Community discussions

MikroTik App
 
wmeibers
just joined
Topic Author
Posts: 2
Joined: Fri Jan 05, 2018 12:38 pm

VoIP internal and external

Thu Nov 15, 2018 10:03 am

Hello,
I´m new to this Forum and have a question. On our main site we have 2 dsl lines. One of this must be used for sip trunk. It is a low bandwidth dsl line, so VoIP should be the only traffic passing this line. The second line is high bandwidth an should handle all other traffic. We have an internal pbx with isdn and voip phones. First thing i did try is to make voip traffic from the pbx to the externel sip provider pass the voip dsl line. Here my shortened config:
/interface bridge
add fast-forward=no name=loopback
/interface ethernet
set [ find default-name=ether1 ] name=e01-PBX
set [ find default-name=ether2 ] name=e02-DSL-VOIP
set [ find default-name=ether3 ] name=e03-DSL-INTERNET

/interface pppoe-client
add add-default-route=yes disabled=no interface=e03-DSL-INTERNET keepalive-timeout=disabled name=pppoe-internet password=xxxxxxxx user=aaaa
add disabled=no interface=e02-DSL-VOIP keepalive-timeout=disabled name=pppoe-voip password=xxxxxxxx user=bbbb

/routing ospf area
add area-id=0.0.168.10 name=area168
/routing ospf instance
set [ find default=yes ] distribute-default=if-installed-as-type-1 redistribute-connected= as-type-1 router-id=10.255.255.168
/ip address
add address=10.168.80.1/21 interface=e01-PBX network=10.168.80.0
add address=10.255.255.168 interface=loopback network=10.255.255.168
/ip firewall address-list
add address=10.168.86.240-241 list=COM6000VOIPS

/ip firewall mangle
add action=mark-routing chain=prerouting dst-address=!10.0.0.0/8 new-routing-mark=VOIP2INTERNET passthrough=yes src-address-list=COM6000VOIPS

/ip firewall nat
add action=masquerade chain=srcnat out-interface=pppoe-voip routing-mark=VOIP2INTERNET
add action=masquerade chain=srcnat out-interface=pppoe-internet

/ip firewall service-port
set sip disabled=yes
/ip route
add distance=250 gateway=pppoe-voip routing-mark=VOIP2INTERNET scope=255
/routing ospf area range
add area=area168 range=10.168.0.0/16
/routing ospf interface
add cost=1 interface=e01-PBX network-type=broadcast
/routing ospf network
add area=area168 network=10.168.0.0/16
add area=backbone network=10.254.254.0/24
The pbx has 2 ip addresses. One for management and sip initialization and on for rtp traffic. So I´m using the address-list COM6000VOIPS.
Then I use mangle rules (mark-routing, chain prerouting) to mark pakets from COM6000VOIPS to adresses that are not in network 10.0.0.0/8 (all our sites are within this address range) as VOIP2INTERNET.
Because of private addresses i set up nat action masquerade for both dsl lines but for the voip line with routing-mark = VOIP2INTERNET.
Finaly I set up a static route with a high distance to route all VOIP2INTERNET marked pakets through the dsl voip line.

I did it that way because of the only source from which pakets should the dsl voip line is the internal pbx. Is this the correct way for doing this? Is the mangle rule with mark-routing and chain prerouting ok or should i better take other?

Asking here, because I can do it only in offline. Our PBX is in use and I can´t do tests until the date where our ISDN-Lines will be cut and sip-trunk goes active.

For the internal configuration and qos for sip/rtp i found this: https://mum.mikrotik.com/presentations/ ... 512668.pdf
There I did a few adjustments, eg our PBX uses port 5060 over udp and not tcp, ... Now my question. I do this on the routers outside the main site which are connected over the internet, mpls or wlan links. There i know the connection bandwidth and can adjust them. But what to do at the main site? the pbx is on a gigabit link. and all internal links (subnets) are also gigabit. Is that fast enough or should i implement the rules on that router also? And what is with packets from the other sites? They have DSCP (TOS) already set to 46. Should i do additional rules on the incomming lines for that pakets to be bypassed to the pbx?

Hope understanding what i mean ...

Regards Wolfgang
 
User avatar
pcunite
Forum Guru
Forum Guru
Posts: 1345
Joined: Sat May 25, 2013 5:13 am
Location: USA

Re: VoIP internal and external

Thu Nov 15, 2018 7:28 pm

There is a little bit to learn and understand about this. Read the post in my signature to help you on your way.
 
wmeibers
just joined
Topic Author
Posts: 2
Joined: Fri Jan 05, 2018 12:38 pm

Re: VoIP internal and external

Mon Nov 19, 2018 10:30 am

I read that post before. But all examples are running on one Router with one WAN. What I want is that on one of the 2 WAN interfaces is ONLY for the VoIP traffic. All other traffic should go out to the second WAN interface. So I don´t need rules for other traffic on WAN-2. When 'normal' Internet goes down there should be no failover to the VoIP WAN. The VoIP WAN also should not failover to WAN-1 because it is not supported by our telephony provider.

My second question relates to mangle rules, routing and so on. Example: VoIP Telephone ------ Subnet(s) ------ Router Site B ------ Tunnel through internet ------ Router Site A ------ Subnet(s) ----- PBX
In this example I understand to implent the rules on the Site B Router so VoIP traffic will have priority. But what about Site A and the incoming interface from Site B. Should I do the same Rules there? Isn´t that doubled? I think that it should be enough to do priorization only on the upload queues because on the other end it is allready in right order or am I wrong? All phones will only talk to our PBX and not to any PBX in the internet.
And on Site A there are more than 1 Subnets. All Subnets having Gigabit links. PBX has 100 MBit link and is connected to one of these Subnet. So my Question(s) on this is, i have IP Telephones connected to the different subnets. Should i do mangle rules on that router too or isn´t it necessary to do that because line speed is high enough. And when implementing rules is it enough to do that on the interface to the PBX (from router to pbx)?

Who is online

Users browsing this forum: aoravent, netmas, ofatieiev, stevencameron16 and 87 guests