Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Westi on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Cisco 2911

Status
Not open for further replies.
3Sixty

3Sixty

Technical User
Feb 28, 2005
1,451
GB
Hi Everyone a bit of guidance really appreciated.

I have a client who uses Cisco 2911 ISR with LAN to LAN VPN to 4 sites. They have a fibre based broadband providing 30Mbit down and 6Mbit up.

Each site is configured in a star topology with a VPN tunnel to all the other sites:-

Site a VPN to Site b, Site c, Site d
Site b VPN to Site a, Site c, Site d etc. etc.

The customer is planning on implementing a third paty PBX (not Cisco)with VOIP phones across all the sites. They want to try and implement some form of QOS. I have tried to explain that we can shape the packets as they leave but we are still at the mercy of the internet.

Can anyone recommend the best solution to implement QOS on the LAN to LAN VPN. The client has 2 fibre broadbands on each site.

They have talked about replicating the data setup and using the 2nd fibre broadband for voice only.

Can they use the same ISR 2911 for both VPN connections?

Would they require a voice subnet and a data subnet configured for the VPN routes to be isolated?

Would Diff services be the best implemntation for the QOS?

Thanks,
John
 
Sort by date Sort by votes
Architecturally speaking I would have used DMVPN as opposed to each site being statically configured for full mesh connectivity. As you said, you get no QoS on the Internet. Make sure you understand whether or not the handsets will mark the voice bearer traffic and how the traffic is marked (802.1p or DSCP/IP Prec or both) or if you need to manually mark the packets at the edge. You can use qos pre-classify on the crypto map(s) (assuming you are using policy-based VPN). QoS Pre-classify will make a copy of the header information before it is encapsulated and will help you to at least expedite voice traffic (you could use ToS byte preservation, but QoS Pre-classify is more efficient). Now, once it gets out on the Internet all bets are off. Whether or not you use one FIOS for voice and another for data will depend on bandwidth usage and whether or not they want one link just sitting idle. As for whether or not the 2911 can terminate both VPN connections, absolutely it can.

I hate all Uppercase... I don't want my groups to seem angry at me all the time! =)
- ColdFlame (vbscript forum)
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

pbxcomm
  • Locked
  • Question
CISCO VG450
Replies
1
Views
401
bdk76
bdk76
Skip Rango
  • Locked
  • Question
how to backup cisco sg500-52p switch
Replies
1
Views
394
madwok
madwok
Jared R
  • Locked
  • Question
Cisco UC320W Paging Help
Replies
0
Views
395
Jared R
Jared R
Hayden09
  • Locked
  • Question
Cisco Sg-300 Flapping?
Replies
0
Views
360
Hayden09
Hayden09
JMarine0811
  • Locked
  • Question
CISCO VG450 Factory reset
Replies
1
Views
483
whykap
whykap

Part and Inventory Search

Sponsor

Back
Top