Thus spake "Charles Youse" <[EMAIL PROTECTED]> > In order to cut costs in our telecom budget I'm toying with the idea > of replacing a lot of our inter-office leased lines with VPN > connections over the public Internet. [...] > Assume for the moment that latency and bandwidth are not an issue; > e.g., any two points that will be exchanging voice data will both have > transit from the same provider with an aggressive SLA.
Latency, bandwidth, and packet loss are moot. Jitter is VoIP's enemy. > Does anyone have any experience running VoIP over such tunnels? > Is there a technical reason why this solution is not feasible? Are > Cisco routers not happy doing VoIP/IPsec/GRE in concert? IPsec itself will not cause you problems; there's no theoretical conflict. Unfortunately, IOS can introduce jitter when encrypting packets. To mitigate this, you can apply QOS, with a strict priotiy queue for the VoIP packets and the "qos pre-classify" feature. Your mileage will vary depending on the CPU power of the router, the traffic levels, and whether you're using hardware encryption. S Stephen Sprunk "God does not play dice." --Albert Einstein CCIE #3723 "God is an inveterate gambler, and He throws the K5SSS dice at every possible opportunity." --Stephen Hawking