04-21-2013 07:39 PM - edited 03-04-2019 07:40 PM
Hi ,
I want to establish QOS on our ASA firewall for VOIP traffic but have a question about its functioning.
5 Mbps internet connection ----> ASA ---> LAN
If I apply it to outside interface (connected to 5 Mbps internet) , will priority queuing kicks in when 5Mbps bandwidth is saturated or when the actual physical Interface (100 Mbps) is saturated?
Thanks,
04-21-2013 10:12 PM
Hi Sandip,
I would like to understand more on this,
1) Do you have an IPSEC tunnel running in from your ASA to some office ?
2) Do you have an agreement with your Internet service provider to carry your QoS Markings End-to-End?
Without an agreement with Service provider, you would never be able to achieve an end-to-end priority for your VoIP.
Regards
Vivek
04-21-2013 10:24 PM
Its an Internet leased line from provider and we used it for both voice and data traffic from LAN. There is 90% voice traffic
We just want to ensure that any heavy download from LAN client should not consume entire 5 Mbps bandwidth and prevent it from affecting voice quality.
We do not have any agreement with ISP but it is guaranteed 5 Mbps up/down bandwidth and there is no IPsec tunnel.
04-21-2013 11:21 PM
Well in that case, i would suggest to speak to the ISP & get this clarified. In order for you to get a priority treatment of voice traffic, your service provider should carry those QoS markings end-to-end. This involves co-ordination by the ISP with other ISP vendors as well.
04-21-2013 11:49 PM
Hi Vivek,
thanks for your input.
With current scenario, Is there any other QOS technique which can help us to prevent voice traffic not affected by download from client? (i.e like reserving some bandwidth in-out from ASA for voice traffic or limiting http traffic to consume cettain bandwidth only)..
04-22-2013 12:04 AM
Hi Sandip,
What is the router model on the internet edge?
Regards
Vivek
04-22-2013 12:06 AM
Its ASA 5510
04-22-2013 01:34 AM
Yes, i think we can do something about your requirement here. Solution would be configure Traffic Policing. Define the classes - VOIP & HTTP/S etc. You would effectively be rate-limiting the traffic. You can define the WEB traffic to be dropped if it goes beyond the configure limit. Below is a link which may help.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide