Voice traffic in a LAN

hi all!
can i priority voice traffic in a campus LAN ? we have 2950 EI switch on the access an 3550 on the core layer with vlans...i search a configuration example
many thanks for the answers!

Yes you can. If you're running IOS 12.1(12c)EA1 or above on your switches, the easiest way to configure QoS is with the "autoqos" command. Please see the following link for details.
http://www.cisco.com/en/US/tech/tk543/tk759/tk879/technologies_white_paper0900aecd800a8561.shtml
Hope this helps. If so, please rate the post.
Brandon

Similar Messages

  • Voice Traffic over MPLS-enabled OSPF running backbone links

    Hi All;
    We have running frame-mode MPLS backbone and OPSF as well. Voice as real-time traffic is passing through our backbone links and marked with precedence 5 as an ordinary behaviour.
    What i face is that i can not balance the voice traffic between the uplinks of the LER routers through LSR routers. Let me summarise like this.
    I have a PE that has 4xE1 connection as uplinks terminated at two different LSRs. However, when i look at the voice traffic distribution from PE to Ps,the general attribute is voice traffic is choosing only one E1 and uses it. And other links are not used so much by voice traffic. And this causes poor quality of voice because, it exceeds the amount of the reserved bandtwidth that is defined via LLQ under the backbone links. I have also re-defined the priorty class bantwidth and raised it as much as it can be defined, but now, the business in contract traffic is under danger. :)
    As OSPF does not support unequal load-balancing and also "load-sharing per-packet" command sucks the voice traffic, there is nothing to balance the voice traffic on the backbone links.
    By the way, i have defined MPLS/TE tunnels that are PE-PE tunnels, according to my observations of voice traffic goes to where. I tried to balance the output traffic somehow but the situation is still the same. Sometimes, traffic chooses one tunnel and goes over there. In fact this problem bears with CEF itself but this is another case.
    So any suggestion how i can come over this obstacle. Thanks in advance.
    Regards,
    Baris.

    Disclaimer
    The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
    Liability Disclaimer
    In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
    Posting
    BTW, 20 Mbps can push the practical performance capacity of a 2821.
    class-map match-any LLQ
    !match your VoIP bearer traffic here
    policy-map Shape20M
    class class-default
    shape average 17000000 !we're shaping 15% slower to allow for L2 overhead
    service-policy Sample
    policy-map Sample
    class LLQ
    priority percent 30
    class class-default
    bandwidth remaining percent 100
    fair-queue
    interface tunnel #
    ip tcp adjust-mss 1436
    ip mtu 1476
    service-policy output Shape20M
    tunnel path-mtu-discovery
    keepalive 1

  • Putting QOS for voice traffic in switches.

    Hi All,
    does anybody know how to prioritize the voice traffic over data in the 2960 SW, in a scenario in which ethernet cable coming to ipphone & from IPphone to PC.

    Disclaimer
    The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
    Liability Disclaimer
    In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
    Posting
    Yes, I do.
    laugh - I was temped to stop with the above, as it directly answers your question, but I assume you want to know how.
    In principle, you recognize the VoIP traffic as being different from data traffic and provide it "special" egress treatment.  Normally you would enable QoS, and for egress, enable PQ, direct VoIP bearer traffic to that queue.  You might also direct VoIP signalling traffic to a queue that insures it's not unduly delayed or dropped.  You might also set rate caps on ingress VoIP traffic.
    Recognition of VoIP traffic can be done in different ways.  Your phones might support L2 CoS or L3 ToS marking, your switch might "analyze" ingress traffic, your switch might trust a Cisco VoIP phone, your switch and VoIP phones might use a dedicated VLAN.  Basically, there's lots of variables dealing with ingress.
    Unfortunately, you've provided insufficient information for specific recommendations.
    PS:
    BTW, your 2960 might also support auto-QoS, which may, or may not, be all you need to enable.

  • Voice traffic

    Hello, I have been running 20Mb mpls circuit over which i have formed GRE tunnel. My circuit goes choke most of the times. So i am planning to configure QoS and assign 5mb for voice traffic(i.e. for VOIP phone communication) and rest BW for others traffic. What would be best solution, should i police voice traffic under voice class map or PQ would be good.
    Also how should i classify voice traffic for my voip phones. pls help.

    Disclaimer
    The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
    Liability Disclaimer
    In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
    Posting
    BTW, 20 Mbps can push the practical performance capacity of a 2821.
    class-map match-any LLQ
    !match your VoIP bearer traffic here
    policy-map Shape20M
    class class-default
    shape average 17000000 !we're shaping 15% slower to allow for L2 overhead
    service-policy Sample
    policy-map Sample
    class LLQ
    priority percent 30
    class class-default
    bandwidth remaining percent 100
    fair-queue
    interface tunnel #
    ip tcp adjust-mss 1436
    ip mtu 1476
    service-policy output Shape20M
    tunnel path-mtu-discovery
    keepalive 1

  • AutoQoS for voice traffic settings?

    Hi Everybody, 
    I have enabled auto qos on switch and following are information
    Voice is the most important traffic in network, must ensure voice traffic goes first
    SW# show mls qos map dscp-output-q
       Dscp-outputq-threshold map:
         d1 :d2    0     1     2     3     4     5     6     7     8     9
          0 :    04-03 04-03 04-03 04-03 04-03 04-03 04-03 04-03 04-01 04-02
          1 :    04-02 04-02 04-02 04-02 04-02 04-02 03-03 03-03 03-03 03-03
          2 :    03-03 03-03 03-03 03-03 02-03 02-03 02-03 02-03 02-03 02-03
          3 :    02-03 02-03 03-03 03-03 03-03 03-03 03-03 03-03 03-03 03-03
          4 :    01-03 01-03 01-03 01-03 01-03 01-03 01-03 01-03 02-03 02-03
          5 :    02-03 02-03 02-03 02-03 02-03 02-03 02-03 02-03 02-03 02-03
          6 :    02-03 02-03 02-03 02-03
    SW# show mls qos queue-set
    Queueset: 1
    Queue     :       1       2       3       4
    buffers   :      10      10      26      54
    threshold1:     138     138      36      20
    threshold2:     138     138      77      50
    reserved  :      92      92     100      67
    maximum   :     138     400     318     400
    For the 
    DSCP 46 : it's 01-03 (voice)
    DSCP 0 : it's 04-03 (general traffic)
    From my understanding 
    - 01-03 means queue 1 and threshold3. (by default threshold3 is 100 and hidden)
    - queue-set 1 is enabled by default on all interface and hidden
    According to the above information, 
    - Does the Auto Qos is design for voice goes first?
    - Why the Q1 buffer and maximum are less then Q4? isn't suppose to set more buffer on Q1 for voice traffic? or I have to re-distribute the queue buffer and threshold, etc...
    - or I just use priority-queue out, then those queue setting will be ignored?
    Thanks in advance
    Sam

    udp ports 16384 to 32767 for rtp traffic
    1720 tcp for control (h323 protocol)

  • Characteristics of voice traffic

    Why "benign" is considered as a characteristics of voice traffic, but not "smooth".
    thanks,
    Han

    I guess that most voice traffic is very forgiving and that even with packet loss you can get the message across.  With this in mind you can say its "kind" which seems to be one of the best definitions for benign.  Why would you say that voice traffic is smooth?

  • Voice traffic- bandwidth

    Hi Experts..
    Pls help me in setting up QoS for my company. I have MPLS circuit for my all company locations. Main locations has 60mb MPLS circuit and branch locations has 20mb each. I have CME in my main location to which VOIP phones are registered. Since past few days i have been observing bandwith choke of my main location, due to this calling through VOIP phones from main locations to hub locations are getting drop intermediately.
    I am looking to prioritize voice traffic so that other traffic could not make impact on voip calls. I want to assign 10mb bandwith to voice traffic and rest bandwith for others traffic.
    Pls help me good way to configure this.

    Disclaimer
    The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
    Liability Disclaimer
    In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
    Posting
    policy-map sample
    class voip-bearer
    priority percent 33
    class voip-signaling
    bandwidth remaining 10 percent
    class class-default
    bandwidth remaining 90 percent
    fair-queue
    For above, you need to classify traffic and mark to agree with MPLS QoS support.  Percentages might also be changed to agree with MPLS QoS.
    Apply above as an out policy on MPLS egress port.

  • Separate Physical LAN for Voice Traffic

    HI everyone,
    How common is it to set up an entirely separate switching and routing infrastructure to handle voice over IP traffic?  I'm curious if this would be necessary as opposed to just logically separating the traffic via a voice VLAN.  Any input would be much appreciated.

    Not very common at all, as I said I have only seen this at Trading companies (very typical to that market), but that is a small percentage of all deployments.  I have worked with pretty much every imaginable market and have not see it anywhere else.
    HTH, please rate all useful posts!
    Chris

  • How to priortize video & voice traffic over mpls network

    Dear all,
    I have taken a 512k link from mpls network containing juniper as core routers, while i am using completely cisco in my network, my query is can i priortize my voice and video traffic over this mpls network i am also using rtp header compression.
    plz give me sample config if it is possible.
    thanks

    hi
    if i m not wrong there will be different kinda service offering in general being provided by the SPs.
    it falls under 2 main major categories one is managed and the other is unmanaged.
    in managed services your SP will honour the marking being done by the customers and the same is being carried throughout(in SP backbone) till reaching the remote destination.
    in unmanaged services whatever markings you do at ur end will be remarked or ignored by SP according to the policies followed by them.
    you can enquire about this with your SP and you can have the QOS policies configured accordingly.
    regds

  • ASA 5510 Not able to route traffic between 2 LAN interfaces

    Hi everybody,
    I need help to enable traffic between two physical ports on my Cisco ASA 5510. I created access rules and NAT but traffic doe not go from accounting interface to Inside. I am able to access internet from both interfaces. Can someone pin point me in the right direction since I am not an expert in Cisco but has to finish this by the end of the week.
    Thank you,
    Sigor
    Here is my configuration:
    ASA Version 8.2(2)
    hostname Cisco
    domain-name xxx.com
    names
    interface Ethernet0/0
     description Outside
     nameif Outside
     security-level 0
     ip address 101.101.101.101 255.255.240.0
    interface Ethernet0/1
     description Inside Network
     nameif Inside
     security-level 90
     ip address 192.168.10.1 255.255.255.0
    interface Ethernet0/2
     description Accounting
     nameif Accounting
     security-level 100
     ip address 20.0.1.1 255.255.255.0
    interface Ethernet0/3
     shutdown
     no nameif
     no security-level
     no ip address
    interface Management0/0
     nameif management
     security-level 100
     ip address 192.168.1.1 255.255.255.0
     management-only
    ftp mode passive
    clock timezone EST -5
    dns domain-lookup Outside
    dns server-group DefaultDNS
     name-server 8.8.8.8
     domain-name xxx.com
    same-security-traffic permit inter-interface
    object-group service Port-10000 tcp
     port-object eq 10000
    object-group service Port-8080 tcp
     port-object eq 8080
    object-group service Port-8011 tcp
     port-object eq 8011
    object-group service DM_INLINE_TCP_1 tcp
     group-object Port-8080
     port-object eq www
     group-object Port-8011
    object-group service DM_INLINE_TCP_2 tcp
     group-object Port-10000
     port-object eq https
     port-object eq www
    object-group service rdp tcp
     port-object eq 3389
    object-group service DM_INLINE_TCP_3 tcp
     group-object rdp
     port-object eq ftp
    object-group service DM_INLINE_TCP_4 tcp
     group-object Port-10000
     port-object eq www
     port-object eq https
     port-object eq ssh
    object-group service DM_INLINE_TCP_5 tcp
     group-object Port-8011
     group-object Port-8080
     port-object eq www
    object-group service DM_INLINE_TCP_6 tcp
     group-object Port-10000
     port-object eq www
     port-object eq https
    object-group service DM_INLINE_TCP_7 tcp
     group-object rdp
     port-object eq ftp
    access-list Outside_access_in extended permit tcp any host 101.101.101.104 object-group DM_INLINE_TCP_5
    access-list Outside_access_in extended permit tcp any host 101.101.101.102 object-group DM_INLINE_TCP_6
    access-list Outside_access_in extended permit tcp any host 101.101.101.103 object-group DM_INLINE_TCP_7
    access-list Outside_access_in extended permit tcp any host 101.101.101.106 eq smtp                                                              
    access-list Outside_1_cryptomap extended permit ip 192.168.10.0 255.255.255.0 192.168.50.0 255.255.255.0
    access-list Inside_nat0_outbound extended permit ip 192.168.10.0 255.255.255.0 192.168.50.0 255.255.255.0
    access-list Inside_nat0_outbound extended permit ip 192.168.10.0 255.255.255.0 192.168.80.0 255.255.255.0
    access-list CiscoIPsec_splitTunnelAcl standard permit 192.168.10.0 255.255.255.0                                                                
    access-list Accounting extended permit ip 20.0.1.0 255.255.255.0 192.168.10.0 255.255.255.0
    access-list Accounting extended permit ip 20.0.1.0 255.255.255.0 any
    pager lines 24
    logging asdm informational
    mtu Outside 1500
    mtu Inside 1500
    mtu Accounting 1500
    mtu management 1500
    ip local pool IPSecDHCP 192.168.80.100-192.168.80.200 mask 255.255.255.0
    icmp unreachable rate-limit 1 burst-size 1
    no asdm history enable
    arp timeout 14400
    global (Outside) 1 interface
    nat (Inside) 0 access-list Inside_nat0_outbound
    nat (Inside) 1 0.0.0.0 0.0.0.0
    nat (Accounting) 1 0.0.0.0 0.0.0.0
    static (Inside,Outside) tcp 101.101.101.104 www 192.168.10.14 www netmask 255.255.255.255
    static (Inside,Outside) tcp 101.101.101.104 8011 192.168.10.14 8011 netmask 255.255.255.255
    static (Inside,Outside) tcp 101.101.101.104 8080 192.168.10.14 8080 netmask 255.255.255.255
    static (Inside,Outside) tcp 101.101.101.102 10000 192.168.10.3 10000 netmask 255.255.255.255
    static (Inside,Outside) tcp 101.101.101.102 https 192.168.10.3 https netmask 255.255.255.255
    static (Inside,Outside) tcp 101.101.101.102 www 192.168.10.3 www netmask 255.255.255.255
    static (Inside,Outside) tcp 101.101.101.103 ftp 192.168.10.17 ftp netmask 255.255.255.255
    static (Inside,Outside) tcp 101.101.101.103 3389 192.168.10.32 3389 netmask 255.255.255.255
    static (Inside,Outside) tcp 101.101.101.106 smtp 192.168.10.23 smtp netmask 255.255.255.255
    static (Inside,Accounting) 192.168.10.0 192.168.10.0 netmask 255.255.255.0
    access-group Outside_access_in in interface Outside
    access-group Accounting in interface Accounting
    route Outside 0.0.0.0 0.0.0.0 101.101.101.101 1
    timeout xlate 3:00:00
    timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
    timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
    timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
    timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
    timeout tcp-proxy-reassembly 0:01:00
    dynamic-access-policy-record DfltAccessPolicy
    aaa authentication ssh console LOCAL
    http server enable
    http 192.168.1.0 255.255.255.0 management
    http 192.168.10.0 255.255.255.0 Inside
    http 20.0.1.0 255.255.255.0 Accounting
    no snmp-server location
    no snmp-server contact
    snmp-server enable traps snmp authentication linkup linkdown coldstart
    crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
    crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
    crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac
    crypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac
    crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
    crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
    crypto ipsec transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
    crypto ipsec transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
    crypto ipsec transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
    crypto ipsec transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
    crypto ipsec security-association lifetime seconds 28800
    crypto ipsec security-association lifetime kilobytes 32608000
    crypto ipsec security-association replay disable
    crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set pfs group1
    crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256
    -SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
    crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set security-association lifetime kilobytes 4608000
    crypto map Outside_map 1 match address Outside_1_cryptomap
    crypto map Outside_map 1 set pfs group1
    crypto map Outside_map 1 set peer 89.216.17.35
    crypto map Outside_map 1 set transform-set ESP-3DES-SHA
    crypto map Outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
    crypto map Outside_map interface Outside
    crypto isakmp enable Outside
    crypto isakmp policy 10
     authentication pre-share
     encryption 3des
     hash sha
     group 2
     lifetime 86400
    telnet timeout 5
    ssh 192.168.10.0 255.255.255.0 Inside
    ssh timeout 5
    console timeout 0
    dhcpd address 20.0.1.100-20.0.1.200 Accounting
    dhcpd dns 192.168.10.19 8.8.8.8 interface Accounting
    dhcpd lease 306800 interface Accounting
    dhcpd domain abtscs.com interface Accounting
    dhcpd enable Accounting
    dhcpd address 192.168.1.2-192.168.1.254 management
    dhcpd enable management
    threat-detection basic-threat
    threat-detection statistics access-list
    no threat-detection statistics tcp-intercept
    webvpn
    group-policy CiscoIPsec internal
    group-policy CiscoIPsec attributes
     dns-server value 192.168.10.30 192.168.10.19
     vpn-tunnel-protocol IPSec
     split-tunnel-policy tunnelspecified
     split-tunnel-network-list value CiscoIPsec_splitTunnelAcl
     default-domain value xxx.com
     vpn-group-policy CiscoIPsec
    tunnel-group 198.226.20.35 type ipsec-l2l
    tunnel-group 198.226.20.35 ipsec-attributes
     pre-shared-key *****
    tunnel-group CiscoIPsec type remote-access
    tunnel-group CiscoIPsec general-attributes
     address-pool IPSecDHCP
     default-group-policy CiscoIPsec
    tunnel-group CiscoIPsec ipsec-attributes
     pre-shared-key *****
    class-map inspection_default
     match default-inspection-traffic
    policy-map type inspect dns preset_dns_map
     parameters
      message-length maximum client auto
      message-length maximum 512
    policy-map global_policy
     class inspection_default
      inspect dns preset_dns_map
      inspect ftp
      inspect h323 h225
      inspect h323 ras
      inspect rsh
      inspect rtsp
      inspect esmtp
      inspect sqlnet
      inspect skinny
      inspect sunrpc
      inspect xdmcp
      inspect sip
      inspect netbios
      inspect tftp
      inspect ip-options
    service-policy global_policy global
    prompt hostname context
    Cryptochecksum:2a7c97a7a22397908ef83ca6f0065919
    : end

    Without diving too deep into your config, I noticed a couple of things:
    interface Ethernet0/1
     description Inside Network
     nameif Inside
     security-level 90
     ip address 192.168.10.1 255.255.255.0
    interface Ethernet0/2
     description Accounting
     nameif Accounting
     security-level 100
     ip address 20.0.1.1 255.255.255.0
    On an ASA, higher security level interfaces are always allowed, by default, to lower security levels, but not the other way around. So, if you want to keep this config, you would need an acl on the Inside interface to allow traffic to go from level 90 to 100:
    access-list Inside permit ip any any
    access-group Inside in interface Inside
    The acl will permit the traffic into either interface (outside or Accounting). As long as you have your other rules set up correctly, this should resolve your issue...
    HTH,
    John

  • Block guest mDNS traffic on business LAN

    For my company, I am running a Cisco 5508 WLC with a 4400 WLC as a guest anchor in our DMZ.  There is a guest SSID and several business SSID's for internal equipment.  Guest traffic should be tunneled out to the 4400 controller where [the client] gets its IP address and is sent out to the internet.  No internal corporate access is possible.  However, when I do a packet capture from my wired PC, I'm seeing traffic generated by different iPhones.  It appears to be mostly IPv6 mDNS or ICMPv6 traffic.  How would this traffic make it onto the corporate wired network, when it should be staying on the guest network?  None of the iPhones have been setup on the business SSIDs, so I know it isn't legit traffic.  Is there a setting in the WLC that will block this?  Will an ACL work?
    These are examples of some of the traffic that wireshark is capturing:
    349          7.794875          fe80::e77:1aff:fe3c:f81          ff02::fb          MDNS          253          Standard query response PTR, cache flush Tonyas-iPhone-2.local PTR, cache flush Tonyas-iPhone-2.local
    356          7.802667          fe80::e77:1aff:fe3c:f81          ff02::fb          MDNS          151          Standard query ANY Tonyas-iPhone-2.local, "QU" question ANY Tonyas-iPhone-2.local, "QU" question
    361          7.806964          fe80::e77:1aff:fe3c:f81          ff02::fb          MDNS          151          Standard query ANY Tonyas-iPhone-2.local, "QM" question ANY Tonyas-iPhone-2.local, "QM" question
    Both controllers are running software version 6.0.196.0.  I also have a WCS server running version 7.0.220.
    Thanks!
    Joe P.

    Well, you are asking a valid question but unfortunately I don't know the answer. I tried to find in config guide and multicast design guide if there disabling mylticast affects only L3 multicat or both L3 and L2 multicast but I unfortunately could not find an answer.
    Just one hint came to my mind, do you have Ipv6 bridging enabled under your WLAN (under advanced tab)?
    I think it is enabled so you may try disabling it. That would possibly stop the IPv6 traffic.
    http://www.cisco.com/en/US/docs/wireless/controller/7.0/configuration/guide/c70wlan.html#wp1345783
    HTH
    Amjad

  • Maximum cos1 (voice traffic) supported by Cisco ASR 1006 router

    Dear Team,
    Please confirm the maximum cos 1 traffic supported by cisco ASR 1006 router.

    Yes, it would. If you are planning on terminating a single site on this router I would spread over multiple routers for redundancy.
    Table 6 explains number of ports and channels providing you have the DSPs: 
    http://www.cisco.com/c/dam/en/us/products/collateral/routers/2800-series-integrated-services-routers-isr/product_data_sheet0900aecd8057f2e0.pdf

  • Block internet traffic but allow LAN traffic

    Hi,
    I have a WAP54G. Is it possible to set it so that when someone accesses the device, they can only access my local network (no internet access).
    Thanks,
    JT

    There are a few ways to do this.
    In your router, you can block a computer's Internet access by MAC address or by LAN IP address.  I would suggest blocking by MAC address.
    Obtain the MAC address of the offending computer.  Then enter your router and go to the "Security" tab, "Filter" subtab.  Click on "Edit MAC filter setting"  and enter the MAC address of the offending computer.  Click on "Apply".  You might also need to return to the "Security-Filter" page and click on "Save settings".  Reboot the router.
    Alternatively, you could block by LAN IP address, but this might interfere with the computer's ability to access other wireless systems, at home or while traveling.  If you do this, you would need to go into the offending computer, and assign it a fixed LAN IP address.  Then enter the router (same page as above), and in "Filter IP address range" just enter his IP address, for example  192.168.1.12  (or whatever fixed LAN IP address you gave him).  Then click on "Save settings".
    Note that if he is computer savvy, it may not take him long to figure out how to bypass these roadblocks.  IP addresses can be easily changed.  MAC addresses can be faked.
    The problem that you are having is similar to the "my teen is running wild on the Internet" problem.  Many parents have found that router settings only work to control young children, who don't know much about computers.  Older kids are better controlled using software products installed on the offending computer  (I assume you own his work computer.)    There are several parental control products on the market.  I am not personally familiar with them, but when I did a search, "Safe Eyes" and "ContentWatch ContentProtect" were rated well.  These programs can be used to limit the web sites visited, or stop Internet access entirely, or on a schedule. 

  • Priority queue for voice/audio traffic

    Hi,
    Still in limbo after multiple discussions with our vendors, TAC and in general other engineers, so starting a thread here.  In the process of rolling out enterprise audio, with the intent to prioritize and allocate 25% of link bandwidth for voice class.
    Our config snapshow is as follows -
    policy-map qos-wan-out
     class dscp-voice-lan
      set ip precedence 5
      priority percent 25
    I understand that
    -DURING congestion, this will ensure voice gets a maximum of 25% and is dequeued first due to the priority setting
    -And during NO congestion, the voice traffic will be dequeued before other traffic, but at the same time, can go over 25% as QoS kicks in only during congestion.
    I am seeing some contradictory results in that we are having high packet loss if we exceed 25% even when the link is less than 40% utilized. I doubt the above CE configurations are an issue. But, wanted to run this by this group.
    Alternate theory is that with the above configurations, our traffic is exiting fine - but the service provider who is using priority class queuing within their MPLS network may be capping the bandwidth at 25% at all times (with or without congestion).
    thanks

    Hi Bro
    Maybe the incoming voice packets into your FW isn't marked with ef. For this reason, you don't see anything at all. I hope the QOS isn't tied to a subinterface, as QOS is only supported on the main interface itself. What you're doing here is QoS Configuration based on DSCP. You could refer to this URL for troubleshooting purposes.
    http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a008080dfa7.shtml#tab4
    Did you marked on the Cisco Catalyst switchports, which ports are ef?

  • Voice video traffic classification

    Hi All,
    A simple query.
    With Cisco ios NBAR, when we say 'match protocol rtp video' , do we also match the audio embedded in the video stream ? .. or does that audio get matched only with the 'match protocol rtp audio' statement ?
    Also, is the 'match protocol rtp audio' statement sufficient to match all voice traffic from IP phones on the LAN ?
    Regards,
    Amit

    Hi Amit,
    Match protocol rtp video will match only video.
    In regards to your second question:
    Match rtp audio is good but it should be just a part of full end-to-end QoS policy and you should not only just rely on that.
    While deploying QoS - there are some best practices, like marking closest to the source. Most VoIP end devices, servers will mark the traffic (audio as 46 and signalinging as 24 at either l3 or like in case of phones at l2 level)
    You should configure QoS on catalyst switches.  Traffic is already marked you need to enable trust on the switches and ensure traffic is priortised and markings are carried to routers. At routers you can catch this based on markings, protocol (like rtp audio), source/destination, and several other criteria. Then this is sent across WAN with appropriate markings and get preferential treatment in Service Provides network and markings are maintained through out.
    So just to summarise yes it should catch audio by matching rtp audio but for QoS to work effectvely you should deploy QoS based on a wider policy that makes sure voice traffic is priortised at all possible levels.
    Hope it helps.
    Terry
    Please rate if you find it helpful.

Maybe you are looking for

  • Lacie external hard drive undetected (USB)

    My Lacie 500GB external hard drive is undetectable by my iMac G5. It just happened one day when I clicked on the icon on my desktop and the error message said it was undetectable. I secured the USB cables and made sure there was power. I also verifie

  • CachedRowSet and CLOB

    I use a CachedRowSet instance with an Oracle 8i (i get the same result with a 9i) datbase. if the table i do the query in contains any CLOB or BLOB column, when i execute the populate(ResultSet) method i get the following exception : java.lang.Number

  • Why does FCPX crash every time I use plug-in effects?

    I don't understand why FCPX crashes every time I use a plug-in effect. I install the plug-in effects in the Effects folder - User/Movies/Motion Templates/Effects - and I apply the plug-in effect to the clip in the timeline, but as soon as the clip is

  • Catldap.sql or dbmsldap.sql files?

    Hi, I can't find the files catldap.sql or dbmsldap.sql in the ORACLE_HOME/rdbms/admin directory. Using 8.1.6 EE.I haven't installed OID yet, but would just like to install the ldap packages so I can bind to an external LDAP server using PL/SQL LDAP A

  • What is Bonjour?

    Please help me to understand...