QoS on video conferencing

Answered Question
Oct 29th, 2009

expert

I am currently trying QoS for video conferencing,

And the main protocol of video conferencing is H.323, current setting on the port which end point plugged in is: (cat3750)

interface FastEthernet1/0/6

description testing

switchport access vlan 10

switchport mode access

switchport voice vlan 110

switchport port-security maximum 2

switchport port-security

switchport port-security aging time 1

switchport port-security violation restrict

switchport port-security aging type inactivity

srr-queue bandwidth share 10 10 60 20

srr-queue bandwidth shape 10 0 0 0

priority-queue out

mls qos trust device cisco-phone

mls qos trust cos

auto qos voip cisco-phone

macro description cisco-phone | cisco-phone

spanning-tree portfast

spanning-tree bpduguard enable

service-policy input AutoQoS-Police-CiscoPhone

end

basically autoQoS from cisco.

Can I get advice on?

1. Is above base QoS from Cisco including video conferencing? If not, what I should include? And how can I do it?

2. If I have 1G Ethernet link for a WAN do I need QoS on WAN interface? If I do, what I should do? If it is cat6500, will it cause performance issue? What about if wan router is cat3750?

Sorry for the silly question, Could anyone help me?

Any comments will be appreciated

Thanks in advance

I have this problem too.
0 votes
Correct Answer by lgijssel about 7 years 1 month ago

You will need the port to trust dscp from the video-device: mls qos trust dscp

A phone wil not be connected so you may remove the phone-qos settings.

You will also need to map the corresponding dscp value to a cos value.

Mostly this is CS4 - cos4 which is a default value but check it anyway.

You must also verify that there is sufficient bandwidth reserved for CS4 traffic in the WAN.

regards,

Leo

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
lgijssel Fri, 10/30/2009 - 01:42

You will need the port to trust dscp from the video-device: mls qos trust dscp

A phone wil not be connected so you may remove the phone-qos settings.

You will also need to map the corresponding dscp value to a cos value.

Mostly this is CS4 - cos4 which is a default value but check it anyway.

You must also verify that there is sufficient bandwidth reserved for CS4 traffic in the WAN.

regards,

Leo

julxu Fri, 10/30/2009 - 02:49

great thanks for help.

Could you please advice me how can I check if the map is CS4 - cos4?

Many regards

Jon Marshall Mon, 11/02/2009 - 04:45

To see the switch mappings between Cos/IP Prec/DSCP you need to use the "sh mls qos maps ..." command -

http://www.cisco.com/en/US/docs/switches/lan/catalyst3750/software/release/12.2_46_se/command/reference/cli2.html#wp1947337

As for trusting DSCP, as Leo suggested it all depends on whether you trust the end device or not. It's important to establish a trust boundary and often this is done on the first ingress switch where you classify and mark/remark the traffic.

Bear in mind if you trust DSCP and a user could disconnect the device and attach their pc and mark their packets with the correct DSCP value then their traffic would get preferential treatment. And the traffic would not need to be video traffic as you are only looking for a DSCP value and then trusting it.

Only you really know how likely, how much of a threat that would be in your network.

Jon

julxu Fri, 10/30/2009 - 03:32

sorry, I forgot mention one thing, that the video conferencing is third party equipment. So, I should be still trust dscp, right?

lgijssel Mon, 11/02/2009 - 04:34

That is one option. In most cases trusting is an acceptable solution because of its simplicity.

It provides the easiest way to differentiate packets as long as the user is unable (or incapable) to manipulate the qos levels.

If the latter is seen as a potential risk, you may choose to rewrite dscp values using class maps or acl's.

regards,

Leo

Actions

This Discussion