Configuring Trust Boundaries

The trust boundary forms a perimeter on your network. Your network trusts (and does not override) the markings on your switch. The incoming interface enforces the trust boundary as follows:

• All Fibre Channel and virtual Fibre Channel interfaces are automatically classified into the FCoE system class.
• By default, all Ethernet interfaces are trusted interfaces. A packet tagged with an 802.1p class of service (CoS) value is classified into a system class using the value in the packet.
• Any packet not tagged with an 802.1p CoS value is classified into the default drop system class. If the untagged packet is sent over a trunk, it is tagged with the default untagged CoS value, which is zero.
• You can override the default untagged CoS value for an Ethernet interface or port channel. After the system applies the correct CoS value to an untagged packet, QoS treats the packet according to the newly defined class.

For more information, see the Cisco Nexus 9000 Series NX-OS Quality of Service Configuration Guide:

https://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-installation-and-configuration-guides-list.html/

Configuring an IEEE 802.1Q Class of Service for QoS Classification

Configuring an IEEE 802.1Q Class of Service for QoS Classification

POST http://<mgmt0_IP>/api/mo/sys/intf.json

{
  "interfaceEntity": {
    "children": [
      {
        "l1PhysIf": {
          "attributes": {
            "id": "eth1/1"
          },
          "children": [
            {
              "ipqosUntaggedCos": {
                "attributes": {
                  "val": "7"
}}}]}}]}}

{
    imdata:[]
}

<System>
  <intf-items>
    <phys-items>
      <PhysIf-list>
        <id>eth1/1</id>
        <ucos-items>
          <val>7</val>
        </ucos-items>
      </PhysIf-list>
    </phys-items>
  </intf-items>
</System>

Note: This example was added in Release 9.3(3).

CLI Commands

The CLI commands are equivalent to the payload examples displayed in the pane on the right. Click the DME tab in the top-left corner of the right pane to view the JSON payload. Click the YANG tab to view the XML payload.

interface ethernet 1/1
  untagged cos 7

Verifying a DME Configuration

The following table contains the distinguished name (DN) for each managed object (MO) in the DME payload. Issue a GET request using the DN to verify the configuration was posted or to get information about the configured properties of a particular object.

l1PhysIf Properties

The following table contains information about the l1PhysIf properties in the DME payload. For more information about the properties and MOs, see the NX-API DME Model Reference linked in the Related Documentation section below.

ipqosUntaggedCos Properties

The following table contains information about the ipqosUntaggedCos properties in the DME payload. For more information about the properties and MOs, see the NX-API DME Model Reference linked in the Related Documentation section below.

Related Documentation

For other CLI options, see the Cisco Nexus 9000 Series NX-OS Command Reference:

http://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-command-reference-list.html

See the NX-API DME Model Reference for detailed information about classes and attributes described in the payload:

https://developer.cisco.com/site/nx-os/docs/nexus-model-reference/

For information about using the payloads, see the Cisco Nexus 9000 Series NX-OS Programmability Guide:

https://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-programming-reference-guides-list.html

Deleting an IEEE 802.1Q Class of Service for QoS Classification

Deleting an IEEE 802.1Q Class of Service for QoS Classification

POST http://<mgmt0_IP>/api/mo/sys/intf.json

{
  "interfaceEntity": {
    "children": [
      {
        "l1PhysIf": {
          "attributes": {
            "id": "eth1/1"
          },
          "children": [
            {
              "ipqosUntaggedCos": {
                "attributes": {
                  "status": "deleted"
}}}]}}]}}

{
    imdata:[]
}

<System>
  <intf-items>
    <phys-items>
      <PhysIf-list>
        <id>eth1/1</id>
        <ucos-items nc:operation="delete">
        </ucos-items>
      </PhysIf-list>
    </phys-items>
  </intf-items>
</System>

Note: This example was added in Release 9.3(3).

CLI Commands

The CLI commands are equivalent to the payload examples displayed in the pane on the right. Click the DME tab in the top-left corner of the right pane to view the JSON payload. Click the YANG tab to view the XML payload.

interface ethernet 1/1
  no untagged cos 7

Verifying a DME Configuration

The following table contains the distinguished name (DN) for each managed object (MO) in the DME payload. Issue a GET request using the DN to verify the configuration was posted or to get information about the configured properties of a particular object.

l1PhysIf Properties

The following table contains information about the l1PhysIf properties in the DME payload. For more information about the properties and MOs, see the NX-API DME Model Reference linked in the Related Documentation section below.

ipqosUntaggedCos Properties

The following table contains information about the ipqosUntaggedCos properties in the DME payload. For more information about the properties and MOs, see the NX-API DME Model Reference linked in the Related Documentation section below.

Related Documentation

For other CLI options, see the Cisco Nexus 9000 Series NX-OS Command Reference:

http://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-command-reference-list.html

See the NX-API DME Model Reference for detailed information about classes and attributes described in the payload:

https://developer.cisco.com/site/nx-os/docs/nexus-model-reference/

For information about using the payloads, see the Cisco Nexus 9000 Series NX-OS Programmability Guide:

https://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-programming-reference-guides-list.html