Configuration Example, IP Telephony
QoS matching for VoIP
Voice over IP is, as you know for sure, very time-sensitive traffic. That is why VoIP signaling and payload traffic should receive enough bandwidth and as less jitter and delay as possible.
QoS is an important tool to assign VoIP traffic more preference over “normal” traffic. Important for QoS tools to function correctly is placing different kinds of traffic in different queues. To place traffic in different queues, traffic should be classified. All VoIP traffic should be classified and placed in the same queue or given the same priority. I usually use the following ACL’s to match VoIP signaling and payload traffic.
VOIP SIGNALING
ip access-list extended VOIP-SIGNALING
permit tcp any any eq 1720
permit tcp any any range 11000 11999
permit udp any any eq 2427
permit tcp any any eq 2428
permit tcp any any range 2000 2002
permit udp any any eq 1719
permit udp any any eq 5060
VOIP PAYLOAD
ip access-list extended VOIP-PAYLOAD
permit udp any any range 16384 32767
The following table gives some basic explanations for the different permit statements:
Protocol | Matching criteria |
H.323 / H.225 | TCP/1720 |
H.323 / H.245 | TCP/11xxx |
Media Gateway Control Protocol (MGCP) | UDP/2427 and TCP/2428 |
Skinny Client Control Protocol (SCCP) | TCP/2000-2002 |
Simple Gateway Control Protocol (SGCP) | TCP/2000-2002 |
H.323 / H.225 RAS | TCP/1719 |
Session Initiation Protocol | UDP/5060 |
Real-Time Transport Protocol (RTP) | UDP/16384-32767, even ports only |
Real-Time Control Protocol (RTCP) | UDP/16384-32767, odd ports only |
René Jorissen
Latest posts by René Jorissen (see all)
- MacOS Big Sur and SSLKEYFILELOG - November 23, 2021
- ClearPass, Azure AD, SSO and Object ID - August 12, 2021
- ClearPass – custom MPSK - July 20, 2021