User not logged in - login - register
Home Calendar Books School Tool Photo Gallery Message Boards Users Statistics Advertise Site Info
go to bottom | |
 Message Boards » » 10+ port 10/100/1000 Router w/ QoS Recommendation? Page [1] 2, Next  
bous
All American
11215 Posts
user info
edit post

read subject

Need to be able to give a range of ports or range of ips priority over others on bandwidth (up and/or down). Trying to get our VoIP upstream working better.

what's my cheapest solution here?

3/4/2008 3:36:26 PM

mellocj
All American
1872 Posts
user info
edit post

what is your upstream connection? an ethernet connection?

It may be more practical to use a router that meets your QoS requirements and a separate Gigabit switch.

3/4/2008 4:12:09 PM

bous
All American
11215 Posts
user info
edit post

don't know why i said 10+ ports... already have a 10/100 switch in place that should do fine for now.

upload is only 512kbitsps... which is why i need QoS for the VoIP each upstream call on the VoIP is ~4KBytes/sec and can't let that drop or the call goes to shit.

3/4/2008 4:58:35 PM

gs7
All American
2354 Posts
user info
edit post

Get a router that can handle DD-WRT or Tomato ... your QoS problems are solved.

http://www.dd-wrt.com/wiki/index.php/Supported_Devices

http://www.polarcloud.com/tomatofaq#what_will_this_run_on

[Edited on March 4, 2008 at 5:25 PM. Reason : .]

3/4/2008 5:23:44 PM

smoothcrim
Universal Magnetic!
18966 Posts
user info
edit post

dd-wrt is a good choice, so is pfsense on some old p3

3/4/2008 5:54:59 PM

ncsuboy911
Suspended
240 Posts
user info
edit post

either of those will work

i finally put ddwrt on my router a few days ago and I def recommend it... I've used pfsense a little bit too--both work well. it really is just up to what you have available. if you have an old pc laying around that you want to commit to pfsense, i'd go that route

3/4/2008 6:19:16 PM

Grandmaster
All American
10829 Posts
user info
edit post

i've used pfsense forever, even had m0n0wall back in the day. put ddwrt on a buffalo when i moved and just installed tomato. i think i like tomato better, but if you have the wrap board or the spare pc, pfsense rules all.

3/4/2008 8:36:28 PM

bous
All American
11215 Posts
user info
edit post

not using dd-wrt in a production environment...

3/4/2008 10:24:54 PM

mellocj
All American
1872 Posts
user info
edit post

You can get a cheapish Cisco 2600 series router with 2 ethernet ports to do your QOS.

3/4/2008 10:33:36 PM

gs7
All American
2354 Posts
user info
edit post

^^I honestly don't see a problem using DD-WRT in a small-scale production environment. It's been extremely stable in my experience. But in our defense, you never said you were dealing with a "production environment".

Regardless, ^is correct, pick up a proper piece.

3/4/2008 11:20:16 PM

bous
All American
11215 Posts
user info
edit post

i'll get a 2611 with dual 10BaseT ports...

so this will do QoS for my purposes just fine eh? never messed with QoS in IOS back in the day, just routing mainly.

[Edited on March 4, 2008 at 11:37 PM. Reason : ]

3/4/2008 11:30:49 PM

mellocj
All American
1872 Posts
user info
edit post

yes you should have no problem doing qos on a cisco 2600. i have done it based on dscp

you can see some example configs here:

http://www.voip-info.org/wiki-QoS+Cisco

3/4/2008 11:43:14 PM

DoubleDown
All American
9382 Posts
user info
edit post

i wouldnt really worry about how many ports it has - a production router will generally only have 1 ethernet interface - no switchports

get a switch for that

3/5/2008 12:28:58 AM

BobbyDigital
Thots and Prayers
41777 Posts
user info
edit post

^^^

Do your IP phones mark DSCP or IPP? If not, you'll have to match phone traffic based on source IP, which is a little more painful, but it sounds like a fairly small office, so it shouldn't be too big of a deal. The 2600 can definitely handle your QoS needs, provided that you're not running into a bottleneck at the switchport level.

If you're looking for a cheap SMB type switch, check out the Catalyst Express 500 Series. I think they go for a few hundred bucks.. cheaper on ebay.

[Edited on March 5, 2008 at 8:34 AM. Reason : adsf]

3/5/2008 8:33:53 AM

bous
All American
11215 Posts
user info
edit post

i can get a 2611 with 2 lan for $100 shipped... sounds good 64D/16F

then when we upgrade to a T-1 after we move i can just get the WIC for it.


BobbyDigital: I can assign phones with static IPs... but can I also do QoS based on destination port? i.e. the phones all go to the same outbound port since it's PBX hosted VoIP


[Edited on March 5, 2008 at 9:44 AM. Reason : ]

3/5/2008 9:43:27 AM

BobbyDigital
Thots and Prayers
41777 Posts
user info
edit post

yeah, you can do that as well, using LLQ... would probably look something like this:

class-map match-any voip
match ip rtp X Y <--- where X and Y are your UDP range for the RTP stream
match access-group 150 <--- prioritize control packets (youll want to define an ACL for that as well)
!
policy-map VoIP
class voip
priority 50 <--- amount of bandwith for calls (use bandwidth link)
class class-default
fair-queue <--- fair queue all other traffic

Then under the interface going out to the PBX:

service-policy output VoIP

3/5/2008 10:13:18 AM

ComputerGuy
(IN)Sensitive
5052 Posts
user info
edit post

Get a Mac Airport Extreme.

[Edited on March 5, 2008 at 12:35 PM. Reason : d]

3/5/2008 12:34:49 PM

bous
All American
11215 Posts
user info
edit post

shut the fuck up.

3/5/2008 12:36:08 PM

DoubleDown
All American
9382 Posts
user info
edit post

who is your voip provider

3/5/2008 7:06:26 PM

bous
All American
11215 Posts
user info
edit post

packet8

they suck, but our office has no cable connection, so our best bet is dsl 512kbps up... or 4x the cost and a t-1 when we're moving this year.

3/5/2008 8:48:25 PM

Grandmaster
All American
10829 Posts
user info
edit post

lol an old boss of mine ran a smaller scale ISP using a bunch of pfsense boxen.

3/5/2008 9:40:09 PM

Aficionado
Suspended
22518 Posts
user info
edit post

Quote :
"Firmware: DD-WRT v24 RC-4 (10/10/07) std
Time: 21:49:31 up 64 days, 2:09, load average:"


its a RC and its been up and stable for 64 days...not longer because i dont have it on a UPS

you would be fine in a production environment

3/5/2008 9:50:45 PM

robster
All American
3545 Posts
user info
edit post

I second bobby's qos config.

Just remember that the priority x command is x measured in kbps. You MUST configure this for MORE than the rate of expected voice traffic. So lets say you have 5 phones which would send voice at rates of 50kbps each, so you would need to set 'priority 250'.

If you dont do this, then anything over the rate you configure will be dropped, even if there is extra bandwidth available on the interface.

3/5/2008 10:02:20 PM

evan
All American
27701 Posts
user info
edit post

pfsense is the end all be all of routing platforms

with the exception of the cisco IOS

3/5/2008 10:28:18 PM

mellocj
All American
1872 Posts
user info
edit post

with the exception of JunOS

3/6/2008 12:31:19 PM

bous
All American
11215 Posts
user info
edit post

Cisco 2611 with 2E shipped for $118. Will post success story next week

3/6/2008 3:21:14 PM

BobbyDigital
Thots and Prayers
41777 Posts
user info
edit post

ah shit, i didn't know you hadn't bought one yet.

I have one gathering dust that i bought a while back when i was going to build my own CCIE rack.

3/6/2008 8:53:20 PM

mellocj
All American
1872 Posts
user info
edit post

funny how the thread went from

10+ port 10/100/1000 Router

to

2 port 10 Router

3/6/2008 9:39:37 PM

bous
All American
11215 Posts
user info
edit post

yeah it was mainly if there was a cheap GigE solution... figured $100 and keep 100mbps was fine.

3/6/2008 10:30:53 PM

bous
All American
11215 Posts
user info
edit post

I am having a problem getting NAT to work... I need computers from the outside to be able to shoot e-mails via port 25 to my exchange server, and allow that server to have http and https open (80 and 443)...

right now I can't seem to get it working...




Current configuration : 1682 bytes
!
! Last configuration change at 18:49:44 EDT Fri Mar 14 2008
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
no service dhcp
!
hostname CISCO
!
boot-start-marker
boot-end-marker
!
logging buffered 16384 debugging
enable secret 5 HIDDEN
!
clock timezone PST -5
clock summer-time EDT recurring
no aaa new-model
ip subnet-zero
!
!
no ip domain lookup
ip domain name HIDDEN.net
ip name-server 74.x.x.25
!
ip cef
ip dhcp-server 192.168.1.2
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Ethernet0/0
description to DSL
ip address 74.x.x.26 255.255.255.252
ip nat outside
full-duplex
no cdp enable
!
interface Serial0/0
no ip address
shutdown
no fair-queue
!
interface Ethernet0/1
ip address 192.168.1.1 255.255.255.0
ip nat inside
full-duplex
no cdp enable
!
ip default-gateway 74.x.x.25
ip nat pool Server 74.x.x.26 74.x.x.26 netmask 255.255.255.252
ip nat inside source list 1 pool Server overload
ip nat inside source static tcp 192.168.1.2 25 74.x.x.26 25 extendable
ip nat inside source static tcp 192.168.1.2 80 74.x.x.26 80 extendable
ip nat inside source static tcp 192.168.1.2 443 74.x.x.26 443 extendable
no ip http server
ip classless
ip route 0.0.0.0 0.0.0.0 74.x.x.25
!
!
access-list 1 permit any
access-list 2 permit any
!
!
!
!
!
alias exec s sh run
!
line con 0
password 7 HIDDEN
logging synchronous
login
line aux 0
password 7 HIDDEN
logging synchronous
login
line vty 0 4
password 7 HIDDEN
logging synchronous
login
!
ntp clock-period 17208135
ntp server 132.163.4.101
!
end

3/14/2008 5:54:03 PM

bous
All American
11215 Posts
user info
edit post

also, i'm noticing that the internet is going EXTREMELY SLOW compared to using the windows server 2003 as the router...

can anyone verify my config is okay?

3/14/2008 6:22:26 PM

ScHpEnXeL
Suspended
32613 Posts
user info
edit post

paging BobbyDigital

3/14/2008 7:55:08 PM

bous
All American
11215 Posts
user info
edit post

got NAT working it seems after a couple of tweaks.

now to test out the QoS for VoIP



one weird thing i've noticed... if i point my computers to the router (192.168.1.1) as the DNS server, it doesn't work...

[Edited on March 14, 2008 at 8:42 PM. Reason : ]

3/14/2008 8:42:17 PM

mellocj
All American
1872 Posts
user info
edit post

^ it SHOULDNT work. its a router, not a dns server.

3/15/2008 12:32:51 PM

BobbyDigital
Thots and Prayers
41777 Posts
user info
edit post

yup.

looks like you should point the DNS server to 74.x.x.25

based on:


ip name-server 74.x.x.25

3/15/2008 1:28:37 PM

Scary Larry
Suspended
644 Posts
user info
edit post

god damn that's why I never bothered to learn IOS

3 pages of configuration for a NAT gateway

3/15/2008 2:21:16 PM

bous
All American
11215 Posts
user info
edit post

i figured it would forward dns queries from 192.168.1.1 (router) to the name-server in its config.


it's weird how after 4 years from working with routers 8 months straight... i go to the terminal for the first time and instantly type sh ip int b

[Edited on March 15, 2008 at 4:12 PM. Reason : ]

3/15/2008 4:08:26 PM

BobbyDigital
Thots and Prayers
41777 Posts
user info
edit post

^^ umm... the actual NAT config is only 7 lines worth.

3/15/2008 5:26:19 PM

bous
All American
11215 Posts
user info
edit post

added 2 lines for pptp and rdp

3/15/2008 10:18:29 PM

robster
All American
3545 Posts
user info
edit post

You got the VOIP qos working yet?

You may need to create a hierarchical policy on this thing:

policy-map PARENT
class class-default
shape average 512000 (whatever your dsl rate is)
service-policy VOIP

int e0/0
service-policy output PARENT

The idea behind this is that you currently have an upstream bottleneck of your dsl device.
This puts the bottleneck on your router, where you can control what gets prioritized and what doesn't.

3/16/2008 2:19:44 PM

bous
All American
11215 Posts
user info
edit post

so that would be in addition to what Bobby posted?

i haven't tested the QoS yet. i want to make sure tomorrow goes well with employees before i try the QoS.

3/16/2008 6:44:05 PM

Scary Larry
Suspended
644 Posts
user info
edit post

^^^^ I think my post made it pretty obvious I neither speak IOS nor care to.

3/16/2008 9:34:50 PM

bous
All American
11215 Posts
user info
edit post

OK I NEED SOME SERIOUS HELP!

We are only able to download at like 20K/sec on an 8mbps down connection with the new router. People are starting to riot

ANY help is much appreciated. ALL computers have been rebooted and set to DHCP. They all have the proper IPs, Gateway, DNS, WINS, etc.



Mar 17 13:31:01.003: %SYS-5-CONFIG_I: Configured from console by console
CISCO#sh run
Building configuration...

Current configuration : 2315 bytes
!
! Last configuration change at 09:31:01 EDT Mon Mar 17 2008
! NVRAM config last updated at 22:15:56 EDT Sun Mar 16 2008
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
no service dhcp
!
hostname CISCO
!
boot-start-marker
boot-end-marker
!
logging buffered 16384 debugging
enable secret 5 BLAH
!
clock timezone PST -5
clock summer-time EDT recurring
no aaa new-model
ip subnet-zero
!
!
ip name-server 74.x.x.25
ip name-server 205.152.37.23
ip name-server 205.152.132.23
!
ip cef
ip dhcp-server 192.168.1.2
!
!
!
!
!
!
!
!
!
!
!
!
!
!
class-map match-any voip
match ip rtp 51044 0
match access-group 2
!
!
policy-map VOIP
class voip
priority 36
class class-default
fair-queue
policy-map PARENT
class class-default
shape average 512000
service-policy VOIP
!
!
!
!
interface Ethernet0/0
description to DSL
ip address 74.x.x.26 255.255.255.252
ip nat outside
full-duplex
no cdp enable
! -> DISABLED THE service-policy output PARENT
!
interface Serial0/0
no ip address
shutdown
no fair-queue
!
interface Ethernet0/1
ip address 192.168.1.1 255.255.255.0
ip nat inside
full-duplex
no cdp enable
!
ip default-gateway 74.x.x.25
ip nat pool Server 74.x.x.26 74.x.x.26 netmask 255.255.255.252
ip nat inside source list 1 pool Server overload
ip nat inside source static tcp 192.168.1.2 25 74.x.x.26 25 extendable
ip nat inside source static tcp 192.168.1.2 80 74.x.x.26 80 extendable
ip nat inside source static tcp 192.168.1.2 443 74.x.x.26 443 extendable
ip nat inside source static tcp 192.168.1.2 3389 74.x.x.26 3389 extendable
ip nat inside source static tcp 192.168.1.2 1723 74.x.x.26 1723 extendable
ip nat inside source static tcp 192.168.1.2 4125 74.x.x.26 4125 extendable
ip nat inside source static tcp 192.168.1.2 11091 74.x.x.26 11091 extendable
no ip http server
ip classless
ip route 0.0.0.0 0.0.0.0 74.x.x.25
!
!
access-list 1 permit any
access-list 2 permit any
!
!
!
!
!
alias exec s sh run
!
line con 0
password 7 BLAH
logging synchronous
login
line aux 0
password 7 BLAH
logging synchronous
login
line vty 0 4
password 7 BLAH
logging synchronous
login
!
ntp clock-period 17208361
ntp server 132.163.4.101
!
end

3/17/2008 8:39:09 AM

ScHpEnXeL
Suspended
32613 Posts
user info
edit post

Sounds like what happened when I tried to put in a Linksys RV016 router to handle our internet.. linksys FINALLY (a year later) released firmware that fixed the problem but I went through 3 routers and all of them would cause intermittent internet connectivity about every 30 seconds--making it damn near impossible to get anything downloaded and being slow as shit when it did decide to work..

Ah well, shit's fixed now

Oh, good luck

3/17/2008 8:44:36 AM

bous
All American
11215 Posts
user info
edit post

i took out the class-map and 2 policy-maps also (even though not attached to an int) and it's still slow as shit...


put half-duplex on E0/0 E0/1 and it is 100x faster now... was having collisions and shit with full-duplex!

[Edited on March 17, 2008 at 8:56 AM. Reason : ]

3/17/2008 8:44:39 AM

BobbyDigital
Thots and Prayers
41777 Posts
user info
edit post

if you were having collisions with full-duplex, the only way that could happen is if you had a duplex mismatch, and the other end of E0 was at half duplex, while E0 was full duplex.

or some weird hardware issue.

3/17/2008 10:41:35 AM

wut
Suspended
977 Posts
user info
edit post

IOS bug maybe?

3/17/2008 10:42:54 AM

bous
All American
11215 Posts
user info
edit post

Even with half-duplex I am getting collisions on e0/0 at 1.5% and e0/1 at 3%.

that is ridiculous.

e0/0 is plugged into a dsl modem so full duplex should be fine.
e0/1 is plugged into a 10/100mbps 24 port switch so full duplex should be fine.


half-duplex still DID make a difference, i just don't know why.



I still haven't upgrade the IOS on this puppy, so maybe i should try an upgrade?

3/17/2008 1:30:03 PM

bous
All American
11215 Posts
user info
edit post

seems as though the switch (which isn't owned by us and is in a server closet outside of our office even though we only use it) is 100baseTX / 10baseT and may not support full-duplex 10mbps?

may be time for an upgrade on the switch to support full duplex.

3/17/2008 1:50:56 PM

wut
Suspended
977 Posts
user info
edit post

AFAIK 10mbs is only half duplex, could very well be wrong tho.

3/17/2008 1:56:10 PM

 Message Boards » Tech Talk » 10+ port 10/100/1000 Router w/ QoS Recommendation? Page [1] 2, Next  
go to top | |
Admin Options : move topic | lock topic

© 2024 by The Wolf Web - All Rights Reserved.
The material located at this site is not endorsed, sponsored or provided by or on behalf of North Carolina State University.
Powered by CrazyWeb v2.39 - our disclaimer.