Dear Wizards -
I have this GRE/IPSec tunnel between a Cisco1720 running 12.2(11)T10 and a
linux router, just to see what kind of things I can do or not with it. And now
trying to prioritize RTP voice packets over others that go through the tunnel..
the linux box has a POT line card installed and is running Asterisk, and
there's an IP phone (Snom220) on the Cisco side, so the voice packets are
ESP'ed and then dispatched to the remote ends.
So far I've come to conclude that on Cisco, the ingress tunnel interface would
need to be set to "qos pre-classify", but the command is not available on this
model, so issuing a service-policy on egress Di1 interface won't be of any
use..
Q1. Is it correct?
Also on the linux side, I'm not having much luck so far... what I did was to
mark relevant packets in OUTPUT chain on mangle table, defined qdiscs and
classes on egress ppp0, and applied tc filters with the corresponding fwmarks.
But it seems like tc is not able to recognize the fwmark that was set on
iptables before the packets are encrypted..
Q2. Am I assuming correct? and if i am, is there any other way I can follow..
something like an linux equivalent of "qos pre-classify" so that I can try TOS
target instead of MARK target on mangle table?
Please forgive me I have had no prior knowledge on QoS, if you could share your
knowledge I'd truly appreciate it. -tami
_______________________________________________
firewall-wizards mailing list
firewall-wizards@listserv.icsalabs.com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
|