Followup On My QoS / Traffic Shaping Question

Following up on the question I asked last week (Nov 9) about QoS/traffic shaping, specifically comparing a vlan vs IP range based strategy. My issue stems from the fact that I’ve added a number of new voip devices to my lan over recent months. Some of them run through one of the now three(!) Asterisk servers I presently have running, while others connect to external hosts directly.

Previously it was easy to dedicate highest priority to traffic to/from the one Asterisk server, since all voip traffic passed through it. But that presents problems when there are other phones need equal access to bandwidth, and those devices use several different external hosted PBX services. Of course, I’m on a humble 1.5M / 786k ADSL connection.

With some guidance from the m0n0wall users list I am trying a simple traffic shaping arrangement based upon IP address ranges. This required that I come to know a bit more about CIDR notation for specifying subnets.

Within the routers traffic shaping mechanism there are a number of pipes fed by queues. Each pipe has as weighted traffic priority. There are separate paths for inbound vs outbound traffic. Traffic can can be directed into a specific queue or even to a pipe directly. Which queue or pipe it goes into determines its priority traversing the router. By going directly into a pipe, bypassing the associated queue, you can also minimize latency for specific types of traffic.

The traffic shaper allows a subnet, as specified using CIDR notation, to be passed through a specific high/medium/low priority path. By assigning my voip devices ( to IP addresses conveniently separate from non-voip devices ( I give priority to traffic from a specific range of devices.

For the CIDR challenged (like me) : = all addresses to = all addresses to

I am in the habit of letting all my devices DHCP and using MAC based IP assignments in the DHCP service, so changing the IP addresses of the voip devices was really easy and took only a few minutes to implement. It took less than five minutes to make all the changes in the router and it seems to be working perfectly for now.

If there are any problems I’ll try the vlan method.