Users Guide
VLANs 829
console(config)#vlan 2
console(config-vlan-2)#exit
5
Enable Voice VLAN globally.
console(config)#voice vlan
6
Configure the VoIP phone connected port as follows:
console(config)#interface Gi2/0/11
console(config-if-Gi2/0/11)#switchport mode access
console(config-if-Gi2/0/11)#voice vlan 2
console(config-if-Gi2/0/11)#exit
7
Configure CoS queue 2 as strict. By default, the VoIP phone sends voice
traffic with 802.1p priority 5, which is mapped to egress queue 2 by
default.
console(config)#cos-queue strict 2
8
Configure an ACL to rate-limit the voice traffic in case of DoS attacks and
apply the ACL on the port-channel interfaces. The administrator should
consider applying this configuration to all perimeter ports.
console(config)#mac access-list extended dot1p-5-limit
console(config-mac-access-list)#1000 permit any any cos 5
console(config-mac-access-list)#rate-limit 1024 128
console(config-mac-access-list)#1010 permit any any
console(config-mac-access-list)#exit
console(config)#interface Gi2/0/11
console(config-if-Gi2/0/11)#mac access-group dot1p-5-limit in
100
console(config-if-Gi2/0/11)#exit
Assigning an 802.1p Priority to VLAN Traffic
The following example assigns all traffic on VLAN 25 to internal CoS
queue 4. This might be useful when assigning voice traffic a higher priority
than normal data traffic. Note that CoS queue 4 shares scheduling with the
other CoS queues, albeit more frequently than the lower-number CoS
queues.
NOTE: Spanning-tree status is shown accurately on the MLAG primary switch
and on the partner switches. On the MLAG secondary switch, interfaces may
show as spanning-tree disabled, but will remain in and are shown in the
forwarding state.