Switch port fa0/2 has been configured to connect an IP phone with an attached PC. Given the set of commands shown below, where does the trust boundary lie?
interface fa0/2
mls qos trust cos
mls qos trust device cisco-phone
switchport voice vlan 112
A.
between the IP phone and the switch
B.
between the IP phone and the PC
C.
between the access layer switch and the distribution layer switch
D.
between the PC port and the LAN port on the IP phone
Explanation:
In a typical network, you connect a Cisco IP Phone to a switch port. Traffic sent from the telephone to the switch is typically marked with a tag that uses the 802.1Q header. The header contains the VLAN information and the CoS 3-bit field, which determines the priority of the packet. For most Cisco IP Phone configurations, the traffic sent from the telephone to the switch is trusted to ensure that voice traffic is properly prioritized over other types of traffic in the network. By using the mls qos trust cos interface configuration command, you can configure the switch port to which the telephone is connected to trust the CoS labels of all traffic received on that port. In some situations, you also might connect a PC or workstation to the IP phone. In these cases, you can use the switchport priority extend cos interface configuration command to configure the telephone through the switch CLI to override the priority of the traffic received from the PC. With this command, you can prevent a PC from taking advantage of a high-priority data queue. However, if a user bypasses the telephone and connects the PC directly to the switch, the CoS labels generated by the PC are trusted by the switch (because of the trusted CoS setting) and can allow misuse of high-priority queues. The trusted boundary feature solves this problem by using the CDP to detect the presence of a Cisco IP Phone (such as the Cisco IP Phone 7910, 7935, 7940, and 7960) on a switch port. If the telephone is not detected, the trusted boundary feature disables the trusted setting on the switch port and prevents misuse of a high-priority queue.