Thursday, February 22, 2007

Ok, now we come to part 2 in the Voice QoS, in the first part we concluded when (I hope) we understand that Voice and QoS need to go together in order to Achieve a good and working env that will allow us to use all our application wisely. Also I have mentioned the wonderful NBAR, let me tell you this is the nicest tool I used in a long time and I am not kidding, what is better then simply Entering under the interface you want to see what is going on ! Interface X ip nbar protocol-discovery ! and poof like magic all your traffic is colored not pain no hassle you can see a table like so: sh ip nbar protocol-discovery stats bit-rate top-n 10 FastEthernet0/0 Input Output Protocol 5 minute bit rate (bps) 5 minute bit rate (bps) ------------------------ ------------------------ ------------------------ http 15000 13000 ssh 2000 0 rtp 21000 20000 smtp 0 0 secure-http 0 0 rtspplayer 0 0 eigrp 1000 0 icmp 0 0 pop3 2000 1000 dns 0 0 unknown 1000 1000 Total 42000 35000 Tell me isn’t it nice, now I can see clearly all my traffic marked and I can do what ever I want with it. Today networks are hybrid use all in one voice data video and as such each network need to be carefully examine and based on examination preparing a base line configuration for QoS. I have set on one of my network a classification like so: class-map match-any VOIP match protocol rtp audio class-map match-any DATA match protocol http match protocol ftp match protocol tftp match protocol secure-http match protocol secure-ftp match protocol pop3 match protocol smtp match protocol secure-pop3 match protocol snmp class-map match-any P2P match protocol gnutella match protocol gopher match protocol novadigm match protocol kazaa2 match protocol fasttrack match protocol napster class-map match-any HTTP_ATTACK match protocol http url "*.ida*" match protocol http url "*cmd.exe*" match protocol http url "*root.exe*" match protocol http url "*readme.eml*" classifying the most used and unwanted traffic! policy-map OFFICE class VOIP priority 100 set dscp ef class P2P drop class DATA bandwidth percent 40 policy-map OFFICE_IN class HTTP_ATTACK drop implementing a policy like so based on ~3 simultaneous voice calls setting for them a DSCP tag ef and any P2P I simply dropping where to Data I give at lease 40% of bandwidth on the incoming direction traffic matching the HTTP_ATTACK class I drop it also giving me some security using NBAR. So Now I showed you how you can use it on your Cisco nicely with a real world sample but be advised what is good for my network is not always and most cases isn’t what is good for yours so I strongly advice you start getting familiar first with nbar and what it can give you, then prepare you own network Baseline and then implement you own policy. Good Luck

No comments:

Risk Management - Quantitative risk assessment

The name kind of give away the type of assessment we talk about "Quantitative" according to google translate: relating to, meas...