Re: [OSL | CCIE_Voice] 6500 SERVER ACL

Tue, 24 Mar 2009 08:44:21 -0700 

following statement should also be added for H245 traffic:

set qos acl ip POD15_SERVER dscp 24 tcp any any ran 11000 65535

--- On Sun, 3/22/09, Christian Hennrich <christian.hennr...@intact-is.com> 
wrote:

From: Christian Hennrich <christian.hennr...@intact-is.com>
Subject: Re: [OSL | CCIE_Voice] 6500 SERVER ACL
To: "Chris Parker" <cpar...@cparker.us>
Cc: "OSL Group" <ccie_voice@onlinestudylist.com>
Date: Sunday, March 22, 2009, 2:13 AM

Hi Chris,

I would mark the RTP also with the ACL:

set qos acl ip POD15_SERVER dscp 46 udp any range 16384 32767 any
set qos acl ip POD15_SERVER dscp 46 udp any any range 16384 32767

I think, you will not see a question, where you should mark and trust at the 
same time. And as far as I have tested,  does marking only work, when I had set 
the ports to untrusted.

HTH

Chris Parker schrieb:
> Here is my basic 6500 ACL for marking signaling to CS3:
> 
> set qos acl ip POD15_SERVER dscp 24 tcp    any eq 2000 any
> set qos acl ip POD15_SERVER dscp 24 udp    any eq 2427 any
> set qos acl ip POD15_SERVER dscp 24 tcp    any eq 2428 any
> set qos acl ip POD15_SERVER dscp 24 udp    any any eq 5060
> set qos acl ip POD15_SERVER dscp 24 tcp    any any eq 5060
> set qos acl ip POD15_SERVER dscp 24 udp    any ran 1718 1720 any
> set qos acl ip POD15_SERVER dscp 24 tcp    any ran 1718 1720 any
> set qos acl ip POD15_SERVER dscp 24 udp    any any ran 1718 1720
> set qos acl ip POD15_SERVER dscp 24 tcp    any any ran 1718 1720
> 
> Should I go ahead and  add ....
> 
> set qos acl ip POD15_SERVER trust-dscp ip any any
> 
> to the end of the ACL so that we trust the DSCP marking of any media (MOH, 
> announcements, MTP) that originates from the UCM / Unity servers?
> 
> Chris
> 
> ______________________________________________________________________
> This email has been scanned by the MessageLabs Email Security System.
> For more information please visit http://www.messagelabs.com/email 
> ______________________________________________________________________
> 
> ______________________________________________________________________
> This email has been scanned by the MessageLabs Email Security System.
> For more information please visit http://www.messagelabs.com/email 
> ______________________________________________________________________

Reply via email to