The information posted here is a summarized version of the Cisco AVVID QoS Design Guide. The person who posted this is not liable for any network problems or any damage caused by configuring their router to the following specification. If in doubt, open up a Cisco TAC case where a Cisco Engineer will get in touch to help you implement or troubleshoot your design or issue respectively. You may also ask the Cisco forum community for any advice but community accept no liability for any recommendations made which are then implemented.
The example below is using a Cisco 79xx IP Phone, 2924 Switch (12.0(5)XU EN, and a 2600 Router (12.2(11)T IP/FW/IDS PLUS IPSEC 56). Make sure the versions of IOS that you're running support the commands used before implementing in a production environment. It also assumes that you are using separate VLANs for data and voice (VLAN 100 for data, and 101 for voice).
This example assumes the following network setup:
PC--->79xx---->2924---->2600---->Internet
Configuring the 2924 Switch:
!
interface FastEthernet0/1
switchport trunk encapsulation dot1q
switchport trunk native vlan 100 !this is the data vlan
switchport mode trunk
switchport voice vlan 101 !the vlan for voice
spanning-tree portfast
switchport priority extend cos 0
speed auto
!
The above port configuration allows for both voice and data traffic from separate vlans. Cisco IP Phones automatically support 802.1q trunking and 802.1p COS tagging, which will tag all outgoing voice traffic with an L2 COS of 5, and a L3 IP Precedence of 5. The 'switchport priority extend cos 0' ensures that all data traffic has it's L2 COS tag re-classified as 0. This will ensure a PC connected to the phone is not also classifying its traffic.
Additionally, if your switch supports inline power, add the following to the above configuration: 'power inline auto'
NOTE: The 'speed auto' command is extremely important. Cisco IP phones default to auto-negotiation for speed and duplex.If the switch port is set to 100baseT full-duplex, the IP phone automatically sets its port to 100baseT half-duplex, causing a duplex mismatch.
Configuring the 2600 router:
The first thing we need to do is define access-lists to match our voice traffic. We will create 2 extended ACLs, one for the voice RTP traffic, and one for the voice signaling traffic.
For Skinny, H.323, MGCP:
!signaling traffic
access-list 101 permit tcp any any range 2000 2002
access-list 101 permit tcp any any eq 1720
access-list 101 permit tcp any any range 11000 11999
access-list 101 permit udp any any eq 2427
!
!RTP traffic
access-list 102 permit udp any any range 32767
For SIP/IAX/IAX2:
!signaling traffic
access-list 101 permit udp any any eq 4569
access-list 101 permit udp any any eq 5036
access-list 101 permit udp any any eq 5060
!
!RTP traffic
access-list 102 permit udp any any range 16384 32767
NOTE: You may also use a 'permit ip 1.1.1.0 0.0.0.255 any' command on the signaling access-list to match all hosts in a particular subnet, assuming all IP phones are on the same subnet and their own vlan.
Next, we create class maps for each type of traffic:
!
class-map match-all voice-traffic
match access-group 102
!
class-map match-all voice-signaling
match access-group 101
!
Then create a policy map for the classes:
!
policy-map qos-voice
class voice-traffic
priority 240
class voice-signaling
bandwidth 16
class class-defult
fair-queue
!
The policy-map on the router places all voice traffic into the Priority Queue, which is given 240kbps of bandwidth. All signaling traffic is in a class-based queue with 16kbps of bandwidth. And all other traffic is queued using Weighted Fair Queuing.
To determine how much bandwidth to give to voice traffic:
Number of simultaneous calls X 80 (for g711u)
Number of simultaneous calls X 11 (for g729)
Finally, apply the policy to the interface:
!
interface FastEthernet0/0
service-policy output qos-voice
!
NOTE: If you are using sub-interfaces, applying the policy to the fa0/0 interface will also apply it to all sub-interfaces (i.e. fa0/0.1, fa0/0.2 etc.) To apply a QoS service-policy to a specific sub-interface refer to this Cisco link.
Applying QoS Features to Ethernet Sub-interfaces
As Qos is generally configured on outgoing traffic, it will help if you have control over both sides of the link. You can also apply rate limiting to inbound traffic if you so choose, however it will only work with TCP traffic.
!
interface Serial0/0
rate-limit input 1408000 8000 8000 conform-action transmit exceed-action drop
This will allow no more than 1408kbps through; any excess will be dropped. Again, this only works for TCP traffic, since dropped packets will cause the sender to back off and try again slower.
-b
 feedback form
 feedback form
by nozero  edited by aryoba
last modified: 2009-04-21 09:32:16 |
