Topic: QOS not working

[portedaix]

Hello,

I started a subject

http://forums.contribs.org/index.php/topic,48830.0.html in SME 7.x VoIP (Asterisk, SAIL etc) forum. As it concernes a QOS contrib,  I continue it here.

Here is my problem :
My telephone lines are highly disturbed with internet traffic. I use sme8 as a soho, and my adsl line is slow, about 1.5M. But it should be enough for 3 sip lines, one call at a time per line, usually 2 calls max at the same time. I tried to use this QOS contrib, http://forums.contribs.org/index.php?topic=45067.0, but it did not change anything. I set 5060,10000-20000 as high priority ports in the QOS control panel, without success. In addition, I am not able to predict the disturbances. Sometimes, with heavy internet traffic, line quality is perfect, sometimes with low traffic, my voice is "chopped" for my correspondants.

Since my first post in VOIP forum, I tried/corrected different things :

• My adsl modem has QOS built in, I have to specify which port. It is a D-Link DSL-2640R. At the beginning, I specified port 5060, but after reading asteriks howtos, I beleive it is of no use in my case. So I changed the ports to 10000-20000
• In the sip.conf headers, I added tos_sip=cs3 tos_audio=ef tos_video=af41, which seems to be recommended for asterisk 1.4

[li]QOS contrib, in sme server manager,  is set to udp 5060,10000-20000 as high priority ports, 5060 for tcp, and I added as high priority hosts my siemens c590ip DECT base at 192.168.x.x and my linksys PAP2 at 192.168.x.y
[/li][/list]

Those new settings were done yesterday. So far, it seems working for the person I call. Let see.  From my side, I still can here some distorsion when my correspondant speaks, but it is acceptable.

sme8.0
asterisk 1.4
sail-2.6.1-9
D-Link DSL-2640R dasl modem
siemens c590ip DECT
linksys PAP2

regards
olivier

[bbialy]

Sorry my friend,
But this QoS contrib is deprecated and it doesn't work. IMHO it never does
Best solution is to have good router.
I was using Zyxel zywall series which were nice (for voice) lot parameters could be set ie. SIP ALG or time of life for udp sessions on NAT.
Now I'm using sonic wall - IT IS OUTSTANDING.

Conclusion: we have to use tools on the way it were designed.
If you will had any problems with configuring router for VoIP let me know I will try to drop you some tips. ( like udp sessions timing - 4 nights of tuning or guessing )

Best Maciej

[Stefano]

olivier.. IMHO you should really consider the idea of using a REAL firewall (like pfsense, ipcop, m0n0wall ecc)
you can use it even in server & gateway mode as log as you have multiple public ips

SME can act as a (secure) firewall but it's not its main aim

all IMVHO

[portedaix]

Thanks a lot to both of you. Yes... The propre tool for the propre task... So nos you propose me two solutions, fantastic. Based on the same idea: proper firewall.

Maciej, which model do you have exactly ? TZ...

Stefano, to use pfsense, I need a second server if I understand it correctly. At the moment, my sme is running on a normal pentium pc. I measured the consumption and confirm what we all know for this kind of pc : it is about 100W which makes 880 kW per annum. For quite some times I am wondering how to lower this consumption. We have to save the planet isn't it ? Is there a good way to make a good pfsense or sme server with low electrical consumption ?

Thanks again for your help.
Olivier

[bbialy]

Oliver,
I use wide range of zywall USG and sonicwall NSA product line.
If you have small setup ( it looks like that) zywall USG 20 is more than enough 120-150 eur.
For bigger setups or more than one Internet access links use USG 100 or NSA 240(my favorite )
But they are more expensive ( 500 - 700 eur).
In zywall you will get. Nice firewall, quite good QoS for Sip ( zywall understand SIP protocol quite well) content filtering (black and white list, category based cf is on additiona license ) IPSec , Ssl and reveproxy VPN)
Configuration is not obvious but it is not black magic also, like command line Cisco.
Best

[portedaix]

Hello Maciej,

I have a ZyWALL USG 50 up and renning now. I plan to have two wan later on...
For the time being, could you tell me what settings you have for a good QOS ?

Thanks
Olivier

[bbialy]

Here are some steps:
Before you start there is no one perfect set of setting for QoS.
Each link is little different  so settings should be different. But there are rules or first steps to try.

Basic configuration:
1. In interface configurtion you have to set speed of your Internet link. I used to set approx. 90% of tested speed. Remember to click to show advanced option then set egress and ingress speed in bits/s. set it only on Wan interface. *
2. I assume that your sark box is in Lan ( not in Dmz) So you have to set NAT 1:1 for ( When src Ip is your VoIP provider or just for Sip service. ) If you set NAT just for sip service (5060 port )don't be afraid about rtp packets - it will match signaling and media stream.
3. Remeber to allow SIP traffic to Sark BOX on Firewall. Service SIP dest public IP of WAN Interface action ALLOW.
4. in ALG enable SIP ALG.
5. in App Patrol enable BWM and Enable Highest priority for SIP traffic.
6. On Sark BOX in Global delete IP address from external IP address field. (ALG will change IP address from FROM field inSIP sginallization).


this quite first config proposition. others we can try, but I need feedback from You. we can try some teamviewer session.
or from my computer to my zywalls to see what is set or i can look at your config as you wish.
remeber that my time zone is CET - CEST

Best Maciej

* - in some DSL lines when load is more than 85-90% latency is like made from chewing gum from 10 - 500ms you have to adjust those settings by experimental way.

[chris burnat]

This post has been moved to SME7.x VoIP where it is more appropriate.