Ok, now we come to part 2 in the Voice QoS, in the first part we concluded when (I hope) we understand that Voice and QoS need to go together in order to Achieve a good and working env that will allow us to use all our application wisely. Also I have mentioned the wonderful NBAR, let me tell you this is the nicest tool I used in a long time and I am not kidding, what is better then simply Entering under the interface you want to see what is going on ! Interface X ip nbar protocol-discovery ! and poof like magic all your traffic is colored not pain no hassle you can see a table like so: sh ip nbar protocol-discovery stats bit-rate top-n 10 FastEthernet0/0 Input Output Protocol 5 minute bit rate (bps) 5 minute bit rate (bps) ------------------------ ------------------------ ------------------------ http 15000 13000 ssh 2000 0 rtp 21000 20000 smtp 0 0 secure-http 0 0 rtspplayer 0 0 eigrp 1000 0 icmp 0 0 pop3 2000 1000 dns 0 0 unknown 1000 1000 Total 42000 35000 Tell me isn’t it nice, now I can see clearly all my traffic marked and I can do what ever I want with it. Today networks are hybrid use all in one voice data video and as such each network need to be carefully examine and based on examination preparing a base line configuration for QoS. I have set on one of my network a classification like so: class-map match-any VOIP match protocol rtp audio class-map match-any DATA match protocol http match protocol ftp match protocol tftp match protocol secure-http match protocol secure-ftp match protocol pop3 match protocol smtp match protocol secure-pop3 match protocol snmp class-map match-any P2P match protocol gnutella match protocol gopher match protocol novadigm match protocol kazaa2 match protocol fasttrack match protocol napster class-map match-any HTTP_ATTACK match protocol http url "*.ida*" match protocol http url "*cmd.exe*" match protocol http url "*root.exe*" match protocol http url "*readme.eml*" classifying the most used and unwanted traffic! policy-map OFFICE class VOIP priority 100 set dscp ef class P2P drop class DATA bandwidth percent 40 policy-map OFFICE_IN class HTTP_ATTACK drop implementing a policy like so based on ~3 simultaneous voice calls setting for them a DSCP tag ef and any P2P I simply dropping where to Data I give at lease 40% of bandwidth on the incoming direction traffic matching the HTTP_ATTACK class I drop it also giving me some security using NBAR. So Now I showed you how you can use it on your Cisco nicely with a real world sample but be advised what is good for my network is not always and most cases isn’t what is good for yours so I strongly advice you start getting familiar first with nbar and what it can give you, then prepare you own network Baseline and then implement you own policy. Good Luck