I am trying to do some voice qos on an ASA for a SIP trunk.
voice vlan is 172.16.2.0/24 and there is a CME hanging off the ASA. So I am using DSCP to go out the outgoing interface, since my CME is already marking traffic, and coming back from the SIP provider I am just matching any traffic going to the voice vlan.
I am using shaping and the issue is a few things:
1. the voice calls are still choppy with qos applied. I test a voice call and all is well, then I start a massive torrent upload/download, and apply the qos, and the call quality suffers......not as bad as without qos and doing the torrent, but still suffers.
2. when I apply my shaping i notice via asdm the actual rate drops to about 3MB even though I am shaping at 5.6MB
here is the config, I am looking for ideas on how to make this better. Circuit is AT&T DSL of 512 up and 6MB down, I have made my shaping considerably below these values to account for PPPoE and other overhead. ASA is getting a routed connection from AT&T DSL modem.
access-list ACL-VOICE extended permit ip any 172.16.2.0 255.255.255.0
Yes I am. Now I realize Internet is best effort, however, shaping can be used with traffic on the internet to greatly help voice traffic. This is because the LAN will tx/rx traffic into the ASA as fast as it can. The provider may at times burst at levels approaching the CIR of the connection the provide you, however more consistent is a level below this. If you shape and determine what to drop, before it reaches the DSLAM and they decide, you will have helped the voice greatly.
I am not doing, or expectation any preservation of DSCP etc over the internet.
Agreed on most of what you have said however shaping etc is always 100% outbound, not inbound. At the end of the day if you are d/l near your bw limit this will have an impact on your voice. It does not matter if you are using CBWFQ or FIFO, if the quality of the voice is dropping on the inbound - there is nothing you can really do about that, as this is the provider edge, unless I am mistaken on in which direction you are experiancing issues?
Yes, shaping is outbound, so that is why you will see I have applied it only in the outbound direction for each interface. Upload is where most of the issue is, so I likely need to drop my rate. However, my main question was if the way I was handling this on the ASA was the preferred way, or if there is a better way. I know the ASA has limited qos ability, but I know you can do some other things as well besides the nested Policy Map with a priority queue nested inside a shaping policy. That is what made the most sense to me, but I wanted to see how others would handle the situation and if it can be improved.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :