Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 2 replies
  • Answers 1 answer
  • Subscribers 27 subscribers
  • Views 4816 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

QOS and VPN

ClerpremSpa

I've got the following situation:

 

PBX (H.323 gatekeeper) -> LAN A <-> LAN B <- PBX (H.323 Gatekeeper)

 

The two LAN's are linked by an IPSEC trunk. 

If I had to configure QOS for the PBX-to-PBX voip traffic, what should I do? If Incoming rtp traffic from PBX A to PBX B is correctly prioritized and bandwidth guaranteed, after IPSEC encapsulation, is it still assigned the same priority and bandwidth? If the external router, that links the XG to the Internet, is configured to prioritize traffic marked as DSCP EF, will it find IPSEC packets marked with QOS info?

 

Thank you



This thread was automatically locked due to age.
Parents
  • 0

    Hi ClerpremSpa,

    It's an interesting question, So basically the QOS policy would be applicable for Module for bandwidth throttling and priority management . The QOS would be applicable for Outbound traffic and cannot be controlled for inbound traffic . In QOS if your concern is for Prioritization of RTP traffic then this would applicable when you have choked bandwidth and would need to manage priority . Such Traffic would not be applicable to other Routers as they would have their own QOS , if applicable . As for VPN it would take higher bandwidth than normal as encapsulation would take place.

Reply
  • 0

    Hi ClerpremSpa,

    It's an interesting question, So basically the QOS policy would be applicable for Module for bandwidth throttling and priority management . The QOS would be applicable for Outbound traffic and cannot be controlled for inbound traffic . In QOS if your concern is for Prioritization of RTP traffic then this would applicable when you have choked bandwidth and would need to manage priority . Such Traffic would not be applicable to other Routers as they would have their own QOS , if applicable . As for VPN it would take higher bandwidth than normal as encapsulation would take place.

Children
  • 0 in reply to Aditya Patel

    Hello,

    my question is about dscp marking copy on ipsec encapsulated packets. It's not clear to me if, once the packet is encapsulated, the priority is preserved as per the inner rtp and if the tos value is copied into the ipsec udp header. This way, the perimeter router can respect priority assigned by the firewall to the outgoing traffic.