I´m new to this Forum and have a question. On our main site we have 2 dsl lines. One of this must be used for sip trunk. It is a low bandwidth dsl line, so VoIP should be the only traffic passing this line. The second line is high bandwidth an should handle all other traffic. We have an internal pbx with isdn and voip phones. First thing i did try is to make voip traffic from the pbx to the externel sip provider pass the voip dsl line. Here my shortened config:
Code: Select all
/interface bridge
add fast-forward=no name=loopback
/interface ethernet
set [ find default-name=ether1 ] name=e01-PBX
set [ find default-name=ether2 ] name=e02-DSL-VOIP
set [ find default-name=ether3 ] name=e03-DSL-INTERNET
/interface pppoe-client
add add-default-route=yes disabled=no interface=e03-DSL-INTERNET keepalive-timeout=disabled name=pppoe-internet password=xxxxxxxx user=aaaa
add disabled=no interface=e02-DSL-VOIP keepalive-timeout=disabled name=pppoe-voip password=xxxxxxxx user=bbbb
/routing ospf area
add area-id=0.0.168.10 name=area168
/routing ospf instance
set [ find default=yes ] distribute-default=if-installed-as-type-1 redistribute-connected= as-type-1 router-id=10.255.255.168
/ip address
add address=10.168.80.1/21 interface=e01-PBX network=10.168.80.0
add address=10.255.255.168 interface=loopback network=10.255.255.168
/ip firewall address-list
add address=10.168.86.240-241 list=COM6000VOIPS
/ip firewall mangle
add action=mark-routing chain=prerouting dst-address=!10.0.0.0/8 new-routing-mark=VOIP2INTERNET passthrough=yes src-address-list=COM6000VOIPS
/ip firewall nat
add action=masquerade chain=srcnat out-interface=pppoe-voip routing-mark=VOIP2INTERNET
add action=masquerade chain=srcnat out-interface=pppoe-internet
/ip firewall service-port
set sip disabled=yes
/ip route
add distance=250 gateway=pppoe-voip routing-mark=VOIP2INTERNET scope=255
/routing ospf area range
add area=area168 range=10.168.0.0/16
/routing ospf interface
add cost=1 interface=e01-PBX network-type=broadcast
/routing ospf network
add area=area168 network=10.168.0.0/16
add area=backbone network=10.254.254.0/24
Then I use mangle rules (mark-routing, chain prerouting) to mark pakets from COM6000VOIPS to adresses that are not in network 10.0.0.0/8 (all our sites are within this address range) as VOIP2INTERNET.
Because of private addresses i set up nat action masquerade for both dsl lines but for the voip line with routing-mark = VOIP2INTERNET.
Finaly I set up a static route with a high distance to route all VOIP2INTERNET marked pakets through the dsl voip line.
I did it that way because of the only source from which pakets should the dsl voip line is the internal pbx. Is this the correct way for doing this? Is the mangle rule with mark-routing and chain prerouting ok or should i better take other?
Asking here, because I can do it only in offline. Our PBX is in use and I can´t do tests until the date where our ISDN-Lines will be cut and sip-trunk goes active.
For the internal configuration and qos for sip/rtp i found this: https://mum.mikrotik.com/presentations/ ... 512668.pdf
There I did a few adjustments, eg our PBX uses port 5060 over udp and not tcp, ... Now my question. I do this on the routers outside the main site which are connected over the internet, mpls or wlan links. There i know the connection bandwidth and can adjust them. But what to do at the main site? the pbx is on a gigabit link. and all internal links (subnets) are also gigabit. Is that fast enough or should i implement the rules on that router also? And what is with packets from the other sites? They have DSCP (TOS) already set to 46. Should i do additional rules on the incomming lines for that pakets to be bypassed to the pbx?
Hope understanding what i mean ...
Regards Wolfgang