Implement QoS for 3CX VoIP on Debian Linux

If you need QoS on your Debian Linux system, this step-by-step guide shows how to create a rule for iptables that tags all traffic from the machine with a higher QoS so as to ensure traffic is given priority.

Step 1: Making sure your QoS rules are applied permanently to your system

By default, your Debian Linux system will NOT save any rules applied at runtime. This can however be resolved by adding the iptables-persistent package to your installation as follows:

apt-get install iptables-persistent

This will create a new file in “/etc/iptabes/rules.v4” that will be loaded at each system and service restart. 

Step 2: Create a Rule to Tag All Traffic Originating From This Machine

Run the following commands at the command prompt:

iptables -t mangle -A OUTPUT -p udp -j DSCP –set-dscp 56

iptables -t mangle -A OUTPUT -p tcp -j DSCP –set-dscp 56

Step 3: Checking QoS is Applied to Outbound Traffic

Use tcpdump to create a network capture file for you to examine using Wireshark on some other computer:

tcpdump -s 0 -w 247-check-dscp.pcap

Download this file onto your PC, and open it with Wireshark. You can check that outbound traffic is indeed being tagged with the correct DSCP value:

Step 4: Make Sure the Changes are Saved Permanently

Run the following commands at the command prompt:

iptables-save >/etc/iptables/rules.v4