Buy or Renew
Buy or Renew
Notice: The file download function is disabled. We apologize for the inconvenience.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
646
Views
10
Helpful
3
Replies

Going psycho about routing

voip_tricks
Level 1
Level 1

‎01-03-2018 02:07 AM - edited ‎03-08-2019 01:17 PM

Hi everybody,

this is my first message, I'm not new to networking but not an expert, I hope I can explain well my problem.

I inherited a router 1841 IOS 12.4

The fisical external interface is configured as FastEthernet (with public IP address provided by ISP for browsing)+ tunnel IPSEC (company point-to-point VPN to another site).

Now I want to use this interface to do voip too.

My ISP says it's better not to use same IP address for browsing and for voip too. Does this idea sound normal to you? Since I have 5/8 public IP addresses, how can I accomplish ISP idea? Should I configure a secondary IP on the same FastEthernet?

Labels:
0 Helpful
3 Replies 3

Georg Pauwen
VIP
VIP

‎01-03-2018 02:49 AM

Hello,

 

I am not sure if the IP address is relevant. Anything voice related is more a question of using the right QoS.

Can you post the configuration you already have ? I assume the voice traffic has to traverse the VPN link ?

 

Below is a sample configuration for voice QoS. Since you are using a VPN, configure 'qos pre-classify' in your crypto map:

 

1841(config)# crypto map CRYPTO 
1841(config-crypto-map)# qos pre-classify

 

class-map match-any VOICE
match ip dscp ef
match access-group name RTP
!
class-map match-any SIGNALING
match ip dscp cs3
match ip dscp af31
match access-group name SIP
!
policy-map VOICE_PRIORITY
class VOICE
priority percent 33
class SIGNALING
bandwidth percent 5
class class-default
!
interface FastEthernet0/0
description ISP_LINK
ip address x.x.x.x y.y.y.y
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
crypto map CRYPTO
service-policy output VOICE_PRIORITY
!
interface FastEthernet0/1
description LAN
ip address 192.168.1.1 255.255.255.0
ip nat inside
ip virtual-reassembly
duplex auto
speed auto
!
ip access-list extended RTP
permit udp any any range 16384 32768
!
ip access-list extended SIP
permit tcp any any eq 5060
permit udp any any eq 5060
permit tcp any eq 5060 any
permit udp any eq 5060 any

Joseph W. Doherty
Hall of Fame
Hall of Fame

‎01-03-2018 06:40 AM

To support VoIP, you often need to manage bandwidth. Generally, as ISPs don't provide any QoS, mixing "general" Internet traffic with VoIP traffic is a bad idea.

(Actually, the Internet as a whole generally doesn't support QoS either, which argues against using the Internet for VoIP traffic. However, often the congestion points when using the Internet are its ingress/egress points. If you can provide QoS there, you're often okay. [NB: not always though which is why there's still a market for private WANs.])

You'll want one link/interface for general Internet traffic, and other link/interface for your p2p VPN traffic (which I assume is where the VoIP traffic will ride).

voip_tricks
Level 1
Level 1

‎01-11-2018 12:40 AM

Thanks for your answers, you solved my doubts.

0 Helpful
Customers Also Viewed These Support Documents