Great advice, will try that. Chris Mason www.anguillaguide.com
> -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of > Colin Anderson > Sent: Tuesday, April 19, 2005 2:30 PM > To: 'Asterisk Users Mailing List - Non-Commercial Discussion' > Subject: RE: [Asterisk-Users] VPN/Asterisk combo > > It doesn't seem to honor the QoS bit, but you can simulate it > with the traffic shaper. I set it up to give SIP / IAX the > highest priority and things like SMTP the lowest. So far, so > good - nobody's complained about drop outs or anything like > that. ALAW sounds so good it's spooky. > > Unless you have an insanely busy lan QoS isn't a *ton* of > help. We run Mitel VoIP as well and we have a very busy LAN > with 250 hosts all doing stuff. We went through a period > where we obsessed over QoS being supported yadayada and in > the end it was difficult to support because of mongrel > switches that didn't honor the bits, bitchy servers that > hated the QoS layer, etc so we turned it off. No effect. We > are processing about 2-3K calls a day + we do lots of CAD / > rendering / high bandwidth stuff, on a single subnet, no > VLAN'ing. Runs fine, Asterisk and MiNet, about 100 extensions > behind the firewall and 25 outside. > > QoS is always a moving target on the Internet because if any > of your upstream provider's routers don't honor the bit, then > the whole thing grinds to a halt and traffic is treated > equally. I gave up on QoS and focussed on traffic shaping at > the bottleneck i.e. our Internet connection. > > Monowall's GUI is slick and easy to use but it's sometimes > easy to shoot yourself in the foot. I let Monowall create the > rules to let traffic through automagically when you create > the NAT forwarding rule. For some reason, you can create the > same rule manually but it won't work. It's also blindingly > easy to set up a stupid rule that will let all sorts of bad > traffic through, so you have to be careful. > > One last catch: For whatever reason, hardware, software, nic, > dunno, but we always got better performance on our broadband > (like, an order of magnitude > better) by forcing the NIC to 10baseT full duplex, instead of > autodetect. > This was with Intel 82559 chipset NIC's, YMMV. Even still, i > wouldn't dare use anything other than Intel or 3Com NIC's in > a BSD box, though. > > hth > > -----Original Message----- > From: Chris Mason (Lists) [mailto:[EMAIL PROTECTED] > Sent: Tuesday, April 19, 2005 11:27 AM > To: 'Asterisk Users Mailing List - Non-Commercial Discussion' > Subject: RE: [Asterisk-Users] VPN/Asterisk combo > > > Can it enforce QOS on the traffic? > > Chris Mason > www.anguillaguide.com > > > > -----Original Message----- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED] On Behalf Of Colin > > Anderson > > Sent: Tuesday, April 19, 2005 10:58 AM > > To: 'Asterisk Users Mailing List - Non-Commercial Discussion' > > Subject: RE: [Asterisk-Users] VPN/Asterisk combo > > > > >Can anyone suggest a better way or give me some advice? > > > > Monowall: > > > > http://www.m0n0.ch/wall/features.php > > > > Totally rocks. 2-and-3 card DMZ's with routing between > them, traffic > > shaper, IPSec and PPTP VPN's that actually work, easy to > set up, good > > hardware support, boot from CD, configuration in an XML file from > > floppy. Add 3 NIC's, 1 for your broadband, 1 for your > internal LAN, & > > 1 for a DMZ lan and all you do is set up rules to pass IAX > or SIP and > > a couple of routes. I am using Monowall on a 10 mbit internet > > connection with an * server inside, and > > 25 SNOM's outside, sometimes my PRI is almost maxed with > outbound and > > inbound PSTN and Monowall just keeps on chugging. On a Compaq PII. > > With ALAW. (Yes, ALAW. If you have the bandwidth, why not?) > > > > Best part: Free. > > _______________________________________________ > > Asterisk-Users mailing list > > [email protected] > > http://lists.digium.com/mailman/listinfo/asterisk-users > > To UNSUBSCRIBE or update options visit: > > http://lists.digium.com/mailman/listinfo/asterisk-users > > > > > > _______________________________________________ > Asterisk-Users mailing list > [email protected] > http://lists.digium.com/mailman/listinfo/asterisk-users > To UNSUBSCRIBE or update options visit: > http://lists.digium.com/mailman/listinfo/asterisk-users > _______________________________________________ > Asterisk-Users mailing list > [email protected] > http://lists.digium.com/mailman/listinfo/asterisk-users > To UNSUBSCRIBE or update options visit: > http://lists.digium.com/mailman/listinfo/asterisk-users > > _______________________________________________ Asterisk-Users mailing list [email protected] http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
