qos with tc - high latency voip

Question

I'm having following setup: local pbx doing calls for remote vpn clients. And have trouble with high latency a and quality of voip calls in remote office. Remote office is 10/10mbps link while local 6/6mpbs.

vpn client(remote) <-> router <-> pbx <-> provider

router is running debian 7.3 with following tc setup

#!/bin/bash

TC=/sbin/tc
IPTABLES=/sbin/iptables
DEV=eth0
UPLINK=6000
CEIL=$(($UPLINK*95/100))

CLASS_RT="10"
CLASS_VOIP="11"
CLASS_PROV="12"
CLASS_BULK="13" 

$TC qdisc del dev eth0 root
$TC qdisc add dev $DEV root handle 1: htb default $CLASS_BULK
$TC class add dev $DEV parent 1: classid 1:1 htb rate ${CEIL}kbit ceil ${CEIL}kbit
$TC class add dev $DEV parent 1:1 classid 1:$CLASS_RT   htb rate $((1*$CEIL/20))kbit  ceil $(($CEIL/10))kbit prio 0
$TC class add dev $DEV parent 1:1 classid 1:$CLASS_VOIP htb rate $((6*$CEIL/20))kbit ceil ${CEIL}kbit       prio 1
$TC class add dev $DEV parent 1:1 classid 1:$CLASS_PROV  htb rate $((2*$CEIL/20))kbit  ceil   ${CEIL}kbit       prio 1
$TC class add dev $DEV parent 1:1 classid 1:$CLASS_BULK htb rate $((12*$CEIL/20))kbit  ceil 5500kbit       prio 5

$TC qdisc add dev $DEV parent 1:$CLASS_VOIP handle 110: pfifo limit 10
$TC qdisc add dev $DEV parent 1:$CLASS_PROV handle 120: pfifo limit 10
$TC qdisc add dev $DEV parent 1:$CLASS_BULK handle 130: sfq perturb 10

$TC filter add dev $DEV parent 1: protocol ip prio 0 handle $CLASS_RT fw classid 1:$CLASS_RT
$TC filter add dev $DEV parent 1: protocol ip prio 1 handle $CLASS_VOIP fw classid 1:$CLASS_VOIP
$TC filter add dev $DEV parent 1: protocol ip prio 1 handle $CLASS_PROV fw classid 1:$CLASS_PROV
$TC filter add dev $DEV parent 1: protocol ip prio 3 handle $CLASS_BULK fw classid 1:$CLASS_BULK

$IPTABLES -A POSTROUTING -t mangle -p icmp -j MARK --set-mark $CLASS_VOIP
$IPTABLES -A POSTROUTING -t mangle -p tcp -m tcp --tcp-flags SYN,RST,ACK SYN -j MARK --set-mark $CLASS_RT
$IPTABLES -A POSTROUTING -t mangle -m tos --tos 0xb8 -j MARK --set-mark $CLASS_VOIP
$IPTABLES -A POSTROUTING -t mangle -d $local_ip_pbx -j MARK --set-mark $CLASS_VOIP
$IPTABLES -A POSTROUTING -t mangle -s $local_ip_pbx -j MARK --set-mark $CLASS_VOIP
$IPTABLES -A POSTROUTING -t mangle -d $public_ip_vpn -j MARK --set-mark $CLASS_VOIP
$IPTABLES -A POSTROUTING -t mangle -s $public_ip_vpn -j MARK --set-mark $CLASS_VOIP
$IPTABLES -A POSTROUTING -t mangle -d $public_ip_voip_provider -j MARK --set-mark $CLASS_PROV
$IPTABLES -A POSTROUTING -t mangle -s $public_ip_voip_provider -j MARK --set-mark $CLASS_PROV
$IPTABLES -A POSTROUTING -t mangle -d $private_vpn_voip_client -j MARK --set-mark $CLASS_VOIP
$IPTABLES -A POSTROUTING -t mangle -s $private_vpn_voip_client --set-mark $CLASS_VOIP

When local link is under a heavy load even with qos the ping latency rises from 16ms to 40ms with peaks of 200ms. Traffic from remote office link is only voip and link is fine.

Any ideas how to improve those qos rules to keep low latency even under load?

Answer 1

You can not.

When local link is under a heavy load even with qos the ping latency rises from 16ms to 40ms

You have no control over the local link latency of INCOMING traffic unless you route all traffic through like a data center and do QOS on the traffic you send to the office. Reality as it is - on your office link all incoming traffic is outside your QOS as your QOS is behind the bottleneck incoming.