I have a pair of Polycom teleconferencing devices on my network that had been suffering connection woes for some time; replacing the power unit fixed "most" of the issues, but the users are complaining of poor latency due to getting choppy video through these devices.
As a result, I've been "asked" to implement Qos network-wide... I discovered that my core Cat6509 is already running the 'mls qos' command, but what else do I need to do that will ensure Qos at least out to my provider?
Is any configuration required for the PIX 535 firewall - if so, where can I find documentation for that?
Thanks in advance,
Implementing QoS is a bit more complicated than just turning on a few commands.
1) You first need to catagorize the traffic on your network
2) How it would be marked/recognised (DSCP diffserv usually) by the switches, routers, and other devices
3) How you want the devices to treat those packets. priority queueing, bandwidth reservation, etc. different hardware will have different abilities to support your QoS traffic types.
Here is a common way to treat traffic:
Type L3 DSCP value L2 CoS value
Voice EF 5
Video AF41 4
Call cntrl AF31 3
critical data AF21 2
best effort data 0 (be) 0
LAN equipement might treat both voice and video with priority queueing, bandwidth reservation for call control, and bandwidth reservation for critical data.
WAN equipement might treat voice with priority queueing, video with bandwidth reservation (variable bandwidth use) and bandwidth reservation for call control and critical data.
Once you have QoS traffic types, talk to your WAN provider(s) to see what their QoS capabilities or willingness to support QoS are. Even if you dont have provider support for QoS, just controling your egress queueing into the cloud could help you a lot.
Contact the manufacturers of your voice/video equipement to see what ports are in use or use a sniffer on a live session.
Lastly, read all the QoS specific material you can about QoS configuration for your hardware models. They will not all configure alike but you can get them close in functionality. Consider ALL equipement you can for QoS since QoS is truely an end to end need.
Are you using Polycom along with Cisco Phones? The Polycom allows you to set the IP precedence(L3) or DSCP(L2)value in Admin setup. Whether you can improve the quality probably depends on your WAN topology. Since you mention the PIX...do you have a private WAN or internet VPN between sites?
On my PIX515 I just need to open tcp/H323 and it will dynamically open the UDP streaming ports as needed. This feature really cleans up the configuration.
I use LLQ on the routers and use service-policy ouput on each link to apply it.
class-map match-all tos
match ip precedence 5
We do have IP phones, but they are Avaya, not Cisco...and they are not being used in conjunction with the Polycom; the Polycom's T-1 links are functioning fine - the only issues are IP related.
We use VPN tunnels between sites, but these connections are not related to the use of the Polycom - it connects to other sites across a MAN and the Internet, as needed.
My supervisor just picked up a book on how to configure QoS on a 6500 core, 3500 series edge topology (which happens to match our own), so we're going to be studying that on how to roll out the service network-wide.
Here is an excellent document on Cisco QoS strategies and configurations.
Also, you can find lots of detailed design references at:
At a minimum, please carefully read the first link. If you are not careful, enabling qos without working through the ramifications may actually break your QoS strategy. Why, because by default, the catalyst will not trust any qos markings it sees and re-mark them to best effort.
Happy reading and deploying...