This is a small post about one specific Cisco Catalyst 4500 Classification characteristic. The one I was lucky to find and read in advance before I deployed QoS configuration changes. Here it is.
If you run Cisco Catalyst 4500 on a Supervisor card older than V-10GE, software older than Cisco IOS Release 12.2(31)SG and you classify traffic with service-policy that refers to DSCP value (via ACL, or class-map match statements), you MUST HAVE qos trust dscp configured on a port!
Simple as that. If you don’t do that, your service-policy won’t see DSCP values, and won’t be able to classify traffic in a right manner. Here’s a screenshot from the Cisco Catalyst 4500 QoS configuration guide that proves my words.