• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 5631
  • Last Modified:

Shoretel Phone Server and Sonicwall TZ-210 VoIP QoS

I would like to setup QoS for all Shoretel phone traffic. Not only through the VPN between 2 locations but also just locally.

I have 2 TZ-210 firewalls that VPN together for 2 remote locations.

Can anyone help me accomplish this? Somebody really familiar with those Sonicwalls AND the Shoretel system would be best.

Thank you.
0
MaxDes101
Asked:
MaxDes101
1 Solution
 
gilm0079Commented:
We have shoretel 11.1 and sonicwall NSA 3500 at our HQ and Sonicwall TZ210W at our remote site.  All of our phone switches are at our main site and the remote site phones connect via the site-to-site VPN back to our corporate site.

I haven't implemented VoIP QoS yet, but I've done a lot of research.  Here is what I think you need to do.

1. Setup bandwidth management on your WAN interface for both sides.  This is important for your sonicwalls to know the limits of your internet connection on both sides to so it knows how to prioritize your packets at the sonicwall instead of allowing your modems to queue packets.  The idea is you want to have your sonicwall BWM at the modem's bandwidth limit or a bit below it.  That way your sonicwall can slow other traffic down instead of your modem queuing packets.  The queuing of packets at the modem level with result in poor call quality.

2. If you want to do QoS internally then I would recommend setting up a VLAN for your shoretel system and phones.  You will need to have your phones utilize the 802.1p/q tagging and assign the VLAN ID.  If your phones auto configure themselves then this is done via the string in your DHCP scope options where you normally set the IP of the FTP server.

3. make sure your sonicwalls are on the latest firmware.  Many times issues pop-up and having the latest helps.  I believe the latest firmware for the TZ210 now is 5.8.0.2-37o.

4. Because QoS doesn't exist over the internet there are things we can do to mimick QoS.  #1 (BWM is one thing).  Because layer2 tagging gets stripped off packets going out to the internet you need to have your sonicwalls map 802.1p CoS tags to DSCP tags.  DSCP is a layer3 QoS tagging that can traverse the internet.  On the sonicwalls under firewall settings there is a setting for QoS Mapping.  This lists how the 802.1p to DSCP mapping is done.  For the most part you do not have to worry about changing the defaults here.

5. Setup access rules to manage bandwidth allocation for VoIP traffic.  Under the firewall access rules you will want to make an access rule for shoretel traffic from your shoretel network (for us it is LAN, yours may be your shoretel VLAN) to the VPN.  You can make the rule for Any->Any for the service group of Shoretel (built in service group from sonicwall, thanks sonicwall :-)).  You will want to also create inbound rules from VPN to shoretel network.  And, you will need these two rules on both sides of the VPN tunnel.

Under the QoS tab for the access rule you will want to set the 802.1p and DSCP marking action to Map.  This will take care of the 802.1p to DSCP mapping I mentioned in step 4.  I don't think you need to map both.  Basically look at the rule.  If the packet is going from your network out to the internet (VPN included) then I think you want to map the 802.1p tags (maps 802.1p to DSCP).  For inbound rules you will want to map DSCP (maps DSCP tags back to 802.1p tags)

On the ethernet BWM tab you will also want to make some changes.  I would recommend enabling inbound and outbound BWM.  The main things you will want to set is guaranteed bandwidth to like 5% to 15% depending on how much bandwidth you have to work with.  voice calls only use a few kbps.  If this is too low you might not be guaranteeing enough bandwidth for voice.  If it is too high to may be allocating too much bandwidth for voice and taking that away from other data traffic.  Regardless of guaranteed bandwidth I would set the bandwidth priority to 0 (highest).

I'm guessing that should keep you busy for awhile.  Let me know if you have any more questions.
1
 
MaxDes101Author Commented:
Great job. Great tutorial. Thank you very much!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now