[adsl-qos] VoIP through VPN

[Sean Atkinson]

Hi,

I'm trying to add quality of service to voice-over-IP packets through
our virtual private network.

We have an OpenVPN server with several remote clients tunnelling through
it, and amongst other things it helps makes NAT, routing and encryption
of VoIP packets easier, although it introduces extra latency with the
additional hop.  It runs on a gateway machine with local ADSL (ppp0),
LAN (eth0), and a VPN interface per client (e.g. tun0).

Following the README, I'm using the following configuration:

iptables -t mangle -I POSTROUTING -o ppp0 -j MYSHAPER-OUT
iptables -t mangle -A MYSHAPER-OUT -j MARK -p udp --sport 5001
--set-mark 20
iptables -t mangle -A MYSHAPER-OUT -j MARK -p udp --dport 5001
--set-mark 20
iptables -t mangle -A MYSHAPER-OUT -j MARK -p udp --sport 5005
--set-mark 20
iptables -t mangle -A MYSHAPER-OUT -j MARK -p udp --dport 5005
--set-mark 20
iptables -t mangle -A MYSHAPER-OUT -j MARK -m mark --mark 0 --set-mark
26

I'm using ppp0 instead of eth0 since the media channel is between 2
remote VPN peers, so the LAN shouldn't be involved.  OpenVPN is
configured to use UDP port 5001 for one peer, and 5005 for another.  I
use similar rules for eth0 on both VPN peers.

This all appears to be accepted, and the daemons start fine.  However I
notice that the peer PID in /proc/net/ip_queue is always a few below the
live PID.  Also the queue length is always 0, even during active
traffic.

I've tested voice data with Gnomemeeting between VPN peers, listening to
the output and watching the real-time TX/RX graphs while saturating the
link with "yes" output through SSH.  Unfortunately I can't notice any
difference in performance with or without the queue - in both cases the
sound breaks and packet plots jump all over the place.

Am I missing something with how I should use this, or is there some
better way of doing this?

Thanks,

Sean.

-- 
Sean Atkinson <sean at netproject.com>
Netproject