[Asterisk-Users] VOIP CBQ BandLimit HELP!!

Andrew Kohlsmith akohlsmith-asterisk at benshaw.com
Tue Jun 1 06:41:38 MST 2004 

On Tuesday 01 June 2004 05:44, joachim wrote:
> Do you have a working firewall ruleset for HTB, optimized for voip ?

The other side of my SDSL link is our provider, which I happen to help out.  
They have a ptp T1  to their upstream (MCI) and I've placed the following 
configuraiton in the router to achieve two goals:

1. prevent the SDSL link to my company from getting saturated
2. keep 96kbps of traffic available at all times to VOIP traffic.

The configuration I have here works *amazingly* well in preventing long 
downloads (to my company) from screwing up VOIP traffic.  The HTB script I 
gave in my last email works pretty decently at preventing large uploads (to 
the internet) from drowning out VOIP traffic.  You can achieve better voice 
quality by reducing the RATE and CEIL parameters in the script at the cost of 
sustained bandwidth use.  These modems really are kind of craptastic since 
they buffer so much.  :-(

Notes:
Access List 105 matches any udp/4569 (IAX2) traffic
Access List 2128 matches any traffic for my company
You can only shape TCP traffic, since it will back off if packets are dropped.  
you cannot shape UDP traffic, but you can rate-limit the router's OUTPUT of 
any kind of traffic.  This is why it is best to try and have control over 
BOTH ENDS of your link.

class-map voice
  match access-group 105

policy-map policy1
  class voice
    priority 96
  class class-default
   fair-queue

interface e0/0
 rate-limit input access-group 105 128000 65536 65536 conform-action 
set-prec-transmit 5 exceed-action set-prec-continue 0
 rate-limit output access-group 105 128000 8000 8000 conform-action 
set-prec-transmit 5 exceed-action continue
 rate-limit output access-group 2128 640000 1500 2000 conform-action 
set-prec-transmit 1 exceed-action continue
 rate-limit output access-group 2128 64000 1500 2000 conform-action 
set-prec-transmit 1 exceed-action drop
 full-duplex
 service-policy output policy1

interface s0/0
 rate-limit input access-group 105 128000 65536 65536 conform-action 
set-prec-transmit 5 exceed-action set-prec-continue 0
 rate-limit input 1408000 8000 8000 conform-action transmit exceed-action drop
 service-policy output policy1

access-list 105 remark VOIP (IAX2) traffic gets top priority (5)
access-list 105 permit udp any any eq 4569

More information about the asterisk-users mailing list