Prioritize Voice Vlan over Data Vlan

hi i would like to prioritize the voice vlan (id 101)  over data vlans between 2 cisco routers.
The routers are connected by Metro Ethernet.
Please assist me with step by step procedure.
i have attached the relevant configs for both Routers.
thank you
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

They way I accomplish this is to create a policy to mark traffic as it hits the router inbound on the LAN interfaces, and a policy to queue the traffic when going outbound. These policies rely on NBAR, but if NBAR is unavailable this could be changed to just mark all traffic inbound to the voice vlan as EF regardless of what type of traffic it truly is.

class-map match-any VOICE-CONTROL
 match ip precedence 3
 match ip dscp cs3
 match ip dscp af31
class-map match-any MARKING-voice-traffic
 match protocol rtp
class-map match-any VOICE
 match ip precedence 5
 match ip dscp ef
class-map match-any MARKING-voice-signaling
 match protocol sip
 match protocol h323
 match protocol skinny
policy-map MPLS-OUT
 class VOICE
  priority 720
  priority 48
 class class-default
  random-detect dscp-based

policy-map MARK-TRAFFIC
 class MARKING-voice-traffic
  set dscp ef
 class MARKING-voice-signaling
  set dscp cs3

int gig0
service-policy output MPLS-OUT

int vlan 101
ip nbar protocol-discovery
service-policy input MARK-TRAFFIC

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
icdl101Author Commented:
so without nbar it would simply be

int vlan 101
service-policy input MARK-TRAFFIC
It can depend on the model and code version. Without NBAR, matching on protocol doesn't work so you would have to match based on IP address or just blindly set dscp. What model and IOS version are you running?
INTRODUCING: WatchGuard's New MFA Solution

WatchGuard is proud to announce the launch of AuthPoint, a powerful, yet simple, Cloud-based MFA service designed to eliminate the vulnerabilities that put your data, systems, and users at risk.

icdl101Author Commented:
the router does support nbar. i thought it would possibly consume too much resources in turning on nbar, hence i thought of avoiding nbar.

Router model is Cisco 892
Cisco IOS  Version 15.0(1)
ROM: System Bootstrap, Version 12.4(22r)
icdl101Author Commented:
Cisco 892 (MPC8300) processor (revision 1.0) with 498688K/25600K bytes of memory.
Processor board ID FGL160924XP

9 FastEthernet interfaces
1 Gigabit Ethernet interface
1 ISDN Basic Rate interface
1 Virtual Private Network (VPN) Module
256K bytes of non-volatile configuration memory.
250880K bytes of ATA CompactFlash (Read/Write)
I would think that nbar is the better choice over a blind acl that marks traffic. If I were you, I would give it a shot first. Try to create a baseline for performance in terms of total throughput, latency, end user experience, etc. Then throw it on there and see what happens. I know that sounds like a dicey guess-and-check, but it is hard to know how the 890 series devices will handle the traffic. If it causes problems, it isn't difficult to remove and then you can go back to the drawing board to get the less cpu intensive QoS configured.
icdl101Author Commented:
i will try the settings out and hopefully the router behaves well.

just one more query, by enabling  the nbar on
" int vlan 101
  ip nbar protocol-discovery " 
does that mean that nbar will only be inspecting traffic on interface vlan 101 and no other vlan interfaces

Correct. It will only classify traffic on that interface. Don't confuse classification with inspection as one essentially marks/categorizes traffic and the other is usually related to firewall rules.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.