what about letting your Switch handle the traffic shaping? many switches these
days are Light-Layer 3 and support such features as bandwidth limiting and what
not.. and even allow you to prioritize based on VLAN.. so you can gauarantee
certain VLANs a prescribed amount of bandwidth from a pool...
-Christopher
________________________________
From: Lonnie Abelbeck <[email protected]>
To: AstLinux Users Mailing List <[email protected]>
Sent: Wednesday, September 4, 2013 7:01 PM
Subject: Re: [Astlinux-users] Firewalls, traffic shaping, qos and RTP ports
Michael,
I have found traffic shaping to be somewhat of a black art. Making multiple
outbound calls while doing an outbound speed-test (up and down) is a good way
to test.
I suspect your DSL link may behave differently than my cable modem connection.
Lonnie
On Sep 4, 2013, at 5:42 PM, Michael Knill wrote:
> Ok after my testing hfsc does indeed work this way. Although not perfect, it
> was more than acceptable during the rare periods of extreme congestion. I
> noticed that the effective rate did not change when calls were introduced (I
> tried 3). This makes me happy :)
>
> So this is how I think it works out:
>
> If you have a shared broadband service with plenty of upload headroom, you
> should use htb and your shaping parameter should be (Upload speed + 25%) -
> (100K (G711) * max number of channels) e.g. Upload speed 1000K with 4
> channels required = 1000 + 250 - 400 = 850K.
>
> If you dont have much upload headroom and it will be a problem to shape it
> right down, then just configure for hfsc at Upload Speed - 10%-20% to be
> conservative.
>
> What do you think?
>
> Regards
> Michael Knill
>
>
>
>
> On 05/09/2013, at 7:46 AM, Lonnie Abelbeck <[email protected]> wrote:
>
>> Michael,
>>
>> AstLinux's traffic shaper honors QoS values using DSCP matching. Of course
>> you have to enable this in Asterisk sip.conf:
>> --
>> ; See https://wiki.asterisk.org/wiki/display/AST/IP+Quality+of+Service for a
>> description of these parameters.
>> tos_sip=cs3 ; Sets TOS for SIP packets.
>> tos_audio=ef ; Sets TOS for RTP audio packets.
>> tos_video=af41 ; Sets TOS for RTP video packets.
>> tos_text=af41 ; Sets TOS for RTP text packets.
>> --
>>
>> The traffic shaper honors "htb" and "hfsc" methods, the very old "htb" works
>> as I described and is what I use on my 28/4 Mbps connection. The "hfsc"
>> method is newer and works more like what you want by dynamically
>> prioritizing, but in my tests (years ago) the dynamic slew was too slow for
>> perfect voice in worst case conditions. Feel free to try "hfsc".
>>
>> Again, I suggest you disable downlink shaping.
>>
>> Keep in mind the traffic shaper is implemented in the Linux kernel and the
>> 'tc' command. We can't make it any better than how it is implemented in
>> Linux.
>>
>> As for "the VoIP UDP Ports range in the traffic shaper config" it does not
>> matter much anymore if you enable QoS marking in Asterisk, mostly a legacy
>> setting. A DSCP match is the best way to go when possible, and automatic.
>>
>> Lonnie
>>
>>
>>
>> On Sep 4, 2013, at 4:10 PM, Michael Knill wrote:
>>
>>> Ok well the traffic shaping does not work the way I thought then which is a
>>> big problem as far as I am concerned. So Lonnie what you are saying is that
>>> you essentially have to configure the traffic shaper to allow the headroom
>>> for the maximum number of supported channels? This basically takes the
>>> system back to the multiplexor days. The way that QoS and traffic shaping
>>> should work is that the full shaped envelope has prioritised traffic with
>>> it so that the full bandwidth can be used at all times by all traffic types
>>> and bandwidth restrictions only apply during congestion. This is how a
>>> Cisco router works and I thought this worked the same way. This is really
>>> disappointing to find this out now as it was a significant decider in me
>>> using Astlinux. I am going to need to use a separate broadband connection
>>> for voice for most businesses as they will not tolerate the significant
>>> reduction of upload speed or I will need to use a true QoS capable router
which would be really disappointing
> .
>>>
>>>> From my perspective, the firewall, routing and QoS areas of Astlinux are
>>>> the areas that I would like to have the most development as this is what
>>>> differentiates Astlinux from nearly all other distributions, not the fact
>>>> that it runs Asterisk.
>>>
>>> Getting back to the RTP ports, I still dont know what the VoIP UDP Ports
>>> range does in the traffic shaper config. Can someone please tell me?
>>> I have set 16384:16639 as recommended. Now after doing an RTP Debug from
>>> making an outgoing external phone call, this is what I get:
>>>
>>> Sent RTP P2P packet to 203.2.134.1:21294 (type 08, len 000160)
>>> Sent RTP P2P packet to 172.30.30.116:16458 (type 08, len 000160)
>>> Sent RTP P2P packet to 203.2.134.1:21294 (type 08, len 000160)
>>> Sent RTP P2P packet to 172.30.30.116:16458 (type 08, len 000160)
>>> Sent RTP P2P packet to 203.2.134.1:21294 (type 08, len 000160)
>>> Sent RTP P2P packet to 172.30.30.116:16458 (type 08, len 000160)
>>>
>>> Yes the port is correct for the internal IP Phone (172.30.30.116) but the
>>> external provider port is negotiated by them (203.2.134.1). So what is the
>>> point of putting 16384:16639 in the shaper and the firewall rules. Its
>>> doesn't even see these ports as they are sent back to the internal
>>> interface?
>>>
>>> I would really like to get this sorted as it significantly affects my whole
>>> system architecture and at this stage, for sites that share a single
>>> broadband connection, I will have to use a separate QoS capable router.
>>>
>>> Regards
>>> Michael Knill
>>>
>>>
>>>
>>>
>>> On 05/09/2013, at 1:05 AM, Lonnie Abelbeck <[email protected]>
>>> wrote:
>>>
>>>> Hi Michael,
>>>>
>>>> First, I would disable Downlink shaping, the latest version of AstLInux
>>>> have a "Disabled" option, with your 1.0.4 version setting "Downlink Speed"
>>>> to "0" should work IIRC, though official in AstLinux 1.1.0 .
>>>>
>>>> The "Uplink Speed" reserves about 25% for VoIP traffic, so a value of 1000
>>>> Kbps will limit low priority traffic to about 750 Kbps, leaving 250 Kbps
>>>> for VoIP if the real limit is 1000 Kbps. This would support 2 SIP calls
>>>> using a ulaw codec.
>>>>
>>>> Keep lowering "Uplink Speed" to provide more headroom for VoIP calls.
>>>>
>>>> As far as the VoIP UDP port range, the range should match your Asterisk
>>>> rtp.conf settings (reduce the default) and match a manual allowed UDP port
>>>> range in your firewall (Pass EXT->Local). Do not enable the sip-voip
>>>> plugin.
>>>>
>>>> In practice any *phone* that registers with your Asterisk should have the
>>>> same VoIP UDP port range defined in their configs. A range (rtpend -
>>>> rtpstart) of 256 ports should be fine, don't make it too large.
>>>>
>>>> Lonnie
>>>>
>>>>
>>>> On Sep 4, 2013, at 7:22 AM, Michael Knill wrote:
>>>>
>>>>> I have been doing some more testing with iftop. My ADSL service is
>>>>> clocking at 947K Up so I have set 900K as the upload speed.
>>>>> iftop is showing a constant 800K or so peak ppp0 interface transfer rate.
>>>>> I assume this is not 900 due to overheads etc. This rate does not change
>>>>> much when a call is included into the traffic. Although the data traffic
>>>>> reduces, there is considerable voice packet loss.
>>>>> If I change the shape rate to 800, my ppp0 interface transfer rate
>>>>> reduces to around 700K as expected. Now when I add a voice call, there is
>>>>> no packet loss, however the interface traffic rate goes to about 780K
>>>>> which indicates that it is not being included in the shaped envelope.
>>>>> When I add a second call, I get packet loss again as it is taken past the
>>>>> maximum upload rate.
>>>>>
>>>>> To me this indicates that the voice traffic is not being included in
>>>>> traffic shaping or traffic shaping is not even working. I turned it off
>>>>> and it really didn't make any difference.
>>>>> The box is using version 1.0.4. Any ideas?
>>>>>
>>>>> Regards
>>>>> Michael Knill
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> On 04/09/2013, at 5:34 PM, Michael Knill
>>>>> <[email protected]> wrote:
>>>>>
>>>>>> To the group
>>>>>>
>>>>>> I am still very confused about what I should be setting the VoIP UDP
>>>>>> port range to. I use different providers with different ranges. Do I
>>>>>> just set it to 10000 - 65535?
>>>>>> What does it actually do?
>>>>>>
>>>>>> In the Astlinux Firewall Addins doco it says for sip-voip:
>>>>>>
>>>>>> This plugin attempts to track the RTP ports used in a SIP dialog and
>>>>>> automatically open the necessary RTP ports when needed.
>>>>>> In practice this plugin does not always yield the expected results. Feel
>>>>>> free to experiment.
>>>>>> When this plugin is disabled (the default) the SIP RTP ports must be
>>>>>> manually opened to match the Asterisk rtp.conf rtpstart/rtpend values.
>>>>>>
>>>>>> The rtpstart and rtpend values I have in rtp.conf are not what my
>>>>>> provider(s) use. Should I change it to match? How come I have no sip
>>>>>> firewall rules as mentioned above but it still works fine?
>>>>>> How does the firewall know to open up the media ports? In all the tests
>>>>>> I did, the port was the same so does it just set up a stateful
>>>>>> translation?
>>>>>>
>>>>>> This really started with one of my customers today whereby they were
>>>>>> significantly congesting their broadband link (yes working on that) but
>>>>>> their existing telco service was working fine (getting dropouts but the
>>>>>> voice was fine, albeit delayed). I added another service from another
>>>>>> Telco (before I realised it was congested) and they were having lots of
>>>>>> upstream voice quality problems.
>>>>>>
>>>>>> Is there anything that could cause one service to be matched in the
>>>>>> traffic shaper and another not?
>>>>>>
>>>>>> Regards
>>>>>> Michael Knill
>>>>
>>>>
>>>> ------------------------------------------------------------------------------
>>>> Learn the latest--Visual Studio 2012, SharePoint 2013, SQL 2012, more!
>>>> Discover the easy way to master current and previous Microsoft technologies
>>>> and advance your career. Get an incredible 1,500+ hours of step-by-step
>>>> tutorial videos with LearnDevNow. Subscribe today and save!
>>>> http://pubads.g.doubleclick.net/gampad/clk?id=58040911&iu=/4140/ostg.clktrk
>>>> _______________________________________________
>>>> Astlinux-users mailing list
>>>> [email protected]
>>>> https://lists.sourceforge.net/lists/listinfo/astlinux-users
>>>>
>>>> Donations to support AstLinux are graciously accepted via PayPal to
>>>> [email protected].
>>>
>>>
>>> ------------------------------------------------------------------------------
>>> Learn the latest--Visual Studio 2012, SharePoint 2013, SQL 2012, more!
>>> Discover the easy way to master current and previous Microsoft technologies
>>> and advance your career. Get an incredible 1,500+ hours of step-by-step
>>> tutorial videos with LearnDevNow. Subscribe today and save!
>>> http://pubads.g.doubleclick.net/gampad/clk?id=58041391&iu=/4140/ostg.clktrk
>>> _______________________________________________
>>> Astlinux-users mailing list
>>> [email protected]
>>> https://lists.sourceforge.net/lists/listinfo/astlinux-users
>>>
>>> Donations to support AstLinux are graciously accepted via PayPal to
>>> [email protected].
>>>
>>>
>>
>>
>> ------------------------------------------------------------------------------
>> Learn the latest--Visual Studio 2012, SharePoint 2013, SQL 2012, more!
>> Discover the easy way to master current and previous Microsoft technologies
>> and advance your career. Get an incredible 1,500+ hours of step-by-step
>> tutorial videos with LearnDevNow. Subscribe today and save!
>> http://pubads.g.doubleclick.net/gampad/clk?id=58041391&iu=/4140/ostg.clktrk
>> _______________________________________________
>> Astlinux-users mailing list
>> [email protected]
>> https://lists.sourceforge.net/lists/listinfo/astlinux-users
>>
>> Donations to support AstLinux are graciously accepted via PayPal to
>> [email protected].
>
>
> ------------------------------------------------------------------------------
> Learn the latest--Visual Studio 2012, SharePoint 2013, SQL 2012, more!
> Discover the easy way to master current and previous Microsoft technologies
> and advance your career. Get an incredible 1,500+ hours of step-by-step
> tutorial videos with LearnDevNow. Subscribe today and save!
> http://pubads.g.doubleclick.net/gampad/clk?id=58041391&iu=/4140/ostg.clktrk
> _______________________________________________
> Astlinux-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/astlinux-users
>
> Donations to support AstLinux are graciously accepted via PayPal to
> [email protected].
>
>
------------------------------------------------------------------------------
Learn the latest--Visual Studio 2012, SharePoint 2013, SQL 2012, more!
Discover the easy way to master current and previous Microsoft technologies
and advance your career. Get an incredible 1,500+ hours of step-by-step
tutorial videos with LearnDevNow. Subscribe today and save!
http://pubads.g.doubleclick.net/gampad/clk?id=58041391&iu=/4140/ostg.clktrk
_______________________________________________
Astlinux-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/astlinux-users
Donations to support AstLinux are graciously accepted via PayPal to
[email protected].
------------------------------------------------------------------------------
Learn the latest--Visual Studio 2012, SharePoint 2013, SQL 2012, more!
Discover the easy way to master current and previous Microsoft technologies
and advance your career. Get an incredible 1,500+ hours of step-by-step
tutorial videos with LearnDevNow. Subscribe today and save!
http://pubads.g.doubleclick.net/gampad/clk?id=58041391&iu=/4140/ostg.clktrk
_______________________________________________
Astlinux-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/astlinux-users
Donations to support AstLinux are graciously accepted via PayPal to
[email protected].
