Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

Lan-to-lan VPN with voice. One G.729 call is using over 40-50kbps


I have configured a Lan-to-lan VPN between one Cisco 2811 with ADSL interface at the branch office and one PIX 515 connected to a 1721 with a ADSL interface at the HQ office.

The VPN is being used for voice communication between two CME 3.2 systems.

I have some problems with this setup because some calls are dropping after some minutes of conversation.

I have been monitoring the traffic produced by a conversation and I have seen that only one G.729 call is consuming over 40-50 kbps with VAD enabled.

Why it's consuming so much bandwidth ? I know that ipsec adds some headers but so much ?

Could it be related to packet fragmentation, MTU, or somethig like this ?

This is the interface configuration :

interface ATM0/1/0.1 point-to-point

ip address 81.44.x.x

ip virtual-reassembly

crypto map vpn

pvc 8/32

vbr-nrt 640 640 1

encapsulation aal5snap

protocol ip inarp

service-policy output output

ATM0/1/0.1 is up, line protocol is up

Hardware is DSLSAR (with Alcatel ADSL Module)

Internet address is 81.44.x.x/25

MTU 4470 bytes, BW 640 Kbit, DLY 800 usec,

reliability 255/255, txload 14/255, rxload 29/255

Encapsulation ATM

577351 packets input, 149329694 bytes

562564 packets output, 82825948 bytes

I am attaching a SNMP graphic of the bandwidth used for one g.729 voice call.

Any ideas ??

Best regards.


Re: Lan-to-lan VPN with voice. One G.729 call is using over 40-5

The symptoms vary based on the system configuration. All Cisco Unity ports lock up and Unity stops call response, or Unity drops calls, when a caller attempts to use the speed control keys.

This matrix explains the behavior when you use speed control on messages of type G711 and G729, respectively. Speed control is used while messages are played back. The messages can either be stored in 711 or 729 (with use of the set record format utility), and the network can be either 711 or 729 (based on the Cisco CallManager region).

Re: Lan-to-lan VPN with voice. One G.729 call is using over 40-5


you can calculate the bandwith by taking into account all overhead.

G729a voice payload per packet: 20 Byte (at 50 pps)

IP/UDP/RTP header per packet: 40 Bytes (20B/8B/12B)

Now you have IPSec overhead (depends on setup new IP header+AH+ESP)

And when you are done you pack this IPSec packet into AAL5

8 Byte AAL5 header + IPSec Packet + PADDING + 8 Byte AAL5 trailer

This is segmented into cells with 48 Byte payload each.

So you get roughly two ATM cells (2x53 Byte) per VoIP packet. This gives 106 Bytes x 50 pps or 42400 bps per call.

So quite normal. Could be worse, if you get 3 ATM cells per VoIP packet (60 kbps), depending on your VoIP payload size and IPSec headers.



CreatePlease to create content