Showing results for 
Search instead for 
Did you mean: 

WAN QoS best practices

We have a MPLS WAN where we are deploying SIP. Our datacenter(DC) has a 100Mb MPLS connection and most of our sites are at 1.5Mb but some are up to 20Mb. We are currently only applying QOS shaping on the egress port at each site including the DC. We are using a 4 queue template that is 20% EF, 20% Critical data, 20% bulk data and 40% best effort. We have looked at utilization on the current PRI links and we have some peaks above our current QoS settings. We are thinking of giving the Real-Time data queue 40% instead of 20% but that doesn't affect ingress traffic just egress.

My questions are:

  1. What happens if the DC sends too many calls to a T1 site? (Let say there is a burst of calls from the DC to one T1 site.) Will the calls just use the bandwidth available? Is there anything we can do on the egress port at the remote WAN site?
  2.  What would happen if we were to put EF into the Critical data queue. The thought here is that we would have up to 60% of the egress pipe reserved for VOIP and Critical data. (This was a thought of my boss. My thought is to keep VOIP in the real-time queue exclusively but just increase the queue as needed or increase the link speed.)
  3. Another issue is that we have cameras at all of the sites. Sometime users from a slower site watch the video streams sometimes at faster sites with crushing results. Case in point is a guy sitting at a T1 site was pulling data from a 20Mb site crushing the smaller T1 sites ingress link. QoS wasn't applied to the egress stream due to the size of the 20Mb pipe but it certainly crushed the ingress T1 link at the requesting site. Is there a way to prioritize this traffic as well?   

You really need the MPLS

You really need the MPLS provider to support QoS as well to make this work really well.

If a class has a guarantee of a certain size and you exceed it, then the excess traffic is simply not guaranteed but can still be delivered.  It may have additional latency and almost certainly more jitter.


Hi Philip, 

Hi Philip, 

Sorry for the late reply.

We do use the carriers  4 que QOS model. It matches our egress qos settings 20(ef)/20(cd)/20(bd)/40(be).

Should we just increase que 1 for ef traffic to say 40% instead of 20%. 

We are rolling out centralized SIP and migrating away from site specific voice PRI's. We don't wan't to lose SIP calls due to running over the 20% que. 

I know there is a lot more to qos then I currently understand. I'm just trying to wrap my head around how real time traffic(VOIP) should be prioritized and why. 

VIP Expert



The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages wha2tsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.


Unfortunately, you have provided enought information to answer your questions.

Is your topology hub-and-spoke or mutlipoint?

If hub-and-spoke, can the aggregate of the spokes overrun your hub?

How (precisely) do you implement your egress QoS at your sites?

How (precisely) does you MPLS vendor's QoS operate?

Your VoIP uses what codec?


Hi Joseph,

Hi Joseph,

Sorry for the delay in my response.

We have a HUB and Spoke with multiple MPLS carriers and several MOE spoke sites.

Each of our MOE and MPLS carrier networks are full mesh.(See attached)

Individual MPLS networks aggregate could overrun our HUB. (See attached)

Here is our Egress QOS policy at a sample spoke site.

The Centurylink MPLS and MOE operate differently. The MPLS has 4 queues as does the MOE but with the MOE the P1 queue bandwidth is purchased in 5Mb increments the remaining are shaped. We then share the remaining BW P2 40% P3 20% P4 40% 

The MPLS is also 4 shaped queues P1 40%, P2 20%, P3 20%,  P4 20%. All queues can borrow from other queues if there is BW available from my understanding.

---------------------- MOE QOS -----------------------------------
class-map match-any Priority_1_QMOE
 match ip dscp cs5  ef
 match access-group name qos-priority1
class-map match-any Priority_2_QMOE
 match ip dscp cs4  af41  af42  af43  cs6  cs7
 match access-group name qos-priority2
class-map match-any Priority_3_QMOE
 match ip dscp cs3  af31  af32  af33
 match access-group name qos-priority3

policy-map OUTBOUND_QMOE
 class Priority_1_QMOE
  set ip dscp ef
  priority 5000
 class Priority_2_QMOE
  set ip dscp cs4
  bandwidth remaining percent 40
 class Priority_3_QMOE
  set ip dscp cs3
  bandwidth remaining percent 20
 class class-default
  set ip dscp default
  bandwidth remaining percent 40
policy-map 20M_QMOE
 class class-default
  shape average 18000000
  service-policy OUTBOUND_QMOE

interface FastEthernet0/1
 description 20M_QMOE
 ip address
 service-policy output 20M_QMOE

------------------ MPLS QOS ---------------------

class-map match-any Priority_1_MPLS
 match ip dscp cs5  ef
 match access-group name qos-priority1
class-map match-any Priority_2_MPLS
 match ip dscp cs4  af41  af42  af43
 match access-group name qos-priority2
class-map match-any Priority_3_MPLS
 match ip dscp cs3  af31  af32  af33  cs6  cs7
 match access-group name qos-priority3
policy-map OUTBOUND_MPLS
 class Priority_1_MPLS
  priority percent 20
  set dscp ef
 class Priority_2_MPLS
  bandwidth percent 20
  set dscp cs4
 class Priority_3_MPLS
  bandwidth percent 20
  set dscp cs3
 class class-default
  bandwidth percent 40
policy-map 1.5M_MPLS
 class class-default
  shape average 1350000
  service-policy OUTBOUND_MPLS

interface Serial0/0/0:0
 description Century Link MPLS Circuit DS1IT
 ip address x.x.x.x
 service-policy output 1.5M_MPLS

----------------- Shared QOS Access list -------------------------
ip access-list extended qos-priority1
 remark ShoreTel call control
 permit udp any any range 5440 5448
 permit udp any any eq 2427
 permit udp any any eq 2727
 permit udp any any eq sunrpc
 permit tcp any any eq sunrpc
 permit tcp any any eq 5440
 permit tcp any any eq 31453
 permit udp any any eq 31453
 remark ShoreTel call controll
 permit ip host any
 permit ip host any
 permit ip any host
 permit ip any host
ip access-list extended qos-priority2
 permit tcp any any eq telnet
ip access-list extended qos-priority3
 remark Move VDI and SSH to dedicated priority queue
 permit tcp any any eq 22
 permit ip host any
 permit ip any host
 permit tcp any any eq 4172
 permit udp any any eq 4172

We will be using G.711.

CreatePlease to create content