QoS on the MPLS

I have a question on QoS.  We have 4 sites connected on a MPLS circuit with a SonicWall at each site along with a Layer 3 Core switch.  We have a data VLAN of 1 and a voice VLAN of 5.  We have dedicated VoIP switches going to the core switch.  The core switch has a single uplink to a SonicWall on the data VLAN, the SonicWall then goes to the ADVA router out on the MPLS to other sites.  Each site is the same way.  The Core Switch routes the traffic  between VLANs and routes the traffic to the firewalls.  

My first question is do I need to tag the voice VLAN on the uplink to the firewall in order to use QoS?  Or will it pass the QoS tag for the voice traffic and pick it up on the other site with the QoS tagging? Right now the uplink is just an untagged data port and there are routes back to the core switch for the Voice VLAN.
Taylor ShipmanAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Jan SpringerCommented:
you are confusing dscp markings with vlan tags.

if your voip devices dscp mark your traffic, then on the incoming port for voip, you need to trust the dscp.

if you are passing multiple vlans along a single port, that traffic should be tagged before it reaches the [trunked] port.
0
Taylor ShipmanAuthor Commented:
Alright so on the firewall I will not need to have a port for VoIP in order to use QoS?  The firewall will trust and pass along the mark to the other sites without knowing the VLAN ID?
0
Taylor ShipmanAuthor Commented:
Here is a visual diagram of the environment.
Example.vsdx
0
Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

Jan SpringerCommented:
Can you export that to jpg?  I do not have a visio reader.
0
Taylor ShipmanAuthor Commented:
Here you go
Example.jpg
0
Jan SpringerCommented:
You will need the Vlan ID.

The "trust" is for the DSCP.
0
Taylor ShipmanAuthor Commented:
So just to be clear I will either have to create a port on the Firewall for VoIP or tag the port on the LAN interface as a trunk?

I know the trust is for the DSCP.  What I want to know is if I have to tag the VLAN on the interface to the firewall in order to use QoS at each site?  I would think the firewall will need the traffic separated in order to apply the QoS tag of EF46.  But on the Firewall it gives me the option to select the traffic from which the QoS tag is coming from and on what interface.
0
Jan SpringerCommented:
If you are passing multiple vlans through an interface, that interface should be trunked and the devices will need to be tagged with the appropriate vlan when entering the network.

So, yes, you will need both the vlan and the trust dscp
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Voice Over IP

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.