Solved: SGE2000p QoS for VoIP

broomstar · ‎07-10-2014

I am trying to increase our phone quality issues. Things like backup tapes, heavy download etc are causing the phones to get all crackly. I am not sure where to start. Everyone says VLAN's but I don't know if that's the best choice. I don't know anything about the QoS within the SGE2000P switches. I keep reading but it doesn't get any clearer. I need a little direction help. I see things on VLAN, QoS basic, QoS advanced and not sure which route to go.

I have 3 network segment stacks of switches 8 switches total all the same SGE2000P. The main stack is connected to the smaller stacks by a fiber optic cables. Some computers are connected to the voip phones due to lack of cabling within the building but a lot of the phones have a dedicated line back to the switches.

Brandon Svec · ‎07-11-2014

Think of the phones as three port switches (because that is what they are). One port is the phone, one port goes to switch and one port goes to a PC. On a switch when you define a port as a trunk you can tag traffic for VLANs creating separate virtual LANs on a single physical link. Similarly, on the phone side when you configure an IP phone to use a VLAN you are telling that switch to have a trunk port back to your main switch and for the phone to communicate on that tagged VLAN.

The native VLAN is the untagged VLAN. Computers don't understand VLANS and just send untagged traffic so when you plug the PC in the back of the phone it will still operate the same as it does now. the difference will be the phone will be on a different subnet and VLAN.

Using example of VLAN 100 for voice you would need to change the IP of your IP PBX to something in a new subnet like 192.168.100.1/24 and create an access port on a switch an put it in VLAN 100. Connect that to your firewall for inter-vlan routing. Then find a way to get the phones an IP address in that subnet and configs updated to use VLAN 100 and register to 192.168.100.1. If you set up inter-vlan routing correctly ahead of time you should be able to have a phone reboot, come up on the data VLAN, get a new config that specifies using VLAN 100, reboot again and this time come up on VLAN 100 with new address and work correctly.

-- please remember to rate and mark answered helpful posts --

View solution in original post

Brandon Svec · ‎07-10-2014

VLANs is generally correct and best practice. QOS is a big topic and often not necessary or worthwhile in my opinion. But- big question first is: hosted or on premise VOIP? If on premise IP phones connecting to IP PBX should be on voice VLAN period. If hosted via internet then you may need to implement QOS and make sure voice gets priority over all other traffic as it leaves your LAN and goes through firewall/router. Even then, if you are going out the internet there is no more QOS at that point and you could still have issues for various reasons.

If you provide more details like hosted vs. premise and what types of phones you are using I may be able to give some more advice.

Good luck.

-- please remember to rate and mark answered helpful posts --

broomstar · ‎07-11-2014

Thank you for your response.

I have about 130 end points and 65 voip phones. We purchased an AllWorx system which many people have never heard of. We host the PBX onsite and have a external service that provides us with the SIP Trunks. I have QoS on our router for SIP priority which helped, but my issues now are internal. My best example is when the backup system is running the phones are terrible. As soon as I cancel the backup the phones clear up. (my backup schedule has since been changed). I see other instances where the PC's cause issues with phones and I wanted to see if my SGE2000P switches could be configured to somehow blanket prioritise SIP traffic above everything else.

I have 3 different stacks of SGE2000p's connected by fiber cables. Problem is I have a number of PC's that connect to the phones for connectivity due to lack of cabling. I've never created a VLAN before only studied it in college. I understand the concept but don't have hands on experience.

Brandon Svec · ‎07-11-2014

I have actually heard of AllWorx, but have very little experience with them. I still suggest you plan and implement a voice VLAN for the phones. This will keep all broadcast traffic from your data VLAN from ever touching the phones on the voice VLAN. So backups, large downloads, viruses, etc will not affect internal voice traffic. There are several considerations to make this work:

- Configure the switch ports as trunks with native VLAN for data and tagged VLAN for voice. This is the easiest part.

- Where do phones get DHCP from now and where will they get DHCP from on new voice VLAN? The AllWorx server may be able to provide DHCP to the phones. You might want to use DHCP relay to serve from an existing DHCP server.

- How will you reconfigure 65 phones to use voice VLAN? Manually is an option, but you want to find a way to do this automatically so you don't have to touch all the phones. Perhaps the phones can get an updated config from the AllWorx server telling them to used tagged voice VLAN. If you plan and configure network correctly you could potentially reboot all the phones and have them come back up in the voice VLAN and work.

-inter-vlan routing. you probably want/need to route traffic between data and voice VLAN for admin and maybe desktop applications and access for users. You would probably want to do this with your firewall with a trunk port or possible with 2 access ports if you have an available port on your firewall.

I don't think you will get this all done just through a forum like this, but will need to engage with a Cisco partner and maybe your AllWorx partner too.

Good luck.

-- please remember to rate and mark answered helpful posts --

broomstar · ‎07-11-2014

I am very comfortable with the allworx box so configuration there is pretty easy for me with the exception of the VLAN part. I think I understand your concepts however if the PC is plugged into the phone the then phone into a switch port it would be my understanding that all the phones and all the PC's would need a home run line and not be daisy changed together. Would that be correct?

The phone's currently use the same DHCP server as the computers. The allworx box has built in DHCP services within it so it wouldn't be an issue changing that around. I inherited the system so I just left it the way it was and wasnt entirely sure they went that route in the first place. I assumed it was because of the PC's that are connected to the phones.

Can you maybe explain this a little bit more? " Configure the switch ports as trunks with native VLAN for data and tagged VLAN for voice. This is the easiest part."

I have a decent router with many ports available for routing. Once I figure out what needs to be done I can do the routing. Again lack of VLAN knowledge is my only hold up.

Brandon Svec · ‎07-11-2014

Think of the phones as three port switches (because that is what they are). One port is the phone, one port goes to switch and one port goes to a PC. On a switch when you define a port as a trunk you can tag traffic for VLANs creating separate virtual LANs on a single physical link. Similarly, on the phone side when you configure an IP phone to use a VLAN you are telling that switch to have a trunk port back to your main switch and for the phone to communicate on that tagged VLAN.

The native VLAN is the untagged VLAN. Computers don't understand VLANS and just send untagged traffic so when you plug the PC in the back of the phone it will still operate the same as it does now. the difference will be the phone will be on a different subnet and VLAN.

Using example of VLAN 100 for voice you would need to change the IP of your IP PBX to something in a new subnet like 192.168.100.1/24 and create an access port on a switch an put it in VLAN 100. Connect that to your firewall for inter-vlan routing. Then find a way to get the phones an IP address in that subnet and configs updated to use VLAN 100 and register to 192.168.100.1. If you set up inter-vlan routing correctly ahead of time you should be able to have a phone reboot, come up on the data VLAN, get a new config that specifies using VLAN 100, reboot again and this time come up on VLAN 100 with new address and work correctly.

-- please remember to rate and mark answered helpful posts --

broomstar · ‎07-11-2014

I think I understand, I thought that you had to set the physical port as a specific VLAN. I didnt know it could be "dynamic" I thought that the ports had to be static to a specific VLAN.

So this leads me to another question. We have to sites main office and a satellite office. Does VLAN tagging carry accross a site to site VPN connection? The satellite office doesnt have a PBX it crosses the sitetosite VPN to connect to it.

Brandon Svec · ‎07-11-2014

VLANs live at layer 2 and do not traverse VPN layer 3. Since VPN traverses the internet there is nothing you can do except qos at the edges (similar to what you have for SIP trunks to internet) and try to have low latency reliable internet at both sides.

-- please remember to rate and mark answered helpful posts --

broomstar · ‎07-11-2014

So If I set up a VLAN my satellite office phones would need their own PBX. You helped clear up a few things for me. Thank you.

Brandon Svec · ‎07-11-2014

No they don't need their own PBX necessarily. That decision is usually based on local telco requirements. If the remote office can share phone numbers from the main office you can just have remote phones that register to the main PBX. The point is that a tagged VLAN will not traverse a VPN. You would still want voice VLAN at remote site and just route traffic from that network across the VPN.

Thanks for the rating.

-- please remember to rate and mark answered helpful posts --

broomstar · ‎07-11-2014

Oh I understand that makes sense.