My new router is an old Cisco 1841 from EBay, which arrived complete with two WIC-1ADSL cards. I decided to use an external router rather than the firewall's internal ADSL modem so that I could have a small network segment between the router and the firewall, where I can use an old 10 megabit hub for network monitoring. I can also plug into that hub if I need a completely unfiltered Internet connection for debugging or penetration testing.
The Cisco WIC-1ADSL cards are dirt cheap on EBay but they seem to cope OK with ADSL 2 ("up to 8 megabits", BT 20CN). They won't get full speed from ADSL 2+ ("up to 24 megabits", BT 21CN) if that ever arrives here: for that you'd need a HWIC-1 ADSL-M card, which is almost £400 by itself. But for now I'm getting about 3 megabits sync speed with the WIC-1ADSL card, which is good for my dodgy phone line.
IPV6 worked straight away on the Cisco once a few relevant commands were added to the IOS configuration. Sadly the same could not be said for Monowall, which only routed IPV6 intermittently, and only then with much packet loss. After banging my head against the wall for some hours, I disabled the Traffic Shaper on Monowall, and lo and behold, IPV6 routing started working perfectly.
The Cisco 1841 offers some flexible QoS options as you'd expect. The following configuration lines appear to be sufficient to prioritize outbound VOIP traffic at busy times:-
class-map match-any voiceThis may get more complicated if I rent a second phone line to use the second ADSL card.
match access-group 105
access-list 105 remark VoIP traffic of all sorts
access-list 105 permit udp any any
policy-map dsl-qos
class voice
priority 250
remark Let VOIP take max. 250 kbit/sec upstream
class class-default
fair-queue
interface Dialer0
bandwidth 550
remark 550 kbits/sec = upstream bandwidth
tx-ring-limit 3
tx-queue-limit 3
service-policy output dsl-qos
If you're looking for a Cisco ADSL router to experiment with IPV6, you don't need to use an 1841 rack-mount router: you could use an 877 desktop router. You might also consider a 2811 if you're feeling rich and you want to run several ADSL lines very quickly. You should budget for increasing the RAM and Flash memory (EBay bits will do for a home network) and for taking out a SmartNet contract so that you can download the latest IOS. For SmartNet contracts, a good place seems to be http://www.ithsc.co.uk. Annoyingly it can take a few days for a SmartNet contract to start working.
Very few UK ISPs currently support native IPV6 over ADSL, so if you don't want to tunnel IPV6 over IPV4, you might need to switch ISPs. I strongly recommend Andrews & Arnold for ADSL services that are fully compatible with IPV6.
To me it seems your access-list for matching on UDP is too generic... BitTorrent also runs over UDP which then kills your VOIP setup.
ReplyDeleteNBAR does not detect all voice codecs used in the RTP stream correctly so I used an ACL as well. What works for me is to set the phones to use a range of RTP ports (eg. 5100 - 5120) and then set an access list matching on that. As I also NAT on the Dialer I need to use the external IP in the ACL, not the internal as it seems the QOS is applied after NAT on the interface.
Also, In 12.4(15)T I would apply the QOS map on the ATM subinterface instead of the Dialer, but later IOSsen don't accept that anymore.
Thanks for pointing that out, Rutger.
ReplyDeleteMy VOIP box has its own static IP (I hate NAT), so presumably I just need the ACL to match on the VOIP box IP as the source address:-
access-list 105 permit udp x.x.x.x any