I'm trying to set a bandwidth priority for my Vonage VoIP customers. I'm currently just trying to setup my Mangle rules to flag the masqueraded traffic as VoIP traffic. I want to verify that I'm indeed flagging the Vonage VoIP traffic, before I go forward with the queue tree setup.

Currently, the customers are connected via PPPoE on my internal router. I'm doing the mangle and masquerade rules on my core router.

Vonage's web site states that the following ports are used for their traffic:

SIP ports 5060-5061 using UDP
NTP port 123 using UDP
TFTP port 69 using UDP
DNS port 53 using UDP
RTP ports 10,000-20,000 using UDP

I added the following mangle rules:

jan/31/2005 09:38:59 by RouterOS 2.8.22

/ ip firewall mangle
add src-address=172.16.20.0/24:5060-5061 protocol=udp action=passthrough mark-connection=vonage-con comment="Vonage
connection mark UDP ports 5060-5061-SIP" disabled=no
add src-address=172.16.20.0/24:123 protocol=udp action=passthrough mark-connection=vonage-con comment="Vonage connection
mark UDP ports 123-NTP" disabled=no
add src-address=172.16.20.0/24:69 protocol=udp action=passthrough mark-connection=vonage-con comment="Vonage connection
mark UDP ports 69-TFTP" disabled=no
add src-address=172.16.20.0/24:10000-20000 protocol=udp action=passthrough mark-connection=vonage-con comment="Vonage
connection mark UDP ports 69-RTP" disabled=no
add connection=vonage-con action=passthrough mark-flow=vonage-traf comment="Vonage flow mark" disabled=no

I seem to be getting a lot of non-VoIP traffic coming through the SIP and RTP mangle rules and I'm not getting any packets on the TFTP rule.

Could someone double check my mangle rules and see if they look correct?

Could someone explain what the seperate ports are used for in a Vonage/VoIP call? Do I need to make them all priority or do I need just to give priority to the RTP ports in order to accomplish my goal?

Again, my I'm trying to learn as much as possible on TCP/IP port usage, so I'm not totally familiar with other normal/potential applications that access any of these same ports called out on Vonage's web page.

Thank you

I’m no expert on this but I’ll try to help.

TFTP is Trivial File Transfer Protocol. I expect this is most likely used for firmware updates or configuration changes to the vonage IP phone/adaptor, so there is no need to prioritise this traffic. Same applies for DNS.

NTP is Network Time Protocol, not sure why vonage uses this, maybe to timestamp voice mail messages or something but maybe to assist the RTP stream which is time critical.

I beleive that the SIP ports are only used to set up the call.

So, I would first try to just prioritise the RTP ports and maybe the NTP traffic and see if you are still catching a lot of traffic. One possible problem I can see is that RTP is using a huge port range which is also used by many other protocols. Therefore, perhaps the whole approach of identifying the traffic by port is not the best.

Hope that helps.

GJS:

Thank you for answering. I’m doing good just to learn all that I need to know about MT OS and network buildout, then along comes VoIP. This particular customer really wants to get his Vonage phones working for his small business due to all the cost savings and the dislike he has for the phone company. Currently, he has 3 of 5 phones working. In the morning, 2 of 3 seems to work, but as the day progressess the frequency of drop calls increases and call quality deminishes to where they are lucky to keep 1 phone going. Funny thing is as soon as they start seeing these issues pop up, bandwidth tests yeild excellent throughput. Any suggestions?

Any recommendations on a better approach to granting Vonage traffic higher priority than other traffic for a specified amount of bandwidth (say 1/4 of total available)?

Thank you once again.