Thanks Chris
Unfortunately this will not help me as the congestion management needs to be
done at the point of congestion which, without a router, is the EXT Astlinux
interface. If not done here then I would need to use a QoS capable router and
do PPPoE from there. Certainly not my preferred option.
Regards
Michael Knill
On 05/09/2013, at 11:35 AM, The Cadillac Kid <[email protected]> wrote:
> what about letting your Switch handle the traffic shaping? many switches
> these days are Light-Layer 3 and support such features as bandwidth limiting
> and what not.. and even allow you to prioritize based on VLAN.. so you can
> gauarantee certain VLANs a prescribed amount of bandwidth from a pool...
> -Christopher
>
>
> From: Lonnie Abelbeck <[email protected]>
> To: AstLinux Users Mailing List <[email protected]>
> Sent: Wednesday, September 4, 2013 7:01 PM
> Subject: Re: [Astlinux-users] Firewalls, traffic shaping, qos and RTP ports
>
> Michael,
>
> I have found traffic shaping to be somewhat of a black art. Making multiple
> outbound calls while doing an outbound speed-test (up and down) is a good way
> to test.
>
> I suspect your DSL link may behave differently than my cable modem connection.
>
> Lonnie
>
>
> On Sep 4, 2013, at 5:42 PM, Michael Knill wrote:
>
> > Ok after my testing hfsc does indeed work this way. Although not perfect,
> > it was more than acceptable during the rare periods of extreme congestion.
> > I noticed that the effective rate did not change when calls were introduced
> > (I tried 3). This makes me happy :)
> >
> > So this is how I think it works out:
> >
> > If you have a shared broadband service with plenty of upload headroom, you
> > should use htb and your shaping parameter should be (Upload speed + 25%) -
> > (100K (G711) * max number of channels) e.g. Upload speed 1000K with 4
> > channels required = 1000 + 250 - 400 = 850K.
> >
> > If you dont have much upload headroom and it will be a problem to shape it
> > right down, then just configure for hfsc at Upload Speed - 10%-20% to be
> > conservative.
> >
> > What do you think?
> >
> > Regards
> > Michael Knill
> >
> >
> >
> >
> > On 05/09/2013, at 7:46 AM, Lonnie Abelbeck <[email protected]>
> > wrote:
> >
> >> Michael,
> >>
> >> AstLinux's traffic shaper honors QoS values using DSCP matching. Of
> >> course you have to enable this in Asterisk sip.conf:
> >> --
> >> ; See https://wiki.asterisk.org/wiki/display/AST/IP+Quality+of+Service for
> >> a description of these parameters.
> >> tos_sip=cs3 ; Sets TOS for SIP packets.
> >> tos_audio=ef ; Sets TOS for RTP audio packets.
> >> tos_video=af41 ; Sets TOS for RTP video packets.
> >> tos_text=af41 ; Sets TOS for RTP text packets.
> >> --
> >>
> >> The traffic shaper honors "htb" and "hfsc" methods, the very old "htb"
> >> works as I described and is what I use on my 28/4 Mbps connection. The
> >> "hfsc" method is newer and works more like what you want by dynamically
> >> prioritizing, but in my tests (years ago) the dynamic slew was too slow
> >> for perfect voice in worst case conditions. Feel free to try "hfsc".
> >>
> >> Again, I suggest you disable downlink shaping.
> >>
> >> Keep in mind the traffic shaper is implemented in the Linux kernel and the
> >> 'tc' command. We can't make it any better than how it is implemented in
> >> Linux.
> >>
> >> As for "the VoIP UDP Ports range in the traffic shaper config" it does not
> >> matter much anymore if you enable QoS marking in Asterisk, mostly a legacy
> >> setting. A DSCP match is the best way to go when possible, and automatic.
> >>
> >> Lonnie
> >>
> >>
> >>
> >> On Sep 4, 2013, at 4:10 PM, Michael Knill wrote:
> >>
> >>> Ok well the traffic shaping does not work the way I thought then which is
> >>> a big problem as far as I am concerned. So Lonnie what you are saying is
> >>> that you essentially have to configure the traffic shaper to allow the
> >>> headroom for the maximum number of supported channels? This basically
> >>> takes the system back to the multiplexor days. The way that QoS and
> >>> traffic shaping should work is that the full shaped envelope has
> >>> prioritised traffic with it so that the full bandwidth can be used at all
> >>> times by all traffic types and bandwidth restrictions only apply during
> >>> congestion. This is how a Cisco router works and I thought this worked
> >>> the same way. This is really disappointing to find this out now as it was
> >>> a significant decider in me using Astlinux. I am going to need to use a
> >>> separate broadband connection for voice for most businesses as they will
> >>> not tolerate the significant reduction of upload speed or I will need to
> >>> use a true QoS capable router which would be really disappointing
> > .
> >>>
> >>>> From my perspective, the firewall, routing and QoS areas of Astlinux are
> >>>> the areas that I would like to have the most development as this is what
> >>>> differentiates Astlinux from nearly all other distributions, not the
> >>>> fact that it runs Asterisk.
> >>>
> >>> Getting back to the RTP ports, I still dont know what the VoIP UDP Ports
> >>> range does in the traffic shaper config. Can someone please tell me?
> >>> I have set 16384:16639 as recommended. Now after doing an RTP Debug from
> >>> making an outgoing external phone call, this is what I get:
> >>>
> >>> Sent RTP P2P packet to 203.2.134.1:21294 (type 08, len 000160)
> >>> Sent RTP P2P packet to 172.30.30.116:16458 (type 08, len 000160)
> >>> Sent RTP P2P packet to 203.2.134.1:21294 (type 08, len 000160)
> >>> Sent RTP P2P packet to 172.30.30.116:16458 (type 08, len 000160)
> >>> Sent RTP P2P packet to 203.2.134.1:21294 (type 08, len 000160)
> >>> Sent RTP P2P packet to 172.30.30.116:16458 (type 08, len 000160)
> >>>
> >>> Yes the port is correct for the internal IP Phone (172.30.30.116) but the
> >>> external provider port is negotiated by them (203.2.134.1). So what is
> >>> the point of putting 16384:16639 in the shaper and the firewall rules.
> >>> Its doesn't even see these ports as they are sent back to the internal
> >>> interface?
> >>>
> >>> I would really like to get this sorted as it significantly affects my
> >>> whole system architecture and at this stage, for sites that share a
> >>> single broadband connection, I will have to use a separate QoS capable
> >>> router.
> >>>
> >>> Regards
> >>> Michael Knill
> >>>
> >>>
> >>>
> >>>
> >>> On 05/09/2013, at 1:05 AM, Lonnie Abelbeck <[email protected]>
> >>> wrote:
> >>>
> >>>> Hi Michael,
> >>>>
> >>>> First, I would disable Downlink shaping, the latest version of AstLInux
> >>>> have a "Disabled" option, with your 1.0.4 version setting "Downlink
> >>>> Speed" to "0" should work IIRC, though official in AstLinux 1.1.0 .
> >>>>
> >>>> The "Uplink Speed" reserves about 25% for VoIP traffic, so a value of
> >>>> 1000 Kbps will limit low priority traffic to about 750 Kbps, leaving 250
> >>>> Kbps for VoIP if the real limit is 1000 Kbps. This would support 2 SIP
> >>>> calls using a ulaw codec.
> >>>>
> >>>> Keep lowering "Uplink Speed" to provide more headroom for VoIP calls.
> >>>>
> >>>> As far as the VoIP UDP port range, the range should match your Asterisk
> >>>> rtp.conf settings (reduce the default) and match a manual allowed UDP
> >>>> port range in your firewall (Pass EXT->Local). Do not enable the
> >>>> sip-voip plugin.
> >>>>
> >>>> In practice any *phone* that registers with your Asterisk should have
> >>>> the same VoIP UDP port range defined in their configs. A range (rtpend
> >>>> - rtpstart) of 256 ports should be fine, don't make it too large.
> >>>>
> >>>> Lonnie
> >>>>
> >>>>
> >>>> On Sep 4, 2013, at 7:22 AM, Michael Knill wrote:
> >>>>
> >>>>> I have been doing some more testing with iftop. My ADSL service is
> >>>>> clocking at 947K Up so I have set 900K as the upload speed.
> >>>>> iftop is showing a constant 800K or so peak ppp0 interface transfer
> >>>>> rate. I assume this is not 900 due to overheads etc. This rate does not
> >>>>> change much when a call is included into the traffic. Although the data
> >>>>> traffic reduces, there is considerable voice packet loss.
> >>>>> If I change the shape rate to 800, my ppp0 interface transfer rate
> >>>>> reduces to around 700K as expected. Now when I add a voice call, there
> >>>>> is no packet loss, however the interface traffic rate goes to about
> >>>>> 780K which indicates that it is not being included in the shaped
> >>>>> envelope. When I add a second call, I get packet loss again as it is
> >>>>> taken past the maximum upload rate.
> >>>>>
> >>>>> To me this indicates that the voice traffic is not being included in
> >>>>> traffic shaping or traffic shaping is not even working. I turned it off
> >>>>> and it really didn't make any difference.
> >>>>> The box is using version 1.0.4. Any ideas?
> >>>>>
> >>>>> Regards
> >>>>> Michael Knill
> >>>>>
> >>>>>
> >>>>>
> >>>>>
> >>>>> On 04/09/2013, at 5:34 PM, Michael Knill
> >>>>> <[email protected]> wrote:
> >>>>>
> >>>>>> To the group
> >>>>>>
> >>>>>> I am still very confused about what I should be setting the VoIP UDP
> >>>>>> port range to. I use different providers with different ranges. Do I
> >>>>>> just set it to 10000 - 65535?
> >>>>>> What does it actually do?
> >>>>>>
> >>>>>> In the Astlinux Firewall Addins doco it says for sip-voip:
> >>>>>>
> >>>>>> This plugin attempts to track the RTP ports used in a SIP dialog and
> >>>>>> automatically open the necessary RTP ports when needed.
> >>>>>> In practice this plugin does not always yield the expected results.
> >>>>>> Feel free to experiment.
> >>>>>> When this plugin is disabled (the default) the SIP RTP ports must be
> >>>>>> manually opened to match the Asterisk rtp.conf rtpstart/rtpend values.
> >>>>>>
> >>>>>> The rtpstart and rtpend values I have in rtp.conf are not what my
> >>>>>> provider(s) use. Should I change it to match? How come I have no sip
> >>>>>> firewall rules as mentioned above but it still works fine?
> >>>>>> How does the firewall know to open up the media ports? In all the
> >>>>>> tests I did, the port was the same so does it just set up a stateful
> >>>>>> translation?
> >>>>>>
> >>>>>> This really started with one of my customers today whereby they were
> >>>>>> significantly congesting their broadband link (yes working on that)
> >>>>>> but their existing telco service was working fine (getting dropouts
> >>>>>> but the voice was fine, albeit delayed). I added another service from
> >>>>>> another Telco (before I realised it was congested) and they were
> >>>>>> having lots of upstream voice quality problems.
> >>>>>>
> >>>>>> Is there anything that could cause one service to be matched in the
> >>>>>> traffic shaper and another not?
> >>>>>>
> >>>>>> Regards
> >>>>>> Michael Knill
> >>>>
> >>>>
> >>>> ------------------------------------------------------------------------------
> >>>> Learn the latest--Visual Studio 2012, SharePoint 2013, SQL 2012, more!
> >>>> Discover the easy way to master current and previous Microsoft
> >>>> technologies
> >>>> and advance your career. Get an incredible 1,500+ hours of step-by-step
> >>>> tutorial videos with LearnDevNow. Subscribe today and save!
> >>>> http://pubads.g.doubleclick.net/gampad/clk?id=58040911&iu=/4140/ostg.clktrk
> >>>> _______________________________________________
> >>>> Astlinux-users mailing list
> >>>> [email protected]
> >>>> https://lists.sourceforge.net/lists/listinfo/astlinux-users
> >>>>
> >>>> Donations to support AstLinux are graciously accepted via PayPal to
> >>>> [email protected].
> >>>
> >>>
> >>> ------------------------------------------------------------------------------
> >>> Learn the latest--Visual Studio 2012, SharePoint 2013, SQL 2012, more!
> >>> Discover the easy way to master current and previous Microsoft
> >>> technologies
> >>> and advance your career. Get an incredible 1,500+ hours of step-by-step
> >>> tutorial videos with LearnDevNow. Subscribe today and save!
> >>> http://pubads.g.doubleclick.net/gampad/clk?id=58041391&iu=/4140/ostg.clktrk
> >>> _______________________________________________
> >>> Astlinux-users mailing list
> >>> [email protected]
> >>> https://lists.sourceforge.net/lists/listinfo/astlinux-users
> >>>
> >>> Donations to support AstLinux are graciously accepted via PayPal to
> >>> [email protected].
> >>>
> >>>
> >>
> >>
> >> ------------------------------------------------------------------------------
> >> Learn the latest--Visual Studio 2012, SharePoint 2013, SQL 2012, more!
> >> Discover the easy way to master current and previous Microsoft technologies
> >> and advance your career. Get an incredible 1,500+ hours of step-by-step
> >> tutorial videos with LearnDevNow. Subscribe today and save!
> >> http://pubads.g.doubleclick.net/gampad/clk?id=58041391&iu=/4140/ostg.clktrk
> >> _______________________________________________
> >> Astlinux-users mailing list
> >> [email protected]
> >> https://lists.sourceforge.net/lists/listinfo/astlinux-users
> >>
> >> Donations to support AstLinux are graciously accepted via PayPal to
> >> [email protected].
> >
> >
> > ------------------------------------------------------------------------------
> > Learn the latest--Visual Studio 2012, SharePoint 2013, SQL 2012, more!
> > Discover the easy way to master current and previous Microsoft technologies
> > and advance your career. Get an incredible 1,500+ hours of step-by-step
> > tutorial videos with LearnDevNow. Subscribe today and save!
> > http://pubads.g.doubleclick.net/gampad/clk?id=58041391&iu=/4140/ostg.clktrk
> > _______________________________________________
> > Astlinux-users mailing list
> > [email protected]
> > https://lists.sourceforge.net/lists/listinfo/astlinux-users
> >
> > Donations to support AstLinux are graciously accepted via PayPal to
> > [email protected].
> >
> >
>
>
> ------------------------------------------------------------------------------
> Learn the latest--Visual Studio 2012, SharePoint 2013, SQL 2012, more!
> Discover the easy way to master current and previous Microsoft technologies
> and advance your career. Get an incredible 1,500+ hours of step-by-step
> tutorial videos with LearnDevNow. Subscribe today and save!
> http://pubads.g.doubleclick.net/gampad/clk?id=58041391&iu=/4140/ostg.clktrk
> _______________________________________________
> Astlinux-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/astlinux-users
>
> Donations to support AstLinux are graciously accepted via PayPal to
> [email protected].
>
>
> ------------------------------------------------------------------------------
> Learn the latest--Visual Studio 2012, SharePoint 2013, SQL 2012, more!
> Discover the easy way to master current and previous Microsoft technologies
> and advance your career. Get an incredible 1,500+ hours of step-by-step
> tutorial videos with LearnDevNow. Subscribe today and save!
> http://pubads.g.doubleclick.net/gampad/clk?id=58041391&iu=/4140/ostg.clktrk_______________________________________________
> Astlinux-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/astlinux-users
>
> Donations to support AstLinux are graciously accepted via PayPal to
> [email protected].
------------------------------------------------------------------------------
Learn the latest--Visual Studio 2012, SharePoint 2013, SQL 2012, more!
Discover the easy way to master current and previous Microsoft technologies
and advance your career. Get an incredible 1,500+ hours of step-by-step
tutorial videos with LearnDevNow. Subscribe today and save!
http://pubads.g.doubleclick.net/gampad/clk?id=58041391&iu=/4140/ostg.clktrk
_______________________________________________
Astlinux-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/astlinux-users
Donations to support AstLinux are graciously accepted via PayPal to
[email protected].
