[asterisk-users] QoS & VPN
Brent Davidson
brent at texascountrytitle.com
Fri May 8 17:17:40 CDT 2009
Jeremy Mann wrote:
> Access-list 100 permit ip host <asterisk server> any
>
> Class-map match-any voip
> Match access-group 100
>
> Policy-map voip
> Class voip
> Priority 256
> Class class-default
> Fair-queue
>
> Interface fastethernet 0
> Service-policy output voip
>
>
> Above is what I do to prioritize 256kbit of outbound bandwidth to voip calls, adjust accordingly. You must also use the qos pre-classify in your ipsec tunnel definitions for this to work, but it does work well. I know I'm potentially mapping other traffic than voip, but I'm lazy and don't want to classify the rtp and sip and iax ports, rarely does the box do any other traffic than voip as updates occur in off hours.
>
> You'll probably additionally want to match your ipsec keying traffic and give it priority bandwidth, if you're going to push voip through the tunnel you'll find yourself rekeying more often and want to make sure on a saturated link it gets priority so the tunnels don't drop.
>
> If you're on DSL, you probably want to research cascading the Qos, have a root policy that throttles all bandwidth to a certain speed, then a child policy that prioritizes that bandwidth, so you don't saturate your outbound circuit(think in terms of P2P protections).
>
>
Thank you. This is EXACTLY what I was looking for. Do the packet
counters for show policy-map int fast 0/0 only increment when the
queuing kicks in or should they be incrementing all the time as packets
flow?
Thanks again,
Brent
More information about the asterisk-users
mailing list