Cisco 857, immagini e qos

[Shark_y]

Ho acquistato un 857 e ora mi trovo a dover configurare il qos per i servizi voip, ho installato asteriisk.
Leggendo fra le features ritengo che sia interessante e sufficiente la Weighted Fair Queueing (WFQ) per quello che mi riguarda.
Ora scoprro che l'IOS presente nel mio router (12.3(8)YI2) non ha questa feature, ma solo le immagini più recenti l'hanno presente.
Come cavolo faccio a procurarmi un c850-advsecurityk9-mz.12.4-2.T4.bin visto che cisco richiede mille formalità per concedere un cavolo di account e il venditore presso cui ho acquistato è su web?

[andrewp]

Non mi sembra così vecchio il tuo IOS...dai questo comando:

Router# show queue "interfaccia"

e posta il risultato, il WFQ dovrebbe essere abilitato di default.

[Shark_y]

Router# show queue "interfaccia"

show queue Vlan 1
mi dice:
'Show queue' not supported with FIFO queueing.
premetto che ho configurato usando l' sdm e qui di seguito la mia configurazione, non ho anccora configurato nulla per il sip.

Codice: Seleziona tutto

This is the running config of the router: 192.168.1.1
----------------------------------------------------------------------------
!version 12.3

no service pad

service tcp-keepalives-in

service tcp-keepalives-out

service timestamps debug datetime msec localtime show-timezone

service timestamps log datetime msec localtime show-timezone

service password-encryption

service sequence-numbers

!

hostname firewall

!

boot-start-marker

boot-end-marker

!

logging buffered 51200 debugging

logging console critical

enable secret 5 xxxxxxxxxx

!

username user privilege 15 secret 5 xxxxxxxxxxxxx

clock timezone Berlin 1

clock summer-time Berlin date Mar 30 2003 2:00 Oct 26 2003 3:00

aaa new-model

!

!

aaa authentication login local_authen local

aaa authorization exec local_author local 

aaa session-id common

ip subnet-zero

no ip source-route

ip dhcp excluded-address 192.168.1.1 192.168.1.9

ip dhcp excluded-address 192.168.1.100 192.168.1.254

!

ip dhcp pool sdm-pool1

   import all

   network 192.168.1.0 255.255.255.0

   dns-server 192.168.1.2 168.95.1.1 

   default-router 192.168.1.1 

!

!

ip cef

ip inspect name DEFAULT100 cuseeme

ip inspect name DEFAULT100 ftp

ip inspect name DEFAULT100 h323

ip inspect name DEFAULT100 icmp

ip inspect name DEFAULT100 rcmd

ip inspect name DEFAULT100 realaudio

ip inspect name DEFAULT100 rtsp

ip inspect name DEFAULT100 esmtp

ip inspect name DEFAULT100 sqlnet

ip inspect name DEFAULT100 streamworks

ip inspect name DEFAULT100 tftp

ip inspect name DEFAULT100 tcp

ip inspect name DEFAULT100 udp

ip inspect name DEFAULT100 vdolive

ip tcp synwait-time 10

no ip bootp server

ip domain name miodominio.it

ip name-server 168.95.1.1

ip name-server 151.99.125.2

ip name-server 151.99.125.3

ip name-server 212.216.172.72

ip ssh time-out 60

ip ssh authentication-retries 2

no ftp-server write-enable

!

!

!

! 

!

!

!

interface Null0

 no ip unreachables

!

interface ATM0

 no ip address

 no ip redirects

 no ip unreachables

 no ip proxy-arp

 ip route-cache flow

 no atm ilmi-keepalive

 dsl operating-mode auto 

!

interface ATM0.1 point-to-point

 description $ES_WAN$$FW_OUTSIDE$

 ip address xx.xx.xx.xx 255.255.255.0

 ip access-group 101 in

 ip verify unicast reverse-path

 no ip redirects

 no ip unreachables

 no ip proxy-arp

 ip inspect DEFAULT100 out

 ip nat outside

 ip virtual-reassembly

 pvc 8/35 

  encapsulation aal5snap

 !

!

interface FastEthernet0

 no ip address

 no cdp enable

!

interface FastEthernet1

 no ip address

 no cdp enable

!

interface FastEthernet2

 no ip address

 no cdp enable

!

interface FastEthernet3

 no ip address

 no cdp enable

!

interface Vlan1

 description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$ES_LAN$$FW_INSIDE$

 ip address 192.168.1.1 255.255.255.0

 ip access-group 100 in

 no ip redirects

 no ip unreachables

 no ip proxy-arp

 ip nat inside

 ip virtual-reassembly

 ip route-cache flow

 ip tcp adjust-mss 1452

!

ip classless

ip route 0.0.0.0 0.0.0.0 ATM0.1

!

ip http server

ip http access-class 2

ip http authentication local

ip http secure-server

ip http timeout-policy idle 60 life 86400 requests 10000

ip nat inside source list 1 interface ATM0.1 overload

ip nat inside source static tcp 192.168.1.2 22 interface ATM0.1 3969

ip nat inside source static tcp 192.168.1.2 143 interface ATM0.1 143

ip nat inside source static tcp 192.168.1.2 110 interface ATM0.1 110

ip nat inside source static tcp 192.168.1.2 25 interface ATM0.1 25

ip nat inside source static tcp 192.168.1.2 80 interface ATM0.1 80

!

logging trap debugging

access-list 1 remark INSIDE_IF=Vlan1

access-list 1 remark SDM_ACL Category=2

access-list 1 permit 192.168.1.0 0.0.0.255

access-list 2 remark HTTP Access-class list

access-list 2 remark SDM_ACL Category=1

access-list 2 permit 192.168.1.0 0.0.0.255

access-list 2 deny   any

access-list 100 remark auto generated by Cisco SDM Express firewall configuration

access-list 100 remark SDM_ACL Category=1

access-list 100 permit udp host 192.168.1.2 eq domain any

access-list 100 deny   ip 82.88.54.0 0.0.0.255 any

access-list 100 deny   ip host 255.255.255.255 any

access-list 100 deny   ip 127.0.0.0 0.255.255.255 any

access-list 100 permit ip any any

access-list 101 remark auto generated by Cisco SDM Express firewall configuration

access-list 101 remark SDM_ACL Category=1

access-list 101 remark Auto generated by SDM for NTP (123) time.euro.apple.com

access-list 101 permit udp host 17.72.133.45 eq ntp host xx.xx.xx.xx eq ntp

access-list 101 permit udp host 212.216.172.72 eq domain any

access-list 101 permit udp host 151.99.125.3 eq domain any

access-list 101 permit udp host 151.99.125.2 eq domain any

access-list 101 permit udp host 168.95.1.1 eq domain any

access-list 101 permit udp host 168.95.1.1 eq domain host xx.xx.xx.xx

access-list 101 permit udp host 192.168.1.2 eq domain host xx.xx.xx.xx

access-list 101 permit tcp any host xx.xx.xx.xx eq 143

access-list 101 permit tcp any host xx.xx.xx.xx eq pop3

access-list 101 permit tcp any host xx.xx.xx.xx eq 3969

access-list 101 permit tcp any host xx.xx.xx.xx eq smtp

access-list 101 permit tcp any host xx.xx.xx.xx eq www

access-list 101 deny   ip 192.168.1.0 0.0.0.255 any

access-list 101 permit icmp any host xx.xx.xx.xx echo-reply

access-list 101 permit icmp any host xx.xx.xx.xx time-exceeded

access-list 101 permit icmp any host xx.xx.xx.xx unreachable

access-list 101 deny   ip 10.0.0.0 0.255.255.255 any

access-list 101 deny   ip 172.16.0.0 0.15.255.255 any

access-list 101 deny   ip 192.168.0.0 0.0.255.255 any

access-list 101 deny   ip 127.0.0.0 0.255.255.255 any

access-list 101 deny   ip host 255.255.255.255 any

access-list 101 deny   ip host 0.0.0.0 any

access-list 101 deny   ip any any

access-list 102 remark VTY Access-class list

access-list 102 remark SDM_ACL Category=1

access-list 102 permit ip 192.168.1.0 0.0.0.255 any

access-list 102 deny   ip any any

no cdp run

!

control-plane

!

banner login ^CAuthorized access only!

 Disconnect IMMEDIATELY if you are not an authorized user!^C

!

line con 0

 login authentication local_authen

 no modem enable

 transport preferred all

 transport output telnet

line aux 0

 login authentication local_authen

 transport preferred all

 transport output telnet

line vty 0 4

 access-class 102 in

 authorization exec local_author

 login authentication local_authen

 transport preferred all

 transport input telnet ssh

 transport output all

!

scheduler max-task-time 5000

scheduler allocate 4000 1000

scheduler interval 500

ntp clock-period 17175149

ntp server 17.72.133.45 prefer

end

[andrewp]

Mmm, strano, comunque questo documento può sicuramente servirti:

http://www.cisco.com/univercd/cc/td/doc ... 1/dwfq.htm