This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

QoS Bandwidth Settings on VLAN Interfaces behind RED 50

Hi,

just a general question concerning Bandwidth settings for RED interfaces behind a RED 50 running in standard unified mode.

 

RED 50 in Branch office is connected via 100 MBit Line to HQ.

3 VLAN interfaces on RED.

 

I want to configure QoS for some VOIP DSCP values for traffic going over the red. 

Do I have to split the total available bandwidth (of 100 MBit/s) to the 3 red-interfaces? Or should I define the same maximal possible value (100) to each of them?

 

Thanks

Philipp



This thread was automatically locked due to age.
  • Hallo Philipp and welcome to the UTM Community!

    I think you haven't gotten an answer to this question because it's not clear what you want to do.  Please give us an idea of where the VoIP PBX is and on which VLAN the VoIP traffic passes.  Also, tell us what problem you're experiencing.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Hi Bob,

    thanks for your feedback.

     

    PBX is in the internet.

    All traffic from branch goes through RED. Internet access in HQ is used for all traffic of branch.

     

    High jitter in branch on voip connections in situations of high traffic or many connections noticed.

     

    Branch has VLANS 10,11,12 behind RED 50. Voip Traffic passes VLAN 10 and 12.

    Each VLAN in branch has it's own virtual interface on UTM.

    In QoS config I have to setup the interface bandwidth for at least the interace "branch4.vlan10 on reds4 (VLAN10)" and "branch4.vlan12 on reds4 (VLAN12)" in order to configure QoS.

    Assuming line speed below the red link is 100 MBit/s. Can both interface get 100 MBit/s as max. speed or do I have to split the link speed to the two interfaces (e.g. 50/50 or 20/80)?

     

    Thanks again

    Philipp

  • Hi Philipp,

    First, check the Intrusion Prevention log (be sure to read #1 in Rulz).  It's not unlikely that that's your problem.

    Bandwidth Pools only limit other traffic when necessary to provide guaranteed bandwidth to desired traffic.  Download Throttling rules put hard limits on other traffic so that the desired traffic has the remainder.  I would start with Bandwidth Pools only.  If you still have jitter, then add Download Throttling rules.

    In the Bandwidth Pools, you will want to guarantee 100kbits multiplied by the number of phones on each VLAN.

    If you need Download Throttling, make two rules for each VoIP interface and one for VLAN 11.  Yes, you will need to split the link speed between the three interfaces.  First, one "limiting" VoIP traffic to 1000000 kbits (this is, in effect, a "no limit" exception to the following rule).  Follow that by a rule limiting all traffic to the portion of 100Mbits you want to allocate to that VLAN subtracting 100kbits for the number of simultaneous calls you expect on that VLAN - you will likely want to play with your estimate.

    Glück gehabt?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Thanks for confirming that I have to split the defined bandwidth. Problems completely solved by applying bandwidth pools.