So I am starting to delve into the QoS settings and cam eacross a question.
My current set up:
2 sites each with their own internet access.
the 2 sites connected via VPN to route LAN and VOIP traffic.
SIP trunks come in to site 1.
ACL UDP_PORTS to match UDP port ranges for VOIP
ACL COMP_NET to match computer subnet
QOS Map MARK to use the UDP_PORTS ACL to mark as EF
QOS Map QUE to match EF marked packets
QOS Map LIMIT to limit remaining traffic to the remaining 100%
VLAN 1 inbound - MARK
VLAN 1 outbound - LIMIT
Eth 0/1 Outbound - QUE
Eth 0/1 has a traffic-shape rate of 10000000
So the assumption is that anything that has the SIP and RTP ports I define gets tagged with EF as they come into the router, that way I don't need to worry if the system or phone tags them or not, or what they tag them with or where in local network the come from.
It then leaves the VLAN and goes out the Eth 0/1 interface, EF goes first then all the rest of the traffic gets what's left of the 10 meg..(After the 25% that the netvanta takes away initially which leaves 7500000). The queing should happen at this point before encapsulation to the VPN.
A VPN tunnel would also me subject to this rule since it is going out the eth 0/1 port as well?
if that is the case then some routers like the 3120 can pose an additional challenge sine their VPN tunnels are good for about 2 meg.
Is there a way of directing the VOIP traffic across the VPN with the size of the tunnel in mind without limiting the upspeed to the SIP trunk provider and other internet traffic which would be non VPN traffic?
Can you see any flaws in the QoS I implemented?
I understand that everyhing is still subject to the public internet, I just want it leaving the sites under ideal conditions. (Easier to sleep at night knowing that it is the ISP's fault rather than mine 
)
Thanks in advanced