[TriLUG] More Asterisk Qs.. QoS

[Brian Henning]

Ok, Jon...

Jon Carnes wrote:

<el snippo>

> Perhaps I'm being ambiguous here. I think its your Pix firewall.

Finally managed to get our VPN/VoIP server outside our PIX (actually, 
just set the VPN/VoIP server to the additional task of gateway and threw 
away the PIX) and quality has increased dramatically.  Round-trip ping 
times now float around 80ms, with occasional spikes to around 250ms, and 
rare worst-case spikes upwards of 450ms.

<snipperoo>

> I've shuttled VoIP traffic across an IPSec VPN using OpenBSD endpoints.
> It worked fine. I think it would work better with a hardware based
> solution - but the added latency due to the VPN was minimal. The CPU's
> seemed to keep up with the traffic stream just fine. 
> 
> Latency spikes across the connection were magnified by the use of the
> VPN but it was barely noticeable. I think as long as your VPN endpoints
> can handle the streaming load without buffering then your VoIP should
> work fine. If there is any significant buffering though the tunnel won't
> work for Voice.

Looks like nominal VPN latency isn't going to be a problem.  However, 
the spikes do cause momentary blips of course, in the gap between the 
low-lat packet and the following high-lat packet.  The VPN does have to 
occasionally handle traffic bursts, typically in the form of small print 
jobs sent to a thermal UPS label printer in California (and extremely 
rare RDP sessions to the computer hosting said printer).

So, the question is, how do I measure if the tunnel is having to buffer 
much?  Also, how much do you, in your professional opinion, believe we 
would benefit in terms of VoIP performance (with only one remote user, 
generally) by ditching our business-class ADSL (1.5m/384k, I think) for 
a microwave-link T1, assuming we dedicate all 24 channels to data?

Cheers,
~Brian