Hi William,

There are some shortcomings in the config. Please get more familiar with QoS by reading the above links provided by Chris. For your convenience, I will try to point out a few things and provide you a sample config, providing a direction to start with.

1) Incorrect QoS Mechanism: Assuming you are trying to configure above for Voice\Real time traffic - first and foremost issue is the QoS mechanism you are choosing is wrong. You are configuring CBWFQ. You are just providing a guaranteed bandwidth to both the Real Time and Critical Data classes you are configuring - there is no priortisation of the real time traffic. The best practice for voice\real time is using LLQ. LLQ comprises of a priority queue for voice traffic + CBWFQ for other classes.

In the SRND specificaly you go to this section to understand LLQ:

http://www.cisco.com/en/US/docs/solutions/Enterprise/WAN_and_MAN/QoS_SRND_40/QoSIntro_40.html#wp60986

Sample Config:
I would suggest using LLQ with Hiearcchical QoS.
I am not creating class maps, you need to identify and classify traffic according to your needs.

policy-map CHILD
class VOICE
priority percent 33 << you can modify according to your needs, Cisco recommended value
class SIGNALING
bandwidth percent 2 << you canmodify according to your needs, Cisco recommended value
class CRITICAL-DATA
bandwidth percent X << set according to your needs
class X
bandwidth percent X
class Y
bandwidth percent X
class class-default << in the end traffic not belonging to any class goes to this class.
bandwidth percent 10 << you can change according to your needs
random-detect
.... and so on - you can go as granular as you want

policy-map PARENT
class class-default
shape average10000000 <<< shaping to 10M
service-policy CHILD

interface FastEthernet0/1
description *** Link to WAN ***
service-policy output PARENT

PS: Excuse any syntax errors as I donot have a CLI nearby.

I have just created a sample config and assigned bandwidth for Voice and signaling according to Cisco's recommendations. This will priortise Voice traffic, it will be serviced before any other traffic. Using CBFQ for other classes. All the traffic will be shaped to 10M. Please see below for more and you can do that for what works best for your environment. You can go granular, consider differentiating traffic - Voice, Video, Call Signaling, Critical Data, Medium, Scavenger traffic, Routing (bgp, ospf, eigrp etc), network management (telnet, ssh, snmp, dhcp, ntp etc.)

http://www.cisco.com/en/US/docs/solutions/Enterprise/WAN_and_MAN/QoS_SRND_40/QoSIntro_40.html#wp61026

2) Not Optimal Classification and Marking:

i) You have created only two classes for Voice and Critical data, providing them guranteed bandwidth. Rest of the traffic is going to default queue with no guranteed bandwidth etc. You may be sending traffic to default queue which may require better treatment. You can go more granular, create more classes and provide them differential treatment, as I have mentioned in point 1. So you can service all traffic appropriately.

ii) As Chris has already pointed, you are marking data with af41, its normally used for video. If any other video device is marking af41 (and trusted) it will also fall in the same class and use the bandwidth.

Not of much relevance but in below ACL:

ip access-list extended SER-VOIP
permit ip 192.168.56.0 0.0.0.255 any
permit udp 192.168.56.0 0.0.0.255 any << you can remove this line, this doesn't make any sense as you are already permitting IP in the above line, you are matching everything in first line.

I hope its helpful to you. Please feel free to ask if you have any questions.

Terry

Thank you everyone for the reply's they are very helpful. The configuration I posted is what was already setup, I just added it to the new router for our new ISP. I have been researching the documents mentioned, however, I was in a bit of a pinch, that is why I posted it to get atleast a better option and suggestions. As for the questionof why the af41 was set up withRDP, Telnet and SSH, this is the primary traffic that we need to have a higher priority for, we use thin clients that connect across the WAN so that is why that traffic is important. Our service provider has CoS models that they have setup for us to choose from, we chose the 60% real time, 32%critical Data, 4% and 4% which we will call best effort.

Thank you again fro the responses, not a master of QoS and learning. This was going to be our initial setup and we were going to modify as we needed to make changes. More research is needed but I definately appreciate your replied.

Thank you,

Billy

Billy,

Thanks for the follow up and enjoy mastering QoS :-)

Please rate all useful posts!

Chris

Not a problem Billy. Please let us know anytime if you have any more questions.

Terry

OK, I asked the equipment provider how the voice gateway's are tagging the traffic, their response is that it is tagging it

IP Precedence = 5

How does that work with the voice and signaling classes, I'm not sure. I am going to contact the manufacturer to get the correct settings.

IP Precedence if first 3 bits of TOS header which can be mapped to DSCP value. IP presence of 5 translates to DSCP value of 40 and 46.

http://bogpeople.com/networking/dscp.shtml

Cisco switches provide this mapping automatically.  Normally you do not want to use IP Precedence of 5 for signaling as it is reserved for actual voice RTP packets, and signaling should be using IP Precedence of 3, DSCP CS3 or AF31.

HTH,

Chris

I am learning more as I go along here, still haven't implemented the QoS but I think I am getting closer. Once I get this done I'll post what I setup and you can take a look, if anything it might end up being entertaining. Thank you everyone for your in put, good stuff!