Thanks,I have a few questions and a comment.

Would this be a better solution than setting up something with IP Precedence bits?

Our remote users are using cable/dsl modem-routers so we may not be able to control their bandwidth allocation like that.

In this setup does the priority percentage reserve 15 of the bandwidth or gaurantee that? If no VOIP calls were being made could another type of traffic use our full 5Mbps or would 15% be unavailible? Could the VOIP traffic use more than 15% in this setup?

Would a similar setup be needed for VPN traffic or can something else be done with it to prevent it from dropping during high loads?

Thanks,

You can use IPP for marking - same can be said by using DSCP or COS - your choice.

Ideally, any type of QoS marking must be made closest to the source - then the router would match against the QoS marking instead of having an ACL.

The priority percentage will dequeue the matched traffic before any other type of traffic. It's not a reservation per say but if there is matched traffic vs regular traffic, the matched traffic will exit the interface first (up to the selected value). In your case, it will be 15% of the 5M pipe - that's the reason I added the 'bandwitdh' command because if you don't - the QoS will calculate based on the physical interface 100 or 1000Mbps.

You can use CBWFQ for VPN/IPSec traffic if you want to avoid tunnel drop off.

Regards,

Edison

We can mark the packets with IPP at our HP switch, I've read that 7 the highest priority is typically reserved for LAN traffic would it be better than to prioritize the VOIP traffic as 5 or 6? Once IP precedence markings are made what setup is needed on the router?

A related issue we are having, in our BGP setup the slower circuit is giving more and often prefered/better routes than the faster circuit. I have some things in place (local preference, as-prepending) to try and push as much traffic as I can toward the faster circuit but much of the upstream traffic still exits the slower circuit. Is there anyway to fix this? I belive this would help solve the problems we are having as much as QoS solutions.

Thanks.

Voice traffic should be IPP5

On the router, all you need to modify the class-map from my previous config recommendation.

The old class-map matched against an ACL while the new class-map will match against precedence 5.

As for the BGP, please post configs and routes in question.

Local preference will aid on traffic leaving your network. For traffic entering your network, you may need to employ AS-PATH Prepend out.

BGP configuration was posted above but reposted here for ease. The WANbackup link often gives better routes and traffic exits via this route despite the weights, prepending and local preference.

router bgp 50

no synchronization

bgp log-neighbor-changes

bgp bestpath as-path ignore

network 10.0.0.0 mask 255.255.255.0

neighbor 30.20.20.10 remote-as 10

neighbor 30.20.20.10 description WANbackup BGP

neighbor 30.20.20.10 ebgp-multihop 10

neighbor 30.20.20.10 update-source Serial0/0/0

neighbor 30.20.20.10 weight 100

neighbor 30.20.20.10 prefix-list WANprimary BGP-out out

neighbor 30.20.20.10 route-map WANbackup BGP-in in

neighbor 30.20.20.10 route-map WANbackup BGP-out out

neighbor 20.10.10.255 remote-as 40

neighbor 20.10.10.255 description WANprimary BGP

neighbor 20.10.10.255 ebgp-multihop 10

neighbor 20.10.10.255 update-source GigabitEthernet0/1

neighbor 20.10.10.255 weight 200

neighbor 20.10.10.255 prefix-list WANprimary BGP-out out

no auto-summary

!

ip forward-protocol nd

ip route 10.0.0.0 255.255.255.0 Null0 255

ip route 30.20.20.10 255.255.255.255 30.20.20.105

ip route 20.10.10.255 255.255.255.255 20.10.10.103

ip route 20.11.10.255 255.255.255.255 20.10.10.103

!

!

no ip http server

!

!

ip prefix-list WANprimary BGP-out seq 5 permit 10.0.0.0/24

route-map WANbackup BGP-in permit 10

set local-preference 80

set as-path prepend 50 50

!

route-map WANbackup BGP-out permit 10

set as-path prepend 50 50

Doing some more reading it looks like CBWFQ is the way to go to get the traffic out in timely manner. I see 2 main types of traffic that need to be classified and given a percentage amount, VOIP and VPN. VOIP should be the priority and I'm thinking 20% of bandwidth during congestion. VPN 15% and a lesser priority but still more important than general web traffic. For the sake of example we'll say the VOIP hardware at my site has an IP of: 10.0.0.5 and the VPN: 10.0.0.10

The ACL configuration itself is where I'm a little confused. Below is my thinking but maynot be correct.

Router(config)# class-map VOIP-class

Router(config-cmap)# match access-group 101

Router(config)# policy-map VOIP

Router(config-pmap)# class VOIP-class

Router(config-pmap-c)# bandwidth percent 20

Router(config-if)# service-policy output VOIP

Router(config)# access-list permit ip 10.0.0.5?

How best should the ACL's be configured? How would they be configured using IPP? 1 end user with the VOIP phones themselves have a static ip the other 2 have dynamic from their ISP.

Thanks.