<br><font size=2 face="Courier New"><snip></font>
<br><font size=2 face="Courier New">> We're trying to PQ (Priority Queue)
packets on a Cisco using ACL's. What<br>
> we're trying to avoid is hardcoding the IP address in the ACL. We
were<br>
> trying to match by TOS set by Asterisk however it seems we've run
into a<br>
> snag where the packet TOS tends to get reset somewhere on our network.<br>
> Has anyone had this issue? We're running Cisco everywhere inbetween<br>
> (even the switches). Is there an alternative way to match these? We've<br>
> thought of by port but that's kind of ad-hoc IMHO.<br>
<br>
If the TOS is getting reset somewhere out there you need to go through<br>
all of your switches and make sure that none of them are messing with<br>
the TOS. Unfortunately doing QOS on Cisco switches is a black art
as<br>
the necessary commands depend on the hardware and the IOS version (or<br>
CatOS version if you are unlucky). Check the documentation for your<br>
switches for the "mls qos trust" command.<br>
<br>
Cisco routers, on the other hand, don't mess with IP TOS/DSCP labels<br>
unless you specifically ask them to.</font>
<br><font size=2 face="Courier New"></snip></font>
<br>
<br><font size=2 face="Courier New">What's wrong with doing it by port?
If it is possible that something else out there may use the same TOS flags
as Asterisk, by prioritizing port 4569 (IAX2 protocol) you know for sure
that the only packets in that queue are VoIP traffic. Also, what about
your incoming traffic? Are the TOS flags correct there? I'm not saying
that TOS is bad, just that as you've seen, it can get changed along the
way. I'm using port number to separate traffic and it is working great.</font>
<br>
<br><font size=2 face="Courier New">-Ron</font>