cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
13653
Views
10
Helpful
16
Replies
sarfarazkazi
Beginner

Configuring Qos for VoIP

Dear All,

Hi, I have a cisco 2811 router. I would like to configure QoS for VoIP on that. Can someone guide me with the same?

Attached is the configuration of the router.

Regards

sarfaraz

16 REPLIES 16
sumit.marwah
Enthusiast

Hi Sarfaraz,

Below is the config that we have deployed for Voice Qos and it has been working well:

!

class-map match-any voice

match access-group 100

match ip rtp 16383 16383

!

!

policy-map voip

class voice

priority percent 75

class class-default

fair-queue

!

interface GigabitEthernet0/0

ip address 10.10.4.2 255.255.252.0

duplex auto

speed auto

media-type rj45

service-policy output voip

!

access-list 100 permit ip any any precedence critical

access-list 100 permit ip any any dscp ef

access-list 100 permit udp any any range 16384 32767

access-list 100 permit ip any any precedence flash

access-list 100 permit ip any any dscp cs3

access-list 100 permit tcp any any eq 1720

access-list 100 permit tcp any any range 11000 11999

access-list 100 permit udp any any eq 2427

access-list 100 permit tcp any any range 2000 2002

!

Hope this helps. We are giving a strict scheduling priority of 75% to voice.

Regards,

Sumit

Sarfaraz, some comments on Sumit's post.

You can incorporate your exiting policy class-map, with Sumit's, to continue to drop outbound P2P. I.e. You continue to have your existing policy inbound, and the newly combined policy outbound.

I see you're already using protocol matching, so you can also consider matching against protocol for voice in lieu of multiple port matching. Mix and various match criteria to match your voice traffic. Depending on what generates your voice traffic, you might only need to match against DSCP markings.

Sumit's is also matching DSCP CS3 and placing it into the LLQ. I suspect this is to cover voice signally. Normally, recommendations for signally is to place it into its own class to protect it, but it could be left where it is.

I recall Cisco recommending LLQ should comprise no more that about a third of the link's bandwidth. If you need more than that, they would recommend a link with more bandwidth.

A trick I use, I place a policer in the LLQ at the recommended bandwidth, lower than the LLQ setting, but set its exceed/violate actions to transmit. This allows me to see what bandwidth is being used before it gets dropped by the LLQ's hard bandwidth limit.

I noticed in your attached config, there are no serial interfaces and your policy is attached to FastEthernet. LLQ will only be of benefit if there's actual congestion on the interface, unlike the benefit of the traffic dropping policy you have now. Otherwise, the packets will be forwarded as they arrive. This is fine as long as there isn't a further bandwidth reduction along the path.

If there is a later bottleneck, you would need the queuing policy there or you can shape on this router to match the downstream bandwidth restriction.

PS:

Two other minor suggestions.

In 12.4 you can have named NBAR custom maps, makes the purpose a bit clearer than just custom-##.

If you use an ACL, they too can be named.

Hi,

This looks good. Can this be implemented on P2P T1 link as well.? Iam looking for configs to priritize traffic on a P2P T1 link. please suggest.

Thank you

MS

If your IOS supports the interface command service-policy output yourpolicyname, you should be able to. There are some feature differences based on IOS version.

Hi,

The IOS supports the comand under Ser 0/0/0:0..iam lookignto implement (both ends of T1)

class-map match-any voice

match access-group 100

match ip rtp 16383 16383

!

!

policy-map voip

class voice

priority percent 75

class class-default

fair-queue

!

interface ser0/0/0:0

ip address 10.130.10.2 255.255.255.252

service-policy output voip

!

access-list 100 permit ip any any precedence critical

access-list 100 permit ip any any dscp ef

access-list 100 permit udp any any range 16384 32767

access-list 100 permit ip any any precedence flash

access-list 100 permit ip any any dscp cs3

access-list 100 permit tcp any any eq 1720

access-list 100 permit tcp any any range 11000 11999

access-list 100 permit udp any any eq 2427

access-list 100 permit tcp any any range 2000 2002

So , this will strictly allot 75 of T1 bandwidht to Voice all the time and rest is for data traffic.

Also, when T1 link is not being utilized much, will the priority to voice traffic still be applied..?

Thank you

MS

"The IOS supports the comand under Ser 0/0/0:0..iam lookignto implement (both ends of T1)"

Correct, you should do it on both ends; outbound.

"Also, when T1 link is not being utilized much, will the priority to voice traffic still be applied..? "

No, only when there is congestion. But that's not a problem. If there is no congestion, there is no delay.

PS:

One caution, your ACL 100 is very broad. Anything that matches it will be in the LLQ.

Hi,

Thank you.. and you are point is correct. ACL is very broad. Iam trying to get more information on what ports, precedence and dscp value the IPC unit send to its servers.I migth land up in using ...

access-list 100 permit udp any any range 16384 32767

access-list 100 permit tcp any any eq 1720

but might add precedence and dscp values based on the feedback from voice tech.

Thank you

MS

You might also look to see, if your devices support it, whether NBAR might recognize the traffic.

Hi,

Thank you.. but as iam new to QOS stuff, wanted to keep it simple. So I might go with simple configs rather than getting into NBAR at this time.

Any suggestions on QOS over IPSEC vpn. We have few users use easy (ipsec) vpn from Home with ASA5505. I found a lin in cisco website, but looking for something that practically implemented and proved. The users have various internet connections.like cable modem, DSL etc...

Thank you

MS

Sorry, don't have any experience with the ASA series.

If you are still need help in this area check out this article...

Doing ASA Quality of Service (QOS) on DSL or Cable Internet

Fortis,

See my other post in this thread for a sample QoS config which should work for the majority of applications where L3 QoS can be applied.

Things to note:

* You should tailor the priority queue size to the amount of bandwidth you will use for the amount of calls you expect across the link at the same time with the codec/L2 overhead you are using.  Use the voice bandwidth calculator for this:

http://tools.cisco.com/Support/VBC/do/CodecCalc1.do

* For the call signaling queue size:

Estimate either .25K of signaling traffic per phone/gateway, or 8K (whichever number is *greater*).  You can find out how much bandwidth you will need for RTP traffic with the voice-call bandwidth calculator found here:

* You can verify the upload speed of the link (the speed you need to shape to in the shaper) by running a bandwidth test from a PC behind the link.  Be sure you use the value that is tested for *upload* and not *download* speed.

* NBAR is a good failsafe in case you have DSCP trusting issues upstream in the LAN at your L3 switches.  I like to configure both so that hopefully one gets caught.  The disatvange of just using NBAR is that it won't catch H.245 traffic, since that is ephemeral.  DSCP is required to identify that traffic.  Everything else can be caught based on port ranges defined in NBAR.

* For the ASA, you can't shape traffic.  You need to configure a policer on the WAN interface for that.

sumit.marwah wrote:

Hi Sarfaraz,

Below is the config that we have deployed for Voice Qos and it has been working well:

!

class-map match-any voice

match access-group 100

match ip rtp 16383 16383

!

!

policy-map voip

class voice

  priority percent 75

class class-default

  fair-queue

!

interface GigabitEthernet0/0

ip address 10.10.4.2 255.255.252.0

duplex auto

speed auto

media-type rj45

service-policy output voip

!

access-list 100 permit ip any any precedence critical

access-list 100 permit ip any any dscp ef

access-list 100 permit udp any any range 16384 32767

access-list 100 permit ip any any precedence flash

access-list 100 permit ip any any dscp cs3

access-list 100 permit tcp any any eq 1720

access-list 100 permit tcp any any range 11000 11999

access-list 100 permit udp any any eq 2427

access-list 100 permit tcp any any range 2000 2002

!

Hope this helps. We are giving a strict scheduling priority of 75% to voice.

Regards,

Sumit

Sumit, just a heads up on this, since your configuration probably isn't doing what you think it is doing.  QoS policies only take effect during congestion.  That means you need to push >1000Mbps of traffic through this interface before it actually does anything.  Unless you really have that much traffic going across this link, your QoS policy isn't doing anything.

Let's assume you have this topology (though the same concepts apply for any lower speed upstream link):

Router(gig0/0)------Cable Modem-----Internet

The congestion point here is the cable modem, since that's where it goes from a Gig speed to a slow upload speed (let's say 384k).  Hence, in theory, QoS would want to be applied at the modem itself.  Now, we know we can't do that since we don't have control over it.  As a result, what we typically do is move the congestion point backwards to the router.  This is done by applying a traffic shaped on the gig interface to shape the router->modem direction to the upload speed of modem->internet.  That way the congestion occurs at the router, so when the cable modem's link congests, the router is aware of it, and throttless the data traffic according to interleave RTP packets at the appropriate rate.

This is done with:

class-map match-any RTP-Class
match dscp ef
match ip rtp 16384 16383
class-map match-any Call-Control
match dscp cs3 af31
match protocol h323
match protocol sip
match protocol skinny
match protocol mgcp

policy-map shaper
class class-default
  shape average 250000 2500 0
  service-policy VoicePriority

policy-map VoicePriority
class RTP-Class
  priority 128
class Call-Control
  bandwidth 24
class class-default
  fair-queue

interface g0/0
  service-policy output shaper

Steven,

How did you come up with these numbers (bolded in red)? I have a DSL line that has a 5 Mbit upload and would like to configure a QoS policy to support one call. If I'm using DSL, should I put the service-policy on the Dialer interface, or the physical Ethernet interface?

 

policy-map shaper
class class-default
  shape average 250000 2500 0
  service-policy VoicePriority

 

policy-map VoicePriority
class RTP-Class
  priority 128
class Call-Control
  bandwidth 24
class class-default
  fair-queue