OpenVPN+VoIP= ¿QOS?
-
Hello boys, I have a IP PBX behind my pfsense box (1.2.3), and I have some clients connecting to an RDP server at LAN thought an OpenVPN tunnel, that works great! ok.
Some days ago, I tried to put some IP phones behind OpenVPN clients (properly routed), one of them works great (with and ADSL), but the other 3 IP phoned (connected to internet with 3G modems), had a very poor sound quality, the call starts ok, then SIP is working great, but voice quality gets horrible.
I had no idea about the problem, some people told be about jitter, and its true that I often get more than 100ms of delay on that lines, but I have not idea about how to priorize VoIP traffic inside the Open VPN tunnel.
Any idea?
-
Does your OpenVPN tunnel use UDP or TCP?
If TCP switch to UDP. -
Wow, what a fast reply!
Im using UDP, from tunnel options do you think that disabling encryption will improve the performance?
I have a Dual Core with 2 Gb RAM running pfsense with 1-3%use of CPU and 20% of RAMMany thanks
-
I don't think that would get much improvement, with your CPU, by switching off encryption.
Did you configure the traffic shaper?
The problem with 1.2.3 is that you can only shape between 2 interfaces right now.
Meaning you could shape between your LAN and WAN, but then don't have the ability to shape into the tunnel.
What you can do, is prioritize the whole tunnel on the WAN.
But then if you have much traffic on the VPN you're back to the same problem.
You could solve this by having two OpenVPN links. One for the VOIP and one for data, and give the data link a low priority.I'm also not so sure if this will improve your situation very much.
You write that the phones with the problem are conceted via 3G modems.
At least here (in switzerland), if you connect via 3G you're routed over a pretty big network which adds latencies around 200~300 ms.
Not much that you can do about that… -
Thanks a lot for your reply, I have been doing some test, and test and…
You are right, 3G modems have big latency, we have between 200-300ms on all, even with great bandwidth, the latency is too much to have a clear voice call.But we have now some lines working on ADSL routers, some of them have latency (ICMP) between 100-200ms, in this enviroment I think that priorize whole tunnel will improve enough the comunication, beacuse the tunnel have only One RDP connection(With minimun resources for 56Kb lines) and the VoIP.
So, now how can I priorize the whole tunnels? I have Pfsense 1.2.3 and the wizzard does not give much features to configure it.
Many thanks