VLAN Priority on a Trunk port

Question

What is the simplest way to give one VLAN a higher priority than another on a trunk port?  I have two VLANs, the default and VLAN 10.  I want VLAN 10 to have an 802.1p priority of 6 and I want the default VLAN to have a priority of 2.  Can this be done in Basic QOS mode or do I need to go to Advanced mode? Thanks!

strabo234 · Answer

Daniel,

Thanks for the response.

I have a couple of 5500s in this case. After I posted the question I did find the following in another post:

When configuring interfaces with other VoIP devices connected, like a PBX server or VoIP switch, it is generally best practice to assign the ports to the VLAN statically instead of enabling Voice VLAN. This is because most of these types of devices are VLAN unaware, which means they do not support VLAN tagging. In order for Voice VLAN to be activated on a port or, for a device to be added dynamically, traffic must be tagged for the Voice VLAN. Be aware that when a device is added statically to the VLAN the Voice VLAN feature is not
activated on the port where the statically added device is connected. Traffic from the device will not be prioritized by default. To prioritize this traffic the CoS and DSCP trust modes can be used as long as the ingress traffic from the device already has a CoS or DSCP value assigned. If no CoS or DSCP value has been assigned to the ingress traffic a QoS policy must be defined for the switch to prioritize the traffic.

Here we’re putting the switch in QoS Advanced Mode which will give us more granular QoS
functionality that allows us to configure the QoS policies.

console(config)# qos advanced

First, we need to configure an ACL that allows the VoIP traffic. We matched the traffic based on the subnet for simplicity. Although, there are many other parameters we could use to match specific traffic that are out of the scope of this discussion.

console(config)# ip access-list extended voip
console(config-ip-al)# permit ip any 192.168.10.0 0.0.0.255
console(config-ip-al)# exit

Now we are creating an ACL to match the LAN data traffic, or any traffic other than VoIP. This is assuming that the VoIP traffic is isolated into a separate subnet and VLAN, which would be best practice in most cases.

console(config)# ip access-list extended LAN
console(config-ip-al)# permit ip any any
console(config-ip-al)# exit

Next, we need to configure a class map named voip that matches the voip ACL and a class map named LAN that matches the LAN ACL we created previously.

console(config)# class-map voip
console(config-cmap)# match access-group voip
console(config-cmap)# exit
console(config)# class-map LAN
console(config-cmap)# match access-group LAN
console(config-cmap)# exit

Now we create a policy map named voice that first matches on class map voip, and then class map LAN.

console(config)# policy-map voice
console(config-pmap)# class voip

Here we give the policy map an action (set queue 6). If the traffic matches class map voip it will prioritize the traffic into switch queue 6.

console(config-pmap-c)# set queue 6
console(config-pmap-c)# exit
In the next action assigned to the policy map if the traffic matches class map LAN the switch is set to trust a CoS or DSCP value already assigned to the inbound packet or frame. If there is no CoS or DSCP value assigned to the inbound traffic the switch will put the traffic into queue 2 by default. Queue 2 is primarily "best effort" which means it forwards traffic on a "first-come first- serve" basis.

console(config-pmap)# class LAN
console(config-pmap-c)# trust cos-dscp
console(config-pmap-c)# exit
console(config-pmap)# exit

Now that the QoS policy has been created we assign it to ports 1 and 2 on switch unit 1. Port 1 is our uplink to another switch or router on the network, and port 2 is connected to our PBX server.

console(config)# interface range gigabitethernet 1/0/1-2
console(config-if-range)# service-policy input voice
console(config-if-range)# exit

Since port 2 is connected to the PBX, which is VLAN unaware, we put the interface in access mode and tell it to send VLAN 10 traffic untagged.

console(config)# interface gigabitethernet 1/0/2
console(config-if)# switchport access vlan 10
console(config-if)# exit 　

Since port 1 is our uplink it’s going to be sending and receiving traffic on both VLANs. We need to configure this port in trunk mode which adds all VLANs to the interface. VLAN 1 will be untagged because it’s the native by default, and VLAN 10 will be tagged.

console(config)# interface gigabitethernet 1/0/1
console(config-if)# switchport mode trunk
console(config-if)# exit

�

I think the above example is probably the way to go with a few modifications. I would probably choose to use an ACL where I specify the vlan id as opposed to a subnet as shown above. For example:

console(config)# mac access-list extended voip

console(config-mac-al)# permit any any vlan 10

console(config-mac-al)# exit

console(config)# mac access-list extended LAN

console(config-mac-al)# permit any any vlan 1

console(config-mac-al)# exit

I would keep the class map in the example above but make a few modifications to the policy map as shown below.

console(config)# policy-map voice
console(config-pmap)# class voip

console(config-pmap-c)# set queue 6
console(config-pmap-c)# exit
console(config-pmap)# class LAN
console(config-pmap-c)# set queue 2
console(config-pmap-c)# exit
console(config-pmap)# exit

I would only apply this policy to the trunk port. The example above seems to be prioritizing traffic within the same VLAN. In my example, I want to prioritize by VLAN only. Simply put, if the traffic is in VLAN 10, I want all the traffic in VLAN 10 to have priority over all the traffic in VLAN 1 which is traversing the trunk link.

Am I on the right path here?

Sorry for the long-winded reply.

Strabo234

Networking General

Was this post helpful?