no form of this command to return a port to its untrusted state.
Syntax Description
cos
device cisco-phone
dscp
ip-precedence
Defaults
The port is not trusted. If no keyword is specified when the command is entered, the default is dscp.
Command Modes
Interface configuration
Command History
Release
12.1(11)AX
12.1(14)EA1
Usage Guidelines
Packets entering a quality of service (QoS) domain are classified at the edge of the domain. When the
packets are classified at the edge, the switch port within the QoS domain can be configured to one of the
trusted states because there is no need to classify the packets at every switch within the domain. Use this
command to specify whether the port is trusted and which fields of the packet to use to classify traffic.
When a port is configured with trust DSCP or trust IP precedence and the incoming packet is a non-IP
packet, the CoS-to-DSCP map is used to derive the corresponding DSCP value from the CoS value. The
CoS can be the packet CoS for trunk ports or the port default CoS for nontrunk ports.
If the DSCP is trusted, the DSCP field of the IP packet is not modified. However, it is still possible that
the CoS value of the packet is modified (according to DSCP-to-CoS map).
Catalyst 3750 Switch Command Reference
2-186
mls qos trust [cos | device cisco-phone | dscp | ip-precedence]
no mls qos trust [cos | device | dscp | ip-precedence]
(Optional) Classify an ingress packet by using the packet CoS value. For an
untagged packet, use the port default CoS value.
(Optional) Classify ingress packets by trusting the value sent from the Cisco
IP phone (trusted boundary).
(Optional) Classify an ingress packet by using the packet DSCP value (most
significant 6 bits of 8-bit service-type field). For a non-IP packet, the packet
CoS is used if the packet is tagged. For an untagged packet, the default port
CoS value is used.
(Optional) Classify an ingress packet by using the packet IP-precedence value
(most significant 3 bits of 8-bit service-type field). For a non-IP packet, the
packet CoS is used if the packet is tagged. For an untagged packet, the port
default CoS value is used.
Modification
This command was introduced.
The device cisco-phone keywords were added.
Chapter 2
Catalyst 3750 Switch Cisco IOS Commands
78-16181-01