[Seattle-SAGE] VPN-in-a-box recommendations?

Troy Davis troy at nack.net
Thu Feb 23 17:04:47 PST 2006

On 02/23/06 14:06, Robin Battey wrote:

> While I can't speak from direct experience here, I think it will do lots
> of good.  The bottleneck for VoIP is usually the endpoint bandwidth,

I'd be more concerned about jitter caused by queuing than about raw
throughput, since some DSL modems have pretty significant packet
buffers.  LLQ and CBWFQ can de-queue VoIP packets before other data
packets, if the endpoints support those queueing methods.

> Also, I hope you have a FAT pipe.  Your standard VoIP channel takes around 
> 90kbps in both directions.  That's 90kbps worth of a T1, DC3, or other 
> full-duplex pipe, but it's more like 180kbps of DSL, because DSL is *not* 
> full duplex (ADSL and SDSL are both single-duplex).  You really don't want 
> to run any sort of multi-channel VoIP (unless you can compress it somehow) 
> over anything less than a T1 (and note that 3.0gbps SDSL is the 
> bandwidth equivalent to a T1).

SDSL is usually advertised by unidirectional throughput, so "3 Mbps
SDSL" is 3 Mbps down and 3 Mbps up, concurrently (full duplex).  With a
decent CPE and ILEC copper - which the LEC should verify before
provisioning a circuit - 3 Mbps SDSL will be roughly equal to *2* bonded

ADSL is usually advertised by downstream or down/up throughput ("640
Kbps" or "640/256").  The speeds can be asymmetric, but one can can
concurrently download at 640 and upload at 256 (minus ATM and
potentially PPPoA/PPPoE overhead).

So, all of that said, 640/256 ADSL should support 2 G.711 (64 Kbps
payload, ~90 Kbps w/IP headers) calls, and does beautifully with
multiple G.722 calls.

To the poster's question, check out CyberGuard and Fortinet's FortiGate.


More information about the Members mailing list