In this post we will see how to configure QoS for wired & wireless ports based on its role.I have taken two example of VoIP phone connected switchprot (wired port) & AP connected switchport (wireless port).
Here is our CA topology & I will focus on 3850-2 switch for this QoS configuration. IOS-XE 3.3.1 is used for this post & behavior may be different if you are using an earlier version of software code.
I have configured two switch-ports (G1/0/11 & 12) in 3850-2 switch for VoIP phones as shown below
interface GigabitEthernet1/0/11 description VOIP-1 switchport access vlan 13 switchport mode access switchport voice vlan 989 spanning-tree portfast ! interface GigabitEthernet1/0/12 description VOIP-2 switchport access vlan 13 switchport mode access switchport voice vlan 989 spanning-tree portfast
Now let’s see make a call between these two phones & see how QoS parameters change. I have configured below SAPN session & my monitoring PC (BackTrack) connected to G1/0/27 of this switch.
3850-2#sh run | in session monitor session 1 source interface Gi1/0/11 monitor session 1 destination interface Gi1/0/47 encapsulation replicate ! 3850-2#sh run int g1/0/47 interface GigabitEthernet1/0/47 end
Here is the packet captures of signaling & RTP media packets coming from VoIP-1 phone connected to G1/0/11. Similarly Packets coming from VoIP-2 should have these classification when it comes to G1/0/12.
Now If we are look at packet going to VoIP-1 (only RTP traffic since signalling go back to CUCM). As you can see traffic going to VoIP-1 has EF (or Priority 5 in dot1q header) which is same as incoming values from VoIP-2. This is very important thing to remember in this 3850 platform, which is by default QoS values (DSCP or CoS) received by a wired switchport will be trusted & pass-through to another wired switchport without a change.
Now let’s see how this work when make a call between wireless phone to wired phone. To do this we will create a open authentication wlan called “3850″ & map it to vlan 1410 under the AP group where L3602-1 configured for. (I used no broadcast-ssid since I am doing this in office environment & do not want to visible to normal users). Also I will uesd iPhone5 to illustrate QoS mapping changes as well.
3850-2(config)#wlan 3850 17 3850 3850-2(config-wlan)# no broadcast-ssid 3850-2(config-wlan)# client vlan WLN-STD-6 3850-2(config-wlan)# radio dot11a 3850-2(config-wlan)# no security wpa 3850-2(config-wlan)# no shutdown 3850-2#show ap groups Site Name: default-group Site Description: WLAN ID WLAN Name Interface ---------------------------------------------------- AP Name Ethernet MAC Location ----------------------------------------------------------- Site Name: SPG1-PW00 Site Description: WLAN ID WLAN Name Interface ----------------------------------------------------- 21 LTUWireless WLN-STD-6 AP Name Ethernet MAC Location ----------------------------------------------------------- L3702-1 7cad.74ff.2bc6 default location L3602-1 4c00.82df.a4c1 default location 3850-2(config)#ap group SPG1-PW00 3850-2(config-apgroup)#wlan 3850 3850-2(config-wlan-apgroup)#vlan 1410
You can verify wireless client connectivity details as below. iPhone5 detail highlighted in purple color.
3850-2#show wireless client summary Number of Local Clients : 1 MAC Address AP Name WLAN State Protocol -------------------------------------------------------------------------------- 04f7.e4ea.5b66 L3602-1 17 UP 11n(5) 2c54.2dea.f4ea L3602-1 17 UP 11a 3850-2#show wireless client mac-address 04f7.e4ea.5b66 detail Client MAC Address : 04f7.e4ea.5b66 Client Username: N/A AP MAC Address : f84f.57e3.1460 AP Name: L3602-1 AP slot : 1 Client State : Associated Wireless LAN Id : 17 Wireless LAN Name: 3850 BSSID : f84f.57e3.146e Connected For : 2851 secs Protocol : 802.11n - 5 GHz Channel : 36 Client IIF-ID : 0xf2a50000000025 ASIC : 0 IPv4 Address : 10.141.96.9 IPv6 Address : Unknown Association Id : 2 Authentication Algorithm : Open System Status Code : 0 Session Timeout : 0 Client CCX version : No CCX support Input Policy Name : unknown Input Policy State : None Output Policy Name : unknown Output Policy State : None 802.1P Priority Tag : Not supported WMM Support : Enabled U-APSD Support : Disabled Power Save : ON Current Rate : m7
If you do a wireless packet capture you would see the wireless frames coming from this iPhone5. I am using Jabber Voice (v9.1.6.21640) as the voice client. Here is a RTP packet coming from iPhone5. As you can see WMM-UP value is 5 even though actual IP packet DSCP is EF.In fact this should mark as priority 6 as per 802.11e standard, but most of these devices not correctly mark UP value.(if it is 7925G it is marked UP as 6 :))
Now let’s take a look at the packet capture at G1/0/2 wireless port while we are making a call between iPhone5 to VoIP-2.
interface GigabitEthernet1/0/2 description L3602-1 switchport access vlan 1610 switchport mode access spanning-tree portfast ! interface GigabitEthernet1/0/47 end ! monitor session 1 source interface Gi1/0/2 monitor session 1 destination interface Gi1/0/47
Here is the capture output of a signalling packet & RTP media traffic coming from iPhone5 to 7965 wired phone. As you can see the outer CAPWAP DSCP value is AF41 (which is corresponding to WMM-UP value of 5). Note that original packet DSCP is still EF.
Also note that I have removed default “untrust” behavior of this switch platform when traffic traverses wireless to wired or vice versa. If you do not do this outer CAPWAP DSCP will be re-written to BE (0×00) at this point.
3850-2(config)#no qos wireless-default-untrust
Now if you look at G1/0/12 packet capture you will see what QoS values goes when it received by VoIP phone. As you can see, based on the outer CAPWAP header DSCP value, swtich has re-written the 802.1q header CoS value & original packet DSCP. So VoIP phone getting the packet with DSCP AF41 (instead of EF)
So it is important to classify your traffic Based on a corporate QoS policy, rather trusting DSCP (or WMM-UP value for wireless frames), since there is no consistency of these different clients.
In a future post we will see how to classify traffic in order to get same treatment for wired & wireless traffic across the network.
Related Posts
1. 3850 QoS – Part 1 (QoS Touch Points)
2. 3850 QoS – Part 2 (Queuing Models)
3. 3850 QoS – Part 4 (Wireless QoS Mapping)
4. 3850 QoS – Part 5
