How to set QoS for users connected to ever-changing switch ports

Q:

Networking, enterprise networking, Enterprise networks, QoS, Quality of Service, Project management, Network hardware, Switches, Ports, Alcatel-Lucent, Polycom, 802.1x, VoIP QoS

We have a large enterprise network based primarily on Alcatel-Lucent switches that support QoS, and we are implementing video-conferencing based on Polycom equipment. Setting QoS on switch ports for Polycom appliances is not much of a problem, but we are about to roll out video conferencing software for use on staff PCs and laptops. How can I set QoS for these users when the switch ports they will be connected to will be ever-changing? The Polycom software can set DiffServ and P bits, etc. but this means all ports will need to be set as "trusted," i.e., set to "honor" user QoS settings. I'm not keen on this as it opens the network to abuse and misconduct, etc. I've considered 802.1x but this is a major undertaking. I've asked many people about this but have never got any definitive answers.

ASKED: Feb 27 2009 2:11 AM GMT

_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

RELATED QUESTIONS

A:

RATE THIS ANSWER

0
Click to Vote:

0
0

The first thing I would do is see what software options are available for your equipment. Sometimes enabling QoS is a matter of a software upgrade. If that is not possible, then check with Polycom and see if it is necessary. Sometimes the software utilizes streaming and multicast which eliminates the need for rolling QoS out to every laptop. The other option you have, obviously, is IP nailing and to enable QoS based on IP address if it is possible. You can do about the same with DHCP long term leases based on MAC address. If you have to do QoS via switch port and have no higher capabilities, then it gets tricky. You certainly don't want to "trust" all, but you might be able to trust all and then remove that trust in your firewall. There really are a lot of options, but I think your safest and cheapest bet is to determine if you really need QoS on the desktops. Think of it this way, if you use Skype, or other messenger services with video, QoS isn't needed as the software handles compression, etc. You may be OK the way you are. And finally, you may be able to share the Polycom resources via the network and have users attach through those resources for the conferencing.

Last Answered: Feb 27 2009 2:30 AM GMT by Chigbie

595 pts.

View History

A:

The first thing I would do is see what software options are available for your equipment. Sometimes enabling QoS is a matter of a software upgrade. If that is not possible, then check with Polycom and see if it is necessary. Sometimes the software utilizes streaming and multicast which eliminates the need for rolling QoS out to every laptop. The other option you have, obviously, is IP nailing and to enable QoS based on IP address if it is possible. You can do about the same with DHCP long term leases based on MAC address. If you have to do QoS via switch port and have no higher capabilities, then it gets tricky. You certainly don't want to "trust" all, but you might be able to trust all and then remove that trust in your firewall. There really are a lot of options, but I think your safest and cheapest bet is to determine if you really need QoS on the desktops. Think of it this way, if you use Skype, or other messenger services with video, QoS isn't needed as the software handles compression, etc. You may be OK the way you are. And finally, you may be able to share the Polycom resources via the network and have users attach through those resources for the conferencing.

RSS - Discussions Help

Discuss This Answer:

_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

Browse IT Answers by Topic