From: Guyler, Rik (rguyler@shp-dayton.org)
Date: Fri Mar 03 2006 - 10:45:22 GMT-3
Hey Tim, my name isn't Chris! Oh well, gonna chime in anyway... ;-)
I can only speak about the services in my area so your options may or may
not be similar.
I do like DSL over cable in most cases. I find the latency over our local
DSL networks to be lower and bandwidth much more predictable. Also, there
are synchronous offerings in my area, which would be ideal if available in
high enough bandwidth and reasonably priced. That said, there are some
decent cable options as well but they tend to cost a good deal more. We
have Time Warner cable here and they do offer a business class service that
actually uses a different network and supposedly doesn't share out the
bandwidth like the consumer class product does. We use these services for
something lke 25 remote sites connected via VPN. We don't run VOIP over
these but we do run critical apps, some of which are sensitive (telnet,
client access, etc.) and we don't have a "lot" of problems. In this case,
we don't have a synchronous option, even on our 7x2 service, which costs
close to $600/month.
There are possibly other things to consider as well, such as distance and
facilities issues. DSL can provide great service but that will be dependent
on proximity to the CO facility. Cable is much more flexible in this
regard. Building management can also play a role in the decision making
process. I can bring DSL into my building very easily but cable services
brought in will have a significant build fee associated with them.
Just for grins, I might also check out the price for T1 access into an ISP.
DSL/cable have beaten those prices down to rock bottom. There is an ISP in
town here that offers full T1 access to their network for $500/month
including the circuit charge, which is pretty darn reasonable.
Just food for thought.
Rik
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of Tim
Sent: Thursday, March 02, 2006 6:16 PM
To: 'Chris Lewis'
Cc: 'Venkatesh Palani'; ccielab@groupstudy.com
Subject: RE: voip over VPN
Hey Chris,
Thanks for chiming in on this issue. And, thanks for the great info.
Currently the company where this might be implemented is using very
expensive channelized T-1's where some channels are dedicated to data and
others are dedicated to voice.
Also, I'm considering whether it matters if a cable or DSL connection is
used. I haven't yet checked with the various service providers but I'm
fairly sure both services are available with the necessary bandwidth.
In terms of quality and reliability, assuming both would do the job, do you
have any opinions on which is better?
TIA,
Tim
_____
From: Chris Lewis [mailto:chrlewiscsco@gmail.com]
Sent: Thursday, March 02, 2006 4:54 PM
To: Tim
Cc: Venkatesh Palani; ccielab@groupstudy.com
Subject: Re: voip over VPN
Tim,
Over the years Cisco has done a lot of work validating hardware and software
configurations for this purpose. We have even certified which providers meet
the requirements necessary to make a site to site voice deployment over
IPsec work properly. This work has been done under the name of V3PN,
standing for voice video and data over IPsec VPN. A marketing description is
available at
http://www.cisco.com/en/US/products/ps6661/products_ios_protocol_option_home
.html
The 160 page SRND with configurations is available at
http://www.cisco.com/application/pdf/en/us/guest/netsol/ns241/c649/ccmigrati
on_09186a00801ea79c.pdf
Chris
On 3/2/06, Tim <ccie2be@nyc.rr.com> wrote:
Thanks guys for the feedback and recommendations. I thought it should work
but never tried it and didn't know for sure.
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Venkatesh Palani
Sent: Thursday, March 02, 2006 1:14 PM
To: Tim
Cc: ccielab@groupstudy.com
Subject: Re: voip over VPN
Hi Tim,
I have worked on one of those designs thatr run IP TEL over IPSEC, for qos
use pre classify I dont think using ISR are a bad choice. I used GRE and
IPSEC and it wasnt that bad. actuallhy I tried them between asia and US and
it was OK, most of the delay come with ur SP changing their peerig or
redirecting their traffic. any way running VOICE over internet using IPSEC
is a cheap solution but it is has numerous external dependencies.
Some of my personal recommandation
1. use a Signle SP for all your site so your traffic is kept within the same
network as for as possible. soem of the Asia SP peer in US which makes the
ASIA -ASIA traffic pretty hard
2.USE pre qulaify
3. try avoiding split tunneling as the internet downlaod could swamp your
voice
4. USe ISR routers
5. use Codec 723 where possible
6. use some sort of monitoring system to monitor delay and latency or/and
use IPSLA to fall back to gateway incase of huge latencies
...
HTH,
Venkatesh
On 3/3/06, Tim <ccie2be@nyc.rr.com> wrote:
>
> Hi guys,
>
>
>
> Does anyone have any experience with running voip over a site-to-site
> IPsec VPN?
>
>
>
> Assuming the voice traffic is prioritized as it ought to be and the
> connection to the wan cloud is big enough, does the VPN processing slow
> down
> the voip traffic to the point where people used to toll quality voice
> would
> consider it un-acceptable?
>
>
>
> I'd appreciate all your thoughts and comments.
>
>
>
> TIA, Tim
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Sat Apr 01 2006 - 10:07:37 GMT-3