I really enjoy discussing network design and deploy details with colleagues, customers and fellow network engineer. I find these discussions challenging, stimulating. An open, sincere and collaborative discussion gives a chance to better understand the real needs, fears, doubts of other professionals and to validate knowledge, expose gaps and most of all I learn a lot. This is still valid when discussing Data Center design or simpler topics like how to cable switch stacks.
The dscp mutation map is a per-port configuration that permits to modify the dscp field of a packet. The mutation map works for EGRESS traffic only We trust the documentation but it’s event better to verify it. The topology si simple: PC1 126.96.36.199 -- G1/0/1 C3750-24 G1/0/24 -- G1/0/24 C3750-48 G1/0/1 -- PC2 188.8.131.52 running wireshark First step: turn on QOS on both switches with the command mls qos Then on C3750-24 port G1/0/1 we set COS to 5:
Private VLAN configuration: vlan 300 private-vlan primary private-vlan association 301-302 ! vlan 301 private-vlan isolated ! vlan 302 private-vlan community Port configuration: interface GigabitEthernet1/0/1 switchport private-vlan host-association 300 301 switchport mode private-vlan host What about the SVI? interface Vlan300 ip address 184.108.40.206 255.255.255.0 private-vlan mapping ? WORD Secondary VLAN IDs of the private VLAN SVI interface mapping add Add a VLAN to private VLAN list remove Remove a VLAN from private VLAN list If we add a private-vlan mapping to the SVI it works like a promicuous port for all the secondary vlans mapped, reachable by both isolated and community ports: