Comprar o Renovar
Comprar o Renovar
cancelar
Activar sugerencias
La sugerencia automática le ayuda a obtener, de forma rápida, resultados precisos de su búsqueda al sugerirle posibles coincidencias mientras escribe.
Mostrando los resultados de 
Buscar en lugar de 
Quiere decir: 
cancel
Iniciar una conversación
1158
Visitas
0
ÚTIL
1
Respuestas

Basic QoS over a VPN?

cluovpemb
Level 1
Level 1

el ‎01-22-2013 12:53 PM

I have a pair of Cisco 891W routers, deployed one at each site.  I have site to site (L2L) IPSec VPN configured and working using crypto maps.  All traffic is allowed from one LAN to the other, as far as I know. 

Today I dicovered that I need to put in QoS to support an IP Phone.  A single IP phone at branch office, to the main phone system at head office. 

I do not have experience with QoS at all.  Simplicity is key here. 

From what i find online, here's what I believe needs to be done:

1.  Create an ACL, calling it VOIPACL, specify the IP of the phone going to the network where the phone system is.  So:

     permit ip host 192.168.4.201 192.168.0.0 0.0.0.255

2.  Create a class map to house the ACL

     #class-map match-all VoIP

     #match access-group name VOIPACL

3.  Create policy map to house the clas map

     #policy-map VoIP

     #class VoIP

Here's where I get lost.  There seem to be various opinions of how to do things but as I don't understand the implications of anything, I am not goign to attempt anything without expert or experienced confirmation.  For example, I can put bandwidth percent 50, which I guess divides the line into 50% for any traffic coming from 192.168.4.201 IP phone, and since I didn't specify what to do with the other 50%, I assume the router just ttreats that as regular traffic. 

Then I saw stuff about IP precedence, and Set priority, and Priority, and fair-queue and so on.  At that point I stopped, and now need help

Etiquetas:
  • VPN
0 Útil
1 RESPUESTA 1

Marcin Latosiewicz
Cisco Employee
Cisco Employee

el ‎01-23-2013 02:02 AM

Voice traffic typically should be guarnateed priority queue to avoid delay/jitter.

You might be also interested in qos pre-classify:

http://www.cisco.com/en/US/docs/solutions/Enterprise/WAN_and_MAN/QoS_SRND/IPSecQoS.html#wp56280

Some config guide material:

http://www.cisco.com/en/US/docs/ios-xml/ios/sec_conn_dplane/configuration/15-mt/sec-llq-ipsec-enrypt.html

What you also need to remember is that voice(RTP) traffic should be marked by default with EF DSCP - this tagging should be copied to the outter header afetr encapsulation, you can also use that when making decision.

0 Útil
Customers Also Viewed These Support Documents