[cisco-voip] DMVPN and QOS implementaion

Sat Sep 30 21:53:07 EDT 2006

Matthew,

I had a TAC case opened as I could not use g.729 for voice calls for
intersite calls over a site to site IPSEC tunnel,it would sound very
choppy,after changing this parametter ,I saw a considerable improvement and
now I am able to use g.729 for inter site calls.This is the service
parrameeter and this will affect all calls and need to same on both the
publisher and subscriber,If you r not seeing any Issues with g.729 over VPN
,I would not recommend changing it to true.

"Stirp G.729 Annex B (Silence Suppression) from Capabilities"

Manoj, You can use g.729 for conferencing if you use hardware conferrence
bridge ,Callmanager software conference bridge will only do g.711 conference
and if a g.729 participant wants to jump in then it would make use of a
transcorder if one is available.You can deploy dspfarm at each remote site
to be used for conferencing or transcoding.

Aman

On 9/30/06, Linsemier, Matthew <MLinsemier at apcapital.com> wrote:
>
>  What was your reason for changing the parameter in CallManager (and what
> is the exact name?)  I am interested improving my g.729 Call Quality.
>
>
>
> Matt
>
>
>  ------------------------------
>
> *From:* cisco-voip-bounces at puck.nether.net [mailto:
> cisco-voip-bounces at puck.nether.net] *On Behalf Of *Manoj Kalpage
> *Sent:* Saturday, September 30, 2006 12:18 PM
> *To:* Aman Chugh
> *Cc:* cisco-voip at puck.nether.net
> *Subject:* Re: [cisco-voip] DMVPN and QOS implementaion
>
>
>
> Aman,
>
> Thank you very much for your reply. This is very helpfull.
>
> G.729 parameter change is very interesting. I am using GT.711 just because
> for the conference feature. Does G.729 support for conference call at
> remote sites?
>
>
>
> Thanks,
>
> Manoj
>
>
>
>  ----- Original Message -----
>
> *From:* Aman Chugh <aman.chugh at gmail.com>
>
> *To:* Manoj Kalpage <manoj.kalpage at gmail.com>
>
> *Cc:* cisco-voip at puck.nether.net
>
> *Sent:* Saturday, September 30, 2006 1:46 AM
>
> *Subject:* Re: [cisco-voip] DMVPN and QOS implementaion
>
>
>
>  Manoj,
>
>
>
> Your Qos configuration looks ok,I had similar Issues V3PN setup ,some of
> the things you need to consider for this kind of setup is
>
>
>
> 1.Use hardware encryption for VPN as software encryption adds unneccassry
> delays
>
> 2.Check the Voice codec for your inter site calls and during  a bad
>  call press the ? key on the phone to check MAX jitter and RXLOST values.
>
> 3. Do sh policy-map interface to check for drops ,if so see drops change
> your priority queue bandwitdhs
>
> 3.There is a service parrametter in callmanager to remove G.729ab,G.729bfrom cabablities when calls are established,I had considerable improvement
> in voice quality after changing this parrametter to true as by default its
> false.I could not use g.729 for voice calls as voice sounded very choppy
> ,once i applied this change i am able to use g.729 for calls.
>
>
>
> Hope this helps
>
> Aman
>
>
>
> On 9/29/06, *Manoj Kalpage* <manoj.kalpage at gmail.com> wrote:
>
> Hi all,
> We have hosted PBX system which is located in data centre and we have
> dedicated 1MB internet connection. At present we only have four remote
> sites
> and all of them have high speed ADSL connection for both their data and
> Voice. Each sites has 4 to 5 phones. We used to use PIX 515 at Data centre
> and PIX 501 at remote sites. As we were experiencing voice quality issue
> we
> moved to Cisco 2821 at Data centre and 800 series at remote sites. I have
> configured DMVPN using GRE over IPSec for our VPN network. all the tunnels
> are up and seems to be working fine so far but I am just wondering whether
> I
> got right QoS configuration at HeadEnd Router. As, I am a newbie for QoS,
> I
> have referred various cisco documentations to configure bellow DMVPN and
> QoS
> for our head end router. Since we don't have data transaction at HeadEnd
> site I think I can use 75% of bandwidth for voice it self.  Can some one
> help me figure out QoS requirment for my network environment.
>
> Thank you in advanced,
>
> Best regards
> Manoj
>
> ---------------------------------------------------------------------------
>
> Building configuration...
>
> Current configuration : 5063 bytes
> !
> version 12.4
> service timestamps debug datetime msec
> service timestamps log datetime msec
> no service password-encryption
> !
> hostname PBXLGATE01
> !
> boot-start-marker
> boot-end-marker
> !
> logging buffered 51200 warnings
> !
> no aaa new-model
> !
> resource policy
> !
> ip cef
>
> !
> ip domain name yourdomain.com
> !
> !
> crypto pki trustpoint TP-self-signed-2723000426
> enrollment selfsigned
> subject-name cn=IOS-Self-Signed-Certificate-2723000426
> revocation-check none
> rsakeypair TP-self-signed-2723000426
> !
> !
> crypto pki certificate chain TP-self-signed-2723000426
> certificate self-signed 01
> 30820251 308201BA A0030201 02020101 300D0609 2A864886 F70D0101 04050030
> 31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
> quit
> username xxxx privilege 15 secret 5 @#@#@@@GlPb96SyZxV6Q0
> !
> !
> class-map match-all VOICE
> match ip dscp ef
> class-map match-all SCAVENGER
> match ip dscp cs1
> class-map match-any INTERNETWORK-CONTROL
> match ip dscp cs6
> match access-group name IKE
> class-map match-any CALL-SIGNALING
> match ip dscp cs3
> match ip dscp af31
> !
> !
> policy-map V3PN-EDGE
> class VOICE
> priority percent 55
> class CALL-SIGNALING
> bandwidth percent 5
> class INTERNETWORK-CONTROL
> bandwidth percent 5
> class SCAVENGER
> bandwidth percent 1
> queue-limit 1
> class class-default
> bandwidth percent 9
> queue-limit 16
> !
> !
> crypto isakmp policy 10
> hash md5
> authentication pre-share
> crypto isakmp key 6 G0G0G0G0 address 0.0.0.0 0.0.0.0
> !
> !
> crypto ipsec transform-set PBXL esp-3des esp-md5-hmac
> !
> crypto ipsec profile PBXL
> set security-association lifetime seconds 120
> set transform-set PBXL
> !
> !
> interface Tunnel0
> ip address 10.10.1.1 255.255.255.0
> no ip redirects
> ip mtu 1440
> ip nhrp authentication xxxxxxxx
> ip nhrp map multicast dynamic
> ip nhrp network-id 1
> ip tcp adjust-mss 1360
> qos pre-classify
> tunnel source FastEthernet0/0
> tunnel mode gre multipoint
> tunnel key 0
> tunnel protection ipsec profile PBXL
> !
>
> interface FastEthernet0/0
> description Connect to Verizon Network
> bandwidth 1000
> ip address 222.222.222.222 255.255.255.192
> ip nbar protocol-discovery
> ip nat outside
> ip virtual-reassembly
> duplex auto
> speed auto
> service-policy output V3PN-EDGE
> !
> interface FastEthernet0/1
> ip address 192.168.4.1 255.255.255.0
> ip nat inside
> ip virtual-reassembly
> duplex auto
> speed auto
> !
> router eigrp 90
> network 10.0.0.0
> network 172.16.0.0 0.0.0.255
> no auto-summary
> !
> ip route 0.0.0.0 0.0.0.0 222.222.222.222
> !
> !
> ip http server
> ip http authentication local
> ip http secure-server
> ip http timeout-policy idle 600 life 86400 requests 1000
> ip nat inside source list 1 interface FastEthernet0/0 overload
> !
> ip access-list extended IKE
> permit udp any eq isakmp any eq isakmp
> !
> access-list 1 permit 192.168.4.0 0.0.0.255
> !
> !
> control-plane
> !
> !
> line con 0
> login local
> line aux 0
> line vty 0 4
> access-class 23 in
> privilege level 15
> login local
> transport input ssh
> !
> scheduler allocate 20000 1000
> end
>
> PBXLGATE01#
>
>
>
> _______________________________________________
> cisco-voip mailing list
> cisco-voip at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-voip
>
>
>
>  ------------------------------
>
> CONFIDENTIALITY STATEMENT
> This communication and any attachments are CONFIDENTIAL and may be
> protected by one or more legal privileges. It is intended solely for the use
> of the addressee identified above. If you are not the intended recipient,
> any use, disclosure, copying or distribution of this communication is
> UNAUTHORIZED. Neither this information block, the typed name of the sender,
> nor anything else in this message is intended to constitute an electronic
> signature unless a specific statement to the contrary is included in this
> message. If you have received this communication in error, please
> immediately contact me and delete this communication from your computer.
> Thank you.
>
> ------------------------------
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://puck.nether.net/pipermail/cisco-voip/attachments/20061001/638e50cf/attachment-0001.html 