We are using an ASA 5510 as our gateway to our ISP. All of our VOIP traffic is sent to an Internet SIP provider for our outbound calls. Our pipe to the Internet is 100Mbps metro ethernet. I am trying to find a way to provide QoS for this traffic so that I can reserve 20Mbps of the available 100Mbps pipe for VOIP traffic.
From what I've been able to figure out so far I would use a combination of priority queues and traffic policing. However, it seems that this is nearly impossible to accomplish because I cannot control the remote device that my ASA connects to because it is the ISP device. I could police traffic on the inside interface of the ASA. However, lets say that a client on our network starts downloading from an Internet host and the downloaded traffic saturates my Internet connection. I could police this incoming (from the Internet) traffic on my outside interface of the firewall. This would drop the packets but the bandwidth would have already been used by the time it reaches my firewall.
Would the fact that I'm policing incoming traffic on my outside interface cause the sender to throttle down their transmit rate because packets are being dropped? Would this help me achieve my goal of guaranteeing available bandwidth for my VOIP traffic by not allowing other traffic to saturate the link?
Most documents I find regarding this topic describe providing QoS for VOIP traffic traversing a VPN connection in which case you could configure both end devices.
Thanks,
Pete
