A sample QoS config for VOIP service on a Cisco router

The config below is a sample for configuring QoS on a Cisco router. The below config is good for 10 simultaneous calls on G.711 codec. This QoS setting is geared towards SHDSL/EoC/Fibre services with guaranteed bandwidth.

!
class-map match-any VoIP
match protocol h323
match protocol rtcp
match protocol rtp
match protocol sip
!
policy-map VOIPQoS
class VoIP
priority 2000
set dscp ef
class class-default
fair-queue
!
interface GigabitEthernet0/0
service-policy output VOIPQoS
!

Setting up NTP, Timezone and DST setting on a Cisco rotuer

Simply use the following example to setup the router to get date time from a NTP server and show the current time according to the timezone and DST settings.

The below example configures a NTP server, then sets the time zone for GMT+10 and sets the DST time frames.

Router(config)#ntp server x.x.x.x
Router(config)#clock timezone AEST 10 0
Router(config)#clock summer-time AEDT recurring 1 Sun Oct 2:00 1 Sun Apr 3:00

Disabling inter-VLAN routing using ACLs

While working on a customer’s router config he requested the following to be done.

  • 3 LAN subnets
  • IP’s must assigned by DHCP.
  • All 3 subnets must have access to internet.
  • Devices on each LAN should not be able to communicate with each other.

As the customer had a Cisco 881 the easiest way this could be achieved is with VLANs.  Here’s how I did it.

inter-vlan

!
ip dhcp pool LAN
network 192.168.1.0 255.255.255.0
dns-server 220.233.0.3 58.96.1.28 8.8.8.8
default-router 192.168.1.1
!
ip dhcp pool LAN2
network 192.168.2.0 255.255.255.0
dns-server 220.233.0.3 58.96.1.28 8.8.8.8
default-router 192.168.2.1
!
ip dhcp pool LAN3
network 192.168.3.0 255.255.255.0
dns-server 220.233.0.3 58.96.1.28 8.8.8.8
default-router 192.168.3.1
!
interface FastEthernet0
no ip address
!
interface FastEthernet1
switchport access vlan 2
no ip address
!
interface FastEthernet2
switchport access vlan 3
no ip address
!
interface FastEthernet3
no ip address
shutdown
!
interface FastEthernet4
ip address 58.96.0.0 255.255.255.254
ip nat outside
ip virtual-reassembly in
rate-limit output 9800000 1250000 2500000 conform-action transmit exceed-action drop
duplex full
speed 100
!
interface Vlan1
ip address 192.168.1.1 255.255.255.0
ip access-group 101 in
ip nat inside
ip virtual-reassembly in
!
interface Vlan2
description LAN2
ip address 192.168.2.1 255.255.255.0
ip access-group 102 in
ip nat inside
ip virtual-reassembly in
!
interface Vlan3
description LAN3
ip address 192.168.3.1 255.255.255.0
ip access-group 103 in
ip nat inside
ip virtual-reassembly in
!
ip nat inside source list 1 interface FastEthernet4 overload
!
access-list 1 permit 192.168.0.0 0.0.3.255
access-list 1 permit any
access-list 101 deny ip 192.168.1.0 0.0.0.255 192.168.2.0 0.0.0.255
access-list 101 deny ip 192.168.1.0 0.0.0.255 192.168.3.0 0.0.0.255
access-list 101 permit ip any any
access-list 102 deny ip 192.168.2.0 0.0.0.255 192.168.1.0 0.0.0.255
access-list 102 deny ip 192.168.2.0 0.0.0.255 192.168.3.0 0.0.0.255
access-list 102 permit ip any any
access-list 103 deny ip 192.168.3.0 0.0.0.255 192.168.1.0 0.0.0.255
access-list 103 deny ip 192.168.3.0 0.0.0.255 192.168.2.0 0.0.0.255
access-list 103 permit ip any any
!