cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3951
Views
0
Helpful
1
Replies

QOS over IPSEC VPN

Maleksalim
Level 1
Level 1

Hi everybody

i have 6 sites using tandberg visioconference system, each site have a cisco router 1841 configured with ipsec vpn, i have a 4 conference a week and my bandwidth is 2 meg, and when people are working we have a lot of problems and cut in our visio conference.

I have a big problem, i want to make a high level QOS priority to my TANDBERG visio conference system between my sites, the issues is that there is an IPSEC VPN in my cisco routers between those sites and as i know if the traffic is crypted we can not separate the packets or give higher priority to packets over anothers.

is there any solutions???

can i mark traffic in the lan interface and and make a high priority befors the packets go through the ipsec tunnel?

Salutations

1 Reply 1

Steven Holl
Cisco Employee
Cisco Employee

You need to preclassify your interesting traffic at the point where the VPN encryption occurs.  What that does is take the DSCP value on the packet and place it outside the IPSEC payload during encryption.

On an IOS router it is done here:

int tunnel0

qos pre-classify

For what it is worth, you probably don't want video traffic to go in a priority/real-time queue, typically.  Only RTP should go there.  In a perfect world you will have a queue provisioned in the provider circuit for your video traffic, and you'll send your video traffic through a queue that marks the traffic as what the provider wants to see for video.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: