Question

QoS on Cisco 2600 and 3745 Routers for VoIP

Asked by: its_a_houy

Good Afternoon,
I was hoping someone could assist me with setting up QoS on my 14 Cisco Routers to support VoIP.  I have a 14 site MPLS cloud that passes data and VoIP voice.  The pipes to each location are 1.54M (Cisco 2600 Routers), except for the main data center and DR site (Cisco 3745 Routers), which have 12M each.  
At times, users experience severe echoing and will have one-way voice degregation (I hear you fine, you can't hear me very well).  The phone system I use is not Cisco based, it is made by Sphere Communications it utliizes MCGP.  There are several ports they use for call set-up. call control, media streams, etc.  
I am utilizing the G.711 protocol, but I believe that users are monoplizing the bandwidth with Internet and email and killing the voice packets.  I need to set up QoS on these routers (and perhaps switches - Catalysts and Dell PowerConnect 3424's).  I hope someone can lead me in the right direction, as my boss has firmly crawled up my a**.  
Thanks!

This Question has been solved and asker verified All Experts Exchange premium technology solutions are available to subscription members.

Subscribe now for full access to Experts Exchange and get

Instant Access to this Solution

  • Plus...
  • 30 Day FREE access, no risk, no obligation
  • Collaborate with the world's top tech experts
  • Unlimited access to our exclusive solution database
  • Never be left without tech help again

Subscribe Now

Asked On
2008-04-20 at 13:42:24ID23338112
Tags

Cisco

,

Router

,

Cisco 2600 and 3745 Routers

,

Qos on Router

Topics

Voice Over IP

,

Network Design & Methodology

,

Network Routers

Participating Experts
2
Points
500
Comments
11

Trusted by hundreds of thousands everyday for fast, accurate and reliable tech support.

  • "The time we save is the biggest benefit of Experts Exchange to Warner Bros. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange." Mike Kapnisakis, Warner Bros.
  • "Our team likes having a resource that is more secure than just using Google and most experts using this service really know their stuff. It's nice to look here first versus using Google." Dayna Sellner, Lockheed Martin
  • "Anytime that I've been stumped with a problem, 9 out of 10 times Experts Exchange has either the accepted solution or an open discussion of the potential solution to the problem." Kenny Red, eBay Inc.

See what Experts Exchange can do for you.

Got a question?

We've got the answer.

Experts Exchange has been collecting answers to technology questions since 1996…3 million and counting! If you have a question, chances are we already have your answer.

Screenshot of Experts Exchange Knowledgebase

Need individual assistance?

Our experts are ready to help.

If you can't find the exact answer you're looking for, ask our exclusive community of 50,000 experts. You’ll get a personalized answer from a trusted professional.

Screenshot of Experts Exchange Knowledgebase

Want to learn from the best?

Read articles from industry experts.

Thousands of free tech tips, tricks, how-to’s and tutorials are available in our peer reviewed articles section. See for yourself how smart our experts are, no login required.

Screenshot of an Article

Working on a long term project?

Store your work and research.

Save solutions to your questions, answers you’ve discovered through searching plus helpful articles in your personal knowledgebase for easy future access.

Screenshot of Experts Exchange Knowledgebase

Access the answers to your technology questions today.

Subscribe Now

30-day free trial. Register in 60 seconds.

What Makes Experts Exchange Unique?

Members of the expert community talk about why the experience at Experts Exchange is different than what you will find anywhere else.

Trusted by the world's most respected brands.

image of each brand's logo

Faithfully serving IT professionals since 1996.

Experts Exchange Logo

Try it out and discover for yourself.

Subscribe Now

30-day free trial. Register in 60 seconds.

Related Solutions

  1. QoS for VoIP
    What is a good way to set up QoS for VoIP? Of course, this question is a catch 22 since it really depends what device you're using. But I'd like to look past that and first ask what the best way to set up QoS is. Is it better to have the QoS implemented as: Port Based Protoc...
  2. Cisco VoIP QoS
    Hi, I have configured QoS on my Cisco 1721 for VoIP - the only problem is, it is only working for the outbound side of the call. So the person I call can hear me perfectly (QoS is working), but I cannot hear them very clearly when someone downloads something on the internet ...
  3. Setting QoS for Voice traffic - VoIP LAN
    In a building we have Voice VLANs with Voice traffic segregated from data but PC is daisy chained to the VoIP phones. We are planning to implement 802.1x for both Data and Voice but unlike Data IP assignments, which would be dynamic and associated to User groups, Voice IP as...
  4. VOIP QOS deployment
    I am new to QOS so please bear with me. This is a very basic sketch of my network. (Site-2-Site VPNs) Multiple remote sites ------> WAN <------ 2800 <-----ASA 5510 <----- 2960(G) ---[ LAN with BCM400. I have started using VOIP...

Free Tech Articles

  1. WARNING: 5 Reasons why you should NEVER fix a computer for free.
    It is in our nature to love the puzzle. We are obsessed. The lot of us. We love puzzles. We love the challenge. We thrive on finding the answer. We hate disarray. It bothers us deep in our soul. W...
  2. SCCM OSD Basic troubleshooting
    SCCM 2007 OSD is a fantastic way to deploy operating systems, however, like most things SCCM issues can sometimes be difficult to resolve due to the sheer volume of logs to sift through and the dispe...
  3. Migrate Small Business Server 2003 to Exchange 2010 and Windows 2008 R2
    This guide is intended to provide step by step instructions on how to migrate from Small Business Server 2003 to Windows 2008 R2 with Exchange 2010. For this migration to work you will need the fo...
  4. Create a Win7 Gadget
    This article shows you how to create a simple "Gadget" -- a sort of mini-application supported by Windows 7 and Vista. Gadgets can be dropped anywhere on the desktop to provide instant information, ...
  5. Outlook continually prompting for username and password
    There have been a lot of questions recently regarding Outlook prompting for a username and password whilst using Exchange 2007. There are a few reasons why this would happen and I will try to cover t...
  6. Backup Exchange 2010 Information Store using Windows Backup
    There seems to be quite a lot of confusion around the ability to backup Exchange 2010 using the built in Windows Backup feature. This stems from the omission of this feature prior to Exchange 2007 s...

Cloud Class Webinars

  1. Avoiding Bugs in Microsoft Access
    Alison Balter takes and in-depth look at avoiding bugs in Access. In this webinar you will learn about using the immediate window to debug your applications, invoking the debugger, using breakpoints to troubleshoot, stepping through code, setting the next statement to execute, ...
  2. Top 10 Best New Features in Visio 2010
    Scott Helmers gives live demonstrations of the top 10 new features in Visio 2010. This webinar will teach you how to create compelling diagrams by adding shapes to the page with a single click, linking the shapes in a diagram to data in Excel (or SQL Server, or SharePoint), ...
  3. IT Consultant Business Secrets Revealed
    Michael Munger, Experts Exchange tech pro and IT consultant, pulls back the curtain on his very successful businesses and answers question on every IT consultant and business owner should know about. He shares secrets on what he did to solve the 5 most common problems in IT, ...
  4. Disaster Recovery and Business Continuity
    Quest CTO, Mike Billon, gives an overview of the steps involved in building a dunamic disaster recovery plan. Through case studies and an examination of software/hardware tooles for monitoring and testing, you'll gain a better understandin of where you are, where you want ...
  5. Organize Your Visio Diagrams with Containers and Lists
    Scott Helmers uses cross functional flowcharts, wireframe diagrams, data graphic legends and seating charts to teach you: how to ustilize all three new structured diagram components in Visio 2010, the best practices for organizeing shapes in previous version of Visio, how to organize ...
  6. How to Us Objects, Properties, Events and Methods in Microsoft Access
    Alison Dalter gives an in-depbth look at objects, properties, events and methods in Microsoft Access. In this webinar you will learn about using the object browser, referring to objects, working with properties and methods, working with object variables, understanding the ...

Join the Community

Give a Little. Get a Lot.

Join the community of experts here and help other tech pros by answering question in your area of expertise. You can earn FREE access to all Experts Exchange's premium features and resources.

Join the Community

Answers

 

by: donmanrobbPosted on 2008-04-20 at 17:12:34ID: 21398047

You can use something like the following on your routers

!
class-map match-any VOICE
 match protocol rtp
 match protocol mgcp
!
!
You can add your QoS your router interfaces by using
service-policy output QoS
and also add ip nbar protocol-discovery to make NBAR work.

Let me know if you need to setup QoS on your switches as well.

 

by: donmanrobbPosted on 2008-04-20 at 17:13:15ID: 21398049

Heres the full

!
class-map match-any VOICE
 match protocol rtp
 match protocol mgcp
!
!
policy-map QoS
 class VOICE
  bandwidth percent 25
 class class-default
  fair-queue
  random-detect
!
!
!

 

by: its_a_houyPosted on 2008-04-21 at 05:38:24ID: 21400957

donmanrobb,
Thank you for your response.  I am still confused.  I though we had to identify each and every TCP and UDP port that Sphere uses and add them to a group, then assigning the group to a class, then assigning the class to a policy map.  Is this it?  This seems too simple.  
You also mentioned service-policy output and nbar discovery.  How do I set these up?  Assume I am an idiot, spell it all out for me.  I do follow directions well.  Thanks!

 

by: donmanrobbPosted on 2008-04-21 at 07:38:17ID: 21402253

Cisco's Network Based Application Recognition (NBAR) is a great classification tool that can recognize various protocols by either predefined port numbers or by the application signature depending on the actual protocol. So it really can be that easy, it is used by the match protocol statements in my above example. You could also create an access-list that matches the exact port numbers if you so choose and can add it to the QoS policy by doing the following

class-map VOICE
match ip address <ACL # or name>

The service-policy output <name> is what activates the QoS policy on an interface the reason you would not use service-policy input is that once you receive a packet its too late for QoS to affect it your only option at that point would be to rate-limit the interface.

ip nbar protocol-discovery activates NBAR on the interface so the match protocol works correctly. On newer IOS releases you no longer need the command however adding it has the additional benefit of letting you see what protocols are in use on your network. You can check to see the top offenders on your network by using show ip nbar protocol-discovery stats byte-count top-n 10    where 10 is the top 10 protocols.

I'll be in and out all day so let me know if you need anything explained further.

 

by: bfasonPosted on 2008-04-21 at 11:09:19ID: 21404453

Who is your MPLS provider and what method are they using to deliver the circuit to you?

Many providers carry mpls over Frame-Relay so you will need to enable FR traffic shaping and apply the policy to DLCI.

If we had a copy of the running config we may be able to better help you with your configuration.

You may want to see if your phone supports G.729 between sites as this will greatly help with your bandwidth usage.

 

by: its_a_houyPosted on 2008-04-21 at 13:25:43ID: 21405639

ATX is our MPLS provider.  They deliver the pipes as T-1's, no frame relay.  Yes, you are correct the phones should use G.729 for WAN calls, and G.711 for internal LAN calls.  The phones do use these, I mistyped in my initial question.  I think this issue is more of other traffic monoplizing the bandwidth.  Attached is the sh run from the router at my main site.  It has a 12M pipe, other offices only have 1.54M each.  

If you think turning on NBAR would help, I am all for it, but I don't know how.  I am at your mercy.  Thanks.


 
User Access Verification
 
Username: conbkxxxxxxxxxxxxxx
Password:
FPB_Feast_MPLS#sh run
Building configuration...
 
Current configuration : 5691 bytes
!
version 12.4
service timestamps debug uptime
service timestamps log datetime msec localtime show-timezone
service password-encryption
service udp-small-servers
service tcp-small-servers
!
hostname FPB_Feast_MPLS
!
boot-start-marker
boot system flash flash:c3825-advipservicesk9-mz.124-7.bin
boot-end-marker
!
logging buffered 4096 debugging
no logging console
no logging monitor
no logging cns-events
enable secret 5 xxxxxxxxxxxxxx
enable password 7 xxxxxxxxxxxxxx
!
no aaa new-model
!
resource policy
!
ip cef
!
 
no ip ftp passive
ip ftp username cisco
ip ftp password 7 0257
no ip domain lookup
ip domain name yourdomain.com
ip name-server 192.168.1.9
ip name-server 192.168.16.6
ip multicast-routing
ip sla monitor responder
ip sla monitor 1
 type pathEcho protocol ipIcmpEcho 192.168.16.1 source-ipaddr 192.168.1.1
 request-data-size 1500
 frequency 30
ip sla monitor schedule 1 life forever start-time now
!
voice-card 0
 no dspfarm
 
!
username DATA privilege 15 password 7 053F16082E41482758
username TAC privilege 15 password 7 08156D6D4418110F
username TECH privilege 15 password 7 12170A03461E5E07
username NE privilege 15 password 7 0111090C520807
username CONBK privilege 15 password 7 062B057074565B4A1505
!
!
class-map match-all OSI-class
 match access-group 102
!
!
policy-map OSI-policy
 class OSI-class
  priority percent 10
 class class-default
  fair-queue
!
 
interface Loopback160
 ip address 192.168.160.1 255.255.255.0
!
interface GigabitEthernet0/0
 description Connection to Server Replication LAN
 ip address 10.10.23.1 255.255.255.0 secondary
 ip address 192.168.105.6 255.255.255.248
 duplex auto
 speed auto
 media-type rj45
 negotiation auto
!
interface GigabitEthernet0/1
 description Connection to Feasterville LAN
 ip address 192.168.80.1 255.255.255.248 secondary
 ip address 192.168.1.1 255.255.255.0
 duplex auto
 speed auto
 media-type rj45
 negotiation auto
!
interface Hssi1/0
 description ATX MPLS VPN 12MB
 ip address 10.255.xxx.xxx 255.255.255.252
 ip route-cache flow
 load-interval 30
 serial restart-delay 0
 no cdp enable
 service-policy output OSI-policy
!
ip route 0.0.0.0 0.0.0.0 192.168.1.251
ip route 10.10.24.0 255.255.255.0 10.255.255.1
ip route 10.199.8.0 255.255.252.0 192.128.1.199
ip route 10.199.8.0 255.255.255.0 192.128.1.199
ip route 10.255.255.0 255.255.255.0 10.255.255.1
ip route 146.145.8.0 255.255.255.0 10.255.255.1
ip route 146.145.65.0 255.255.255.0 10.255.255.1
ip route 170.209.0.2 255.255.255.255 192.168.1.249
ip route 170.209.0.3 255.255.255.255 192.168.1.249
ip route 192.152.100.10 255.255.255.255 192.168.1.21
ip route 192.152.100.99 255.255.255.255 192.168.1.21
ip route 192.152.100.103 255.255.255.255 192.168.1.21
ip route 192.168.2.0 255.255.255.0 10.255.255.1
ip route 192.168.3.0 255.255.255.0 10.255.255.1
ip route 192.168.4.0 255.255.255.0 10.255.255.1
ip route 192.168.5.0 255.255.255.0 10.255.255.1
ip route 192.168.7.0 255.255.255.0 10.255.255.1
ip route 192.168.10.0 255.255.255.0 10.255.255.1
ip route 192.168.11.0 255.255.255.0 10.255.255.1
ip route 192.168.12.0 255.255.255.0 10.255.255.1
ip route 192.168.13.0 255.255.255.0 10.255.255.1
ip route 192.168.14.0 255.255.255.0 10.255.255.1
ip route 192.168.15.0 255.255.255.0 10.255.255.1
ip route 192.168.16.0 255.255.255.0 10.255.255.1
ip route 192.168.17.0 255.255.255.0 10.255.255.1
ip route 192.168.80.8 255.255.255.248 10.255.255.1
ip route 192.168.80.16 255.255.255.248 10.255.255.1
ip route 192.168.80.24 255.255.255.248 10.255.255.1
ip route 192.168.80.32 255.255.255.248 10.255.255.1
ip route 192.168.80.40 255.255.255.248 10.255.255.1
ip route 192.168.80.48 255.255.255.248 192.168.1.253
ip route 192.168.80.56 255.255.255.248 10.255.255.1
ip route 192.168.80.64 255.255.255.248 10.255.255.1
ip route 192.168.80.248 255.255.255.248 192.168.1.254
ip route 192.168.101.0 255.255.255.0 10.255.255.1
ip route 192.168.105.8 255.255.255.248 10.255.255.1
ip route 192.168.140.0 255.255.255.0 10.255.255.1
ip route 198.217.221.13 255.255.255.255 192.168.1.58
ip route 198.217.223.0 255.255.255.0 192.168.1.58
ip route 216.189.224.0 255.255.255.0 192.168.1.2
ip route 216.189.227.0 255.255.255.0 192.168.1.2
!
!
ip http server
ip http authentication local
no ip http secure-server
ip http timeout-policy idle 5 life 86400 requests 10000
!
access-list 102 permit ip host 192.168.1.14 any
access-list 102 permit ip any host 192.168.1.14
priority-list 1 protocol ip high tcp 1521
priority-list 1 protocol ip high tcp 1526
priority-list 1 interface GigabitEthernet0/1 high
snmp-server community public RO
snmp-server enable traps tty
 
control-plane
!
 
 
!
line con 0
 exec-timeout 0 0
 password 7 xxxxxxxxxxxxxx
 login local
 transport output all
 stopbits 1
line aux 0
 exec-timeout 15 0
 password 7 xxxxxxxxxxxxxx
 login local
 modem autoconfigure discovery
 transport input all
 transport output all
 stopbits 1
 flowcontrol hardware
line vty 0 4
 exec-timeout 15 0
 privilege level 15
 login local
 transport input all
 transport output all
!
scheduler allocate 20000 1000
ntp clock-period 17179899
!
end
 
FPB_Feast_MPLS#
                                              
1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
16:
17:
18:
19:
20:
21:
22:
23:
24:
25:
26:
27:
28:
29:
30:
31:
32:
33:
34:
35:
36:
37:
38:
39:
40:
41:
42:
43:
44:
45:
46:
47:
48:
49:
50:
51:
52:
53:
54:
55:
56:
57:
58:
59:
60:
61:
62:
63:
64:
65:
66:
67:
68:
69:
70:
71:
72:
73:
74:
75:
76:
77:
78:
79:
80:
81:
82:
83:
84:
85:
86:
87:
88:
89:
90:
91:
92:
93:
94:
95:
96:
97:
98:
99:
100:
101:
102:
103:
104:
105:
106:
107:
108:
109:
110:
111:
112:
113:
114:
115:
116:
117:
118:
119:
120:
121:
122:
123:
124:
125:
126:
127:
128:
129:
130:
131:
132:
133:
134:
135:
136:
137:
138:
139:
140:
141:
142:
143:
144:
145:
146:
147:
148:
149:
150:
151:
152:
153:
154:
155:
156:
157:
158:
159:
160:
161:
162:
163:
164:
165:
166:
167:
168:
169:
170:
171:
172:
173:
174:
175:
176:
177:
178:
179:
180:
181:
182:
183:
184:
185:
186:
187:
188:
189:
190:
191:
192:
193:
194:

Select allOpen in new window

 

by: donmanrobbPosted on 2008-04-21 at 17:38:05ID: 21407355

It looks like you had a priority-list setup for tcp 1521 and 1526 which is Oracle if I recall correctly as well as the Feasterville LAN on Gig0/1. But it was not added to any interface, did you take it off for troubleshooting? What interface was it on?

priority-list 1 protocol ip high tcp 1521
priority-list 1 protocol ip high tcp 1526
priority-list 1 interface GigabitEthernet0/1 high

priority-queuing is a strict QoS that can starve all other traffic so it should only be used when absolutely necessary.

Is the phone system off 192.168.1.14?
I'll add my QoS idea to your config and repost it for you to have a look at.

 

by: donmanrobbPosted on 2008-04-21 at 17:55:30ID: 21407414

hostname FPB_Feast_MPLS
!
boot-start-marker
boot system flash flash:c3825-advipservicesk9-mz.124-7.bin
boot-end-marker
!
!
no aaa new-model
!
resource policy
!
ip cef
!
!
voice-card 0
 no dspfarm
 
!
!
class-map match-any VOICE
match protocol rtp
match protocol mgcp
!
!
policy-map QoS
class VOICE
bandwidth percent 25
class class-default
fair-queue
random-detect

interface Loopback160
 ip address 192.168.160.1 255.255.255.0
!
interface gig0/0
 description Connection to Server Replication LAN
 ip address 10.10.23.1 255.255.255.0 secondary
 ip address 192.168.105.6 255.255.255.248
 duplex auto
 speed auto
 media-type rj45
 negotiation auto
 ip nbar protocol-discovery

!
interface gig0/1
 description Connection to Feasterville LAN
 ip address 192.168.80.1 255.255.255.248 secondary
 ip address 192.168.1.1 255.255.255.0
 duplex auto
 speed auto
 media-type rj45
 negotiation auto
 ip nbar protocol-discovery

!
interface hssi1/0
 description ATX MPLS VPN 12MB
 ip address 10.255.1.2 255.255.255.252
 ip route-cache flow
 load-interval 30
 serial restart-delay 0
 no cdp enable
 service-policy output QoS
  ip nbar protocol-discovery
!
!
!
end
 
FPB_Feast_MPLS#

 

by: its_a_houyPosted on 2008-04-22 at 08:00:45ID: 21411772

WOW, this is exactly what I am looking for!  I will put this into my router configs and let you know how it goes.  Yes, the previous technician did play around with priority-queueing for our Oracle DB that runs our primary financial software.  It is important, almost as important as Voice.  No, 192.168.1.14 is the Oracle primary DB.  How do you know that rtp and mgcp are the correct protocols?  My vendor (Sphere Communications) have a laundry list of TCP and UDP ports that they use for call control and setup.  Do I need to identify each one?  Or will rtp take care of it?

 

by: donmanrobbPosted on 2008-04-22 at 08:44:18ID: 21412262

Most if not all VOIP offerings use RTP as its communication protocol it uses UDP the even ports 16384-32767 so I figured it would be a good guess as you'll probably be more concerned with the voice traffic then the management info. As for MGCP you stated above that the Sphere uses that protocol. The match protocol rtp should take of the matching for you.

 

by: its_a_houyPosted on 2008-04-22 at 14:42:21ID: 31450578

Thank you very much!  You truly are a Master.

20120131-EE-VQP-002

3 Ways to Join

30-Day Free Trial

The Experts

98% positive feedback on 31,087 answers since March 2000. angeliii is a Microsoft Most Valuable Professional for his work with MS SQL Server & Develoment.

He has also proven his knowledge of Visual Basic Programming, PHP Scripting and Oracle Databases.

The Experts

97% positive feedback on 10,752 answers since July 2000. lrmoore has more than 18 years experience in the networking industry.

The six-time Mircosoft MVPs specialties include firewalls, virtual private networking, and network management.

Testimonials

"...and excellent source for support... Kind of like having your very own IT dept." Electriciansnet

Testimonials

"I was apprehensive at signing up at first. However... it has already made my life as an IT administrator much easier." JaCrews

Testimonials

"WOW! You guys have great, active, and knowledgeable people on here." moore50

Business Clients

Business Clients

In the Press

"If you’ve got a question... Experts Exchange can supply an answer.”

In the Press

"...an invaluable aid for both IT professionals and those who require tech support."

In the Press

"where IT professionals provide quick answers on just about any topic"

Business Account Plans

Loading Advertisement...