Force VoIP VLAN onto 1 Uplink while Load Balancing and other Voip QoS questions

CharlesIsWorkin
Building a reputation

Force VoIP VLAN onto 1 Uplink while Load Balancing and other Voip QoS questions

Hello folks,

I was looking for more understanding and methodology on an issue.I want to ensure that my Voip Vlan is using only one designated uplink.

I am currently using the "Preferred Uplink" section in the SD-WAN and Traffic Shaping area to designate the Vlan for the primary uplink and I put that Preference at the top of the list. Is this enough to guarantee it? Or will load balancing still want to take a crack at prioritizing? Is there another place in which I should adjust a setting?

 

I also have the default traffic shaping rules disabled and the vlan set to high priority in the Traffic Shaping section. I have a Group Policy for this Vlan as well with different Firewall Allowances. Should I use the Group Policy's traffic shaping section instead of the general traffic shaping section?

 

 

On the switch settings page, I already have the vlan designated to change dscp tags to 46 > Class 3. Is there a better tag to use or is this correct?

 

I recently ran into an issue where I had a couple phones that were connected, but wouldn't pass sound once a call was picked up. A solution proposed by Net2Phone support was to check load balancing was happening on the phones and they were trying to use different uplinks.

 

 

10 REPLIES 10
PhilipDAth
Kind of a big deal
Kind of a big deal

You should use a flow preference to specify the uplink you would like to use for the VoIP traffic.

https://documentation.meraki.com/MX/Firewall_and_Traffic_Shaping/MX_Load_Balancing_and_Flow_Preferen... 

 

Typically VoIP kit sets the DSCP values.  You shouldn't be needing to overwrite anything.  If this is the case, you should be able to use the default traffic shaping rules.

 

Note that most ISPs ignore any DSCP values that you set.

@PhilipDAth 

Ah ok, so do you mean the phone itself uses DSCP? We have polycom's here that don't seem to have them set from what I can see in the Web GUI.

The provisioning links are provided by Net2Phone to a cfg file and the phones just accept whatever settings are in there.

 

And yeah, I guess the dscp is more internal and for the MX84 to respect  the traffic more than for the ISP's to care.

Not sure on your location.

But a funny one that popped up here in Australia.

ISP was actually dropping the RTP media packets that were marked up with DSCP EF on certain links.

So we actually needed to change link type, or scrub the DSCP values.

@TimHughSmith 

Ooo, I'll have to check into that. Thanks! What do you mean "change link type"? Is that something you can do in the dashboard?

So change link type was actually on the ISP side.

 

We have a National Broadband Network (NBN) here.

It runs their own voice on it as well.

I guess they only want to prioritise their own voice traffic.

And instead of remarking other traffic down - they actually dropped it.

 

So my comments weren't about your DSCP markings getting stripped

It was more about how the ISP treats different DSCP markings.

 

I'm not sure in the US whether any of the carriers do this.

But just thought it was worth checking.

Ok cool, thanks for the info, just the same. I appreciate it. 🙂

Well, 

I went ahead and disabled Load Balancing to see if there will be any other issues. I have the guest ssid using the backup connection.

Default traffic shaping rules applied.

the voice vlan has a rule of ef46 and high priority.

 

I got this interesting response from Net2phone support.

The phones don't require any special protocols for them to work with our platform, so I don't think IGMP can cause an issue. 

As for the Meraki firewall, there is no need to make any changes. Please keep in mind that our firewall guide serves to ensure the best possible experience where the phones are receiving/sending sip signaling (registration) and rtp signaling (audio). In this case, the phones are operating just fine and is receiving RTP.

The main issue here is that when you have DUAL WAN scenario and your primary IP is back online while your network is utilizing the failover IP, the phones would continue to register on the failover IP while RTP traffic is signaling on the primary IP.

I would recommend contacting Cisco to see if there's a way to set up the Meraki so that it can auto reboot the moment your primary IP is back online so that all the devices can reboot as well. In other words, if failover IP is in use and primary IP is offline - devices should connect using failover IP. Otherwise, if primary IP comes up online and the phones connected to the Meraki are using failover IP auto reboot firewall so that all phones can receive this change.


 

@TimHughSmith 

Hi Tim,

I got this response from my main ISP, I didn't ask the secondary as I don't want to use their uplink.

 

Thank you for contacting US Signal.

We are not stripping any DSCP tags and the VoIP prioritization you configured on your Meraki would not be visible to US Signal. All traffic from the Meraki will be treated the same. Please let us know if you have any questions.

 

>Ah ok, so do you mean the phone itself uses DSCP?

 

Yes, that is how it is usually done.

@PhilipDAth 

I just received word from Net2Phone that they do not use DSCP tags, but thanks for the tip.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels