Description
This article describes how to configure QoS for voice to prioritize voice traffic.
Scope
FortiGate.
Solution
Refer to the sample example and make sure to configure this during a maintenance window as the network is impacted during point7.
1) Create an LLDP profile.
# config switch-controller lldp-profile
edit "phone-site-1"
set med-tlvs inventory-management network-policy
set 802.1-tlvs port-vlan-id
set 802.3-tlvs power-negotiation
set auto-isl disable
# config med-network-policy
edit "voice"
set status enable
set vlan-intf "vlan2" <----- Voice VLAN.
set assign-vlan enable
set priority 5 <----- CoS 5 for voice traffic.
set dscp 46 <----- DSCP 46 for voice traffic.
next
edit "voice-signaling"
set status enable
set vlan-intf "vlan2" <----- Voice VLAN.
set assign-vlan enable
set priority 5 <----- CoS 5 for voice traffic.
set dscp 46 <----- DSCP 46 for voice traffic.
next
end
# sh switch-controller lldp-profile phone-site-1
2) Configure layer-3 QoS DSCP:
# config switch-controller qos ip-dscp-map
edit "voice-dscp"
# config map
edit "1" <----- Mapping voice traffic with DSCP 46 to queue-5.
set cos-queue 5
set value 46
next
end
end
# show switch-controller qos ip-dscp-map
3) Configure layer-2 QOS 802.1p.
# config switch-controller qos dot1p-map
edit "voice-dot1p"
set priority-5 queue-5 <----- Mapping voice traffic with CoS 5 to queue-5.
next
end
# show switch-controller qos dot1p-map
4) Configure the egress QoS policy.
# config switch-controller qos queue-policy
edit "q5-strict"
set schedule strict
set rate-by percent
# config cos-queue
edit "queue-5" <----- Make voice queue-5 as strict priority queue with limit bandwidth.
set min-rate-percent 1
set max-rate-percent 10
next
end
# show switch-controller qos queue-policy
5) Configure the overall policy that will be applied to the switchports.
# config switch-controller qos qos-policy
edit "strict-voice"
set trust-dot1p-map "voice-dot1p"
set trust-ip-dscp-map "voice-dscp"
set queue-policy "q5-strict"
next
end
# show switch-controller qos qos-policy
6) Specify policy definitions that define the behavior on automatically configured interfaces.
# config switch-controller auto-config policy
edit "voice-icl"
set qos-policy "strict-voice"
set poe-status disable
set igmp-flood-report enable
set igmp-flood-traffic enable
next
edit "voice-trunk"
set qos-policy "strict-voice"
set poe-status disable
next
end
# show switch-controller auto-config policy
7) Apply QoS config on auto FortiLink trunks.
# config switch-controller auto-config default <-- Apply voice QoS on auto fortilink trunks.
set fgt-policy "voice-trunk"
set isl-policy "voice-trunk"
set icl-policy "voice-icl"
end
# show switch-controller auto-config default
8) Apply LLDP profile and QoS policy to host ports connected to the phone, and make sure voice VLAN is mapped under allowed VLAN, it is expected for phones to get an IP address from the tagged VLAN with LLDP profile mapped to the port.
From GUI, select multiple ports and do a bulk update.
- Go to Fortiswitch Ports, there are 2 columns 'LLDP profile' and 'QoS Policy'.
If the columns are not visible, select the column tab and then add the 2 columns ‘LLDPprofile’ and ‘QoS’.
Related links:
Fortinet Documentation.
Page#80 LLDP-MED: https://fortinetweb.s3.amazonaws.com/docs.fortinet.com/v2/attachments/2f7d95c8-7367-11ea-9384-005056...
Page#139 Configure QOS for managed switch: https://fortinetweb.s3.amazonaws.com/docs.fortinet.com/v2/attachments/2f7d95c8-7367-11ea-9384-005056...
