Solved

Adtran QoS

Posted on 2007-11-22
6
4,069 Views
Last Modified: 2011-10-03
I have a adtran 1335. I was wondering if my QoS looks to be setup properly for VOIP. The phones are Polycom with a CoS of 5. The dscp on this phone is 40. We have a T1 for the wan and have SIP trunks from bandwidth.com. Attached is the config. Some information has been removed.


!

!

! ADTRAN, Inc. OS version 16.02.00.E

! Boot ROM version 15.01.00

! Platform: NetVanta 1335 PoE, part number 1700525E2

! Serial number LBADTN0738AF412

!
 

!

clock timezone -5-Eastern-Time

clock no-auto-correct-DST 

!

ip subnet-zero

ip classless
 

ip routing

!
 

!
 

!

ip name-server 192.168.1.50 64.186.63.132 64.141.177.150 

!

!

no ip route-cache express

!

no auto-config

!

event-history on

no logging forwarding

no logging email

logging email priority-level info

!

no service password-encryption

!
 

!

banner motd #

#

!

!

ip firewall

no ip firewall alg msn

no ip firewall alg h323

no ip firewall alg sip

!

!

!

!

!

!

!

!

dot11ap access-point-controller

!

!

!

ip dhcp-server excluded-address 10.10.10.1 10.10.10.99

ip dhcp-server excluded-address 192.168.1.1 192.168.1.49

ip dhcp-server excluded-address 192.168.1.51 192.168.1.99

ip dhcp-server excluded-address 192.168.2.1 192.168.2.99

!

ip dhcp-server pool "DATA"

  network 10.10.10.0 255.255.255.0

  dns-server 208.67.222.222 208.67.220.220

  netbios-node-type h-node

  default-router 10.10.10.1

!

ip dhcp-server pool "PBXTRA"

  netbios-node-type h-node

  default-router 192.168.1.1

  host 192.168.1.50 255.255.255.0

  hardware-address 00:19:d1:51:e0:f8 ethernet

!

ip dhcp-server pool "VOICE"

  network 192.168.1.0 255.255.255.0

  dns-server 192.168.1.50

  netbios-node-type h-node

  default-router 192.168.1.1

!

ip dhcp-server pool "Wireless"

  network 192.168.2.0 255.255.255.0

  dns-server 208.67.222.222 208.67.220.220

  netbios-node-type h-node

  default-router 192.168.2.1

!

!

!

ip crypto

!

crypto ike client configuration pool Roadwarrior

  ip-range            10.10.9.1         10.10.9.254      

  dns-server          208.67.222.222    208.67.220.220   

!
 

qos map qos-voip-map 20

  match dscp 46

  match precedence 5

  match dscp 40

  priority 926

  set dscp 26

qos map qos-voip-map 21

  match list qos-voip-acl

  set dscp 26

!

qos cos-map 1 0 1

qos cos-map 2 2 3

qos cos-map 3 4 6 7

qos cos-map 4 5

qos queue-type wrr 25 25 25 expedite

!
 

qos dscp-cos 0 8 16 24 32 40 48 56 to 0 1 2 3 4 5 6 7
 

!

!

!

!

vlan 1

  name "Default" 

!

vlan 100

  name "VOICE" 

!

vlan 200

  name "Wireless" 

!

interface switchport 0/1

  no shutdown

  switchport mode trunk

  qos trust cos

!

interface switchport 0/2

  no shutdown

  switchport mode trunk

  qos trust cos

!

interface switchport 0/3

  no shutdown

  switchport mode trunk

  qos trust cos

!

interface switchport 0/4

  no shutdown

  switchport mode trunk

  qos trust cos

!

interface switchport 0/5

  no shutdown

  switchport mode trunk

  qos trust cos

!

interface switchport 0/6

  no shutdown

  switchport mode trunk

  qos trust cos

!

interface switchport 0/7

  no shutdown

  switchport mode trunk

  qos trust cos

!

interface switchport 0/8

  no shutdown

  switchport mode trunk

  qos trust cos

!

interface switchport 0/9

  no shutdown

  switchport mode trunk

  qos trust cos

!

interface switchport 0/10

  no shutdown

  switchport mode trunk

  qos trust cos

!

interface switchport 0/11

  no shutdown

  switchport mode trunk

  qos trust cos

!

interface switchport 0/12

  no shutdown

  switchport mode trunk

  qos trust cos

!

interface switchport 0/13

  no shutdown

  switchport mode trunk

  qos trust cos

!

interface switchport 0/14

  no shutdown

  switchport mode trunk

  qos trust cos

!

interface switchport 0/15

  spanning-tree edgeport

  no shutdown

  switchport mode trunk

  qos trust cos

!

interface switchport 0/16

  spanning-tree edgeport

  no shutdown

  switchport mode trunk

  qos trust cos

!

interface switchport 0/17

  no shutdown

  switchport mode trunk

  qos trust cos

!

interface switchport 0/18

  no shutdown

  switchport mode trunk

  qos trust cos

!

interface switchport 0/19

  no shutdown

  switchport mode trunk

  qos trust cos

!

interface switchport 0/20

  no shutdown

  switchport mode trunk

  qos trust cos

!

interface switchport 0/21

  no shutdown

  switchport mode trunk

  qos trust cos

!

interface switchport 0/22

  no shutdown

  switchport mode trunk

  qos trust cos

!

interface switchport 0/23

  no shutdown

  switchport mode trunk

  qos trust cos

!

interface switchport 0/24

  no shutdown

  switchport mode trunk

  switchport trunk native vlan 100

  qos trust cos

!

!

interface gigabit-switchport 0/1

  no shutdown

!

interface gigabit-switchport 0/2

  no shutdown

!

!

!

interface vlan 1

  ip address  10.10.10.1  255.255.255.0 

  access-policy Private

  ip route-cache express

  no shutdown

!

interface vlan 100

  ip address  192.168.1.1  255.255.255.0 

  access-policy Private

  ip route-cache express

  no shutdown

!

interface vlan 200

  ip address  192.168.2.1  255.255.255.0 

  access-policy Private

  ip route-cache express

  no shutdown

!

!

interface t1 1/1

  description UTMI_T1

  tdm-group 1 timeslots 1-24 speed 64

  no shutdown

!

interface t1 1/2

  clock source through

  shutdown

!

interface ppp 1

 

  access-policy Public

  crypto map VPN

  qos-policy out qos-voip-map

  no shutdown

  cross-connect 1 t1 1/1 1 ppp 1

!

!
 

!

interface dot11ap 1/1 radio-type 802.11bg

  no shutdown

!

!
 

!

interface dot11ap 1/2 radio-type 802.11a

  shutdown

!

!

interface dot11ap 1/2.1

  security mode none

  shutdown

!

!

!

!

!

!

!

!

ip access-list standard MATCHALL

  permit any

!

ip access-list standard nat

  remark Internet Connection Sharing

  permit any

!

!

ip access-list extended aclppp1QosWizSignal21

  permit udp any  any eq 5060   

  permit tcp any  any eq 5060  

!

ip access-list extended pbxtra

  remark SSH PBXTRA

  permit tcp any  any eq ssh   log

  permit tcp any  any eq 5060   log

  permit udp any  any eq 5060    log

  permit tcp any  any range 1024 64000   log

  permit udp any  any range 1024 64000    log

!

ip access-list extended qos-voip-acl

  permit udp any  any eq 5060   

  permit tcp any  any eq 5060  

!

ip access-list extended self

  remark Traffic to NetVanta

  permit ip any  any     log

!

ip access-list extended telnet-to-netvanta

  permit tcp any  any eq telnet  

  permit icmp any  any    

  permit tcp any  any eq www  

  permit tcp any  any eq https  

  permit udp any  any eq snmp    log

!

ip access-list extended VPN-10-vpn-selectors

  permit ip 10.10.10.0 0.0.0.255  10.10.9.0 0.0.0.255    

!

ip policy-class Private

  allow list VPN-10-vpn-selectors stateless

  allow list self self

  nat source list nat interface ppp 1 overload

  allow list MATCHALL self

!

ip policy-class Public

  allow reverse list VPN-10-vpn-selectors stateless

  allow list telnet-to-netvanta self

  nat destination list pbxtra address 192.168.1.50

!

!

!

ip route 0.0.0.0 0.0.0.0 ppp 1

!

ip tftp server

no ip tftp server overwrite

ip http server

ip http secure-server

ip http language English

ip snmp agent

no ip ftp server

ip ftp server default-filesystem flash

no ip scp server

no ip sntp server

!

!

!

!

!
 

!

!

!

!

line con 0

  login

!

line telnet 0 4

  login
 

  no shutdown

line ssh 0 4

  login local-userlist

  no shutdown

!

!

!

!

!

end

Open in new window

0
Comment
Question by:simprix
  • 3
  • 2
6 Comments
 
LVL 1

Expert Comment

by:Elixir2
ID: 20342739
I'm so sorry I can't help. However, I have a similar problem. I have a Adtran NetVanta 3430 (see EE:22979333). I am going to study your QoS map to see if I can learn how to fix my problem. If you have any good Adtran AOS resources, please post. Thanks!
0
 
LVL 22

Expert Comment

by:Reid Palmeira
ID: 20353744
So couple of things....
1. You're logging all the firewall info which can be good but unnecessary if you have a lot of traffic.
2. verify that the ISP you have is actually going to care about QoS settings (you have it set to DSCP 26 belo) because many won't. it doesn't hurt anything to mark it but you may be doing it unnecessarily depending on your T1 Internet provider.
3. You're expediting the voice traffic (RTP) but you may also want to consider marking your signalling traffic (SIP) differently. Again depends on what your provider will recognize.
4. If you're only using precedence of 5 then your QoS maps are fine
5. check the codecs on your phone. with only a single T1, and only 926 K prioritized you're looking at a pretty low simaltaneous call volume if you're running G.711
0
 
LVL 22

Expert Comment

by:Reid Palmeira
ID: 20353783
sorry one other thing, and its fairly minor but sort of an old habit that I don't generally use VLAN 1 for anything besides (maybe) management. Not really an issue, just a suggestion. The catch is that if you do change it, you'll need to go around to each of the eth 0/X ports and give then a native vlan as well so more config work.

also, I can't remember if it was the 1335 or the 1355 but check to see if you can use the "media-gateway ip primary" command on any L3 interface that will carry voice traffic (so PPP 1 for example) as Adtran uses it for flagging and prioritizing voice traffic.
0
Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

 
LVL 3

Author Comment

by:simprix
ID: 20354112
Not sure of my ISP is looking for the DSCP value. Im just trying to make sure that all voice traffic has priority when it leaves my router.
0
 
LVL 22

Accepted Solution

by:
Reid Palmeira earned 250 total points
ID: 20354827
whatever traffic is marked a priority 5 will leave the router first, if that's voice traffic then your setup is fine. don't forget to check on your signalling. if a sip packet gets dropped because you're saturating the priority queue you could have issues. Also, check traffic at the endpoints to make sure it's marking traffic properly, just do a port mirror and check to make sure packets coming from the phones are marking properly. I don't remember if it was Polycom or Aastra, maybe somebody else, but there was an issue with an older firmware version not marking packets properly. but yeah, any traffic marked as priority five will get tagged with dscp value of 26 and will get sent out first.
0
 
LVL 3

Author Comment

by:simprix
ID: 20354842
They are a polycom. They are marking it with a cos of 5. Thanks alot.
0

Featured Post

Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

Join & Write a Comment

Suggested Solutions

Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now