I recommend DSCP defaults of "ef" for Audio, and "cs3" for signaling.
-----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Tony Graziano Sent: Friday, May 18, 2012 8:24 AM To: Discussion list for users of sipXecs software Subject: Re: [sipx-users] 4.5.2 firewall settings notes OK. They are being prioritized though. I'm late to the discussion. On Fri, May 18, 2012 at 8:18 AM, Michael Picher <[email protected]> wrote: > They don't need to be prioritized at the same priority as RTP. You don't > want the SIP messages to fill up the low latency queue. They belong in > 'queue 3'. > > Mike > > On Fri, May 18, 2012 at 7:46 AM, Tony Graziano > <[email protected]> wrote: >> >> What is the thought process behind not prioritizing signalling ports? >> >> On Fri, May 18, 2012 at 7:38 AM, Michael Picher <[email protected]> wrote: >> > http://track.sipfoundry.org/browse/XX-10157 >> > >> > I think this is important also, although RTP is the most important to >> > prioritize. >> > >> > Thanks, >> > Mike >> > >> > >> > On Fri, May 18, 2012 at 7:32 AM, Douglas Hubler <[email protected]> >> > wrote: >> >> >> >> CCing user's list >> >> >> >> On Fri, May 18, 2012 at 6:57 AM, Michael Picher <[email protected]> >> >> wrote: >> >> > Some notes on 4.5.2 firewall settings... >> >> > >> >> > For server groups - can you set up subnets in there? if so, this >> >> > should >> >> > be >> >> > labeled 'networks'. i.e., it should be able to accept for instance, >> >> > 192.168.20.5, 172.16.1.0/24, 10.0.0.0/8 >> >> >> >> yes, although it's not mentioned on page nor are the field validators >> >> in place. can you create a bug for 4.6? >> >> >> >> > What does 'Prioritize' mean? For QoS an admin would typically setup >> >> > DSCP or >> >> > CoS values. This should be configurable in Settings section. Also, >> >> > typically you'd want to prioritize SIP signaling traffic different >> >> > from >> >> > RTP >> >> > (voice) traffic. So, maybe something like what you did for Server >> >> > Group >> >> > so >> >> > that the admin could configure different values for different types >> >> > of >> >> > traffic. >> >> >> >> yes, fairly limited, it just adds this to iptables mangle table >> >> >> >> -j DSCP --set-dscp-class EF >> >> >> >> by default, i only prioritize RTP. >> >> >> >> > Also, there should probably be a way to add custom services... >> >> >> >> ...or at least a way to custom the final iptables config file. It >> >> might be simple "include this iptable fragment" in final config. Tony >> >> and others have already requested this is important. >> >> >> >> >> >> > Maybe I'm asking too much for a first pass... >> >> >> >> as long as we prioritize accordingly, we can do what we can. >> >> Considering firewall was only added to 4.6 so we protect mongo, any >> >> bonus features probably wouldn't make it in 4.6 >> > >> > >> > >> > >> > -- >> > Michael Picher, Director of Technical Services >> > eZuce, Inc. >> > >> > 300 Brickstone Square >> > >> > Suite 201 >> > >> > Andover, MA. 01810 >> > >> > O.978-296-1005 X2015 >> > M.207-956-0262 >> > @mpicher <http://twitter.com/mpicher> >> > www.ezuce.com >> > >> > >> > ------------------------------------------------------------------------------------------------------------ >> > There are 10 kinds of people in the world, those who understand binary >> > and >> > those who don't. >> > >> > >> > _______________________________________________ >> > sipx-users mailing list >> > [email protected] >> > List Archive: http://list.sipfoundry.org/archive/sipx-users/ >> >> >> >> -- >> ~~~~~~~~~~~~~~~~~~ >> Tony Graziano, Manager >> Telephone: 434.984.8430 >> sip: [email protected] >> Fax: 434.465.6833 >> ~~~~~~~~~~~~~~~~~~ >> Linked-In Profile: >> http://www.linkedin.com/pub/tony-graziano/14/4a6/7a4 >> Ask about our Internet Fax services! >> ~~~~~~~~~~~~~~~~~~ >> >> -- >> LAN/Telephony/Security and Control Systems Helpdesk: >> Telephone: 434.984.8426 >> sip: [email protected] >> >> Helpdesk Customers: http://myhelp.myitdepartment.net >> Blog: http://blog.myitdepartment.net >> >> _______________________________________________ >> sipx-users mailing list >> [email protected] >> List Archive: http://list.sipfoundry.org/archive/sipx-users/ > > > > > -- > Michael Picher, Director of Technical Services > eZuce, Inc. > > 300 Brickstone Square > > Suite 201 > > Andover, MA. 01810 > > O.978-296-1005 X2015 > M.207-956-0262 > @mpicher <http://twitter.com/mpicher> > www.ezuce.com > > ------------------------------------------------------------------------------------------------------------ > There are 10 kinds of people in the world, those who understand binary and > those who don't. > > > _______________________________________________ > sipx-users mailing list > [email protected] > List Archive: http://list.sipfoundry.org/archive/sipx-users/ -- ~~~~~~~~~~~~~~~~~~ Tony Graziano, Manager Telephone: 434.984.8430 sip: [email protected] Fax: 434.465.6833 ~~~~~~~~~~~~~~~~~~ Linked-In Profile: http://www.linkedin.com/pub/tony-graziano/14/4a6/7a4 Ask about our Internet Fax services! ~~~~~~~~~~~~~~~~~~ -- LAN/Telephony/Security and Control Systems Helpdesk: Telephone: 434.984.8426 sip: [email protected] Helpdesk Customers: http://myhelp.myitdepartment.net Blog: http://blog.myitdepartment.net _______________________________________________ sipx-users mailing list [email protected] List Archive: http://list.sipfoundry.org/archive/sipx-users/ "The information in this electronic mail message is the sender's confidential business and may be legally privileged. It is intended solely for the addressee(s). Access to this internet electronic mail message by anyone else is unauthorized. If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it is prohibited and may be unlawful." "The sender believes that this E-mail and any attachments were free of any virus, worm, Trojan horse, and/or malicious code when sent. This message and its attachments could have been infected during transmission. By reading the message and opening any attachments, the recipient accepts full responsibility for taking protective and remedial action about viruses and other defects. The sender's employer is not liable for any loss or damage arising in any way from this message or its attachments." "In connection with representing sellers and/or buyers in real estate transactions, Coldwell Banker Residential Brokerage real estate sales associates have absolutely no authority to create binding contractual obligations on behalf of a seller or on behalf of a buyer via any written or verbal communications including, but not limited to email communications." [v1.0.07.109] _______________________________________________ sipx-users mailing list [email protected] List Archive: http://list.sipfoundry.org/archive/sipx-users/
