Ideally, I wouldn't "fill the pipe" when I was on a VoIP call, but that was an unrealistic resolution to the problem - especially when my daughters found out they could stream My Little Pony episodes online.
The Internet wasn't much help either. Everything I read said that you can only prioritize your outbound traffic, not your inbound - or that you would need coordination on both sides of the link in order to achieve true QoS. Not very helpful.
All I needed was a solution that would a.) detect I was on a VoIP call, b.) temporarily rate-limit all other traffic, c.) detect I was off the VoIP call, and d.) remove the temporary rate-limit.
Sounds easy enough, right? It wasn't too bad. I ended up making a Snort signature for the VoIP traffic and had a script watching the Snort logs. When a VoIP call was detected, the script made a telnet connection to my WAN router and applied a heavy-handed rate-limit on all non-VoIP traffic. When the call was done the rate-limit was removed. I called the concept AATQoS - Application-Aware Triggered Quality of Service.
You can read all of the gory details here: http://user.xmission.com/~hidden/aatqos/
That, however, is not the purpose of the post. The purpose of this post is to show how to achieve the exact same results using an EEM script, completely self-contained within the Cisco router. First off, many thanks to Ivan Pepelnjak at ipspace.net for helping me along the way! We ran into a couple of bumps but ended up getting it working like a charm:
http://blog.ioshints.info/2008/12/this-is-qos-who-cares-about-real-time.html
http://blog.ioshints.info/2010/01/update-workaround-for-sluggish-cb-qos.html
Here are the relevant portions of the config that worked great for me and my little Cisco 1801 DSL Router:
class-map match-all acgroup112
match access-group 112
policy-map police
class acgroup112
access-list 112 remark ALL_TCP_TRAFFIC
access-list 112 permit tcp any any
event manager environment match_pattern .([0-9]+).*matches
event manager environment nok_msg it works
event manager environment exp_name custom1
event manager environment ip_address 166.70.124.1
event manager environment rw_community private
event manager environment match_cmd show policy-map int dialer0
event manager environment _ios_cmd_1 show policy-map int dialer0 | in 105
event manager environment countdown_entry 1
event manager directory user policy "flash:/"
event manager applet PoliceDisable
event counter name call_in_progress entry-val 0 entry-op eq exit-val 1 exit-op eq maxrun 31536000
action 100 syslog msg "---=== Disabling Police ===---"
action 110 cli command "enable"
action 120 cli command "conf t"
action 130 cli command "policy-map police"
action 140 cli command "class acgroup112"
action 150 cli command "no police"
action 160 syslog msg "---=== Police Disabled ===---"
event manager applet PoliceEnable
event counter name call_in_progress entry-val 1 entry-op eq exit-val 0 exit-op eq maxrun 31536000
action 100 syslog msg "---===Enabling Police===---"
action 110 cli command "enable"
action 120 cli command "conf t"
action 130 cli command "policy-map police"
action 140 cli command "class acgroup112"
action 150 cli command "police 400000 conform tr ex dr"
action 160 syslog msg "---===PoliceEnabled===---"
event manager applet AATQoS
event timer watchdog time 1
action 100 cli command "enable"
action 110 cli command "show policy-map int dialer0"
action 200 info type snmp oid cbQosCMPrePolicyByte.368.13007857 get-type exact community public
action 210 set value1 "$_info_snmp_value"
action 220 wait 1
action 230 info type snmp oid cbQosCMPrePolicyByte.368.13007857 get-type exact community public
action 240 set value2 "$_info_snmp_value"
action 250 subtract $value2 $value1
action 260 set difference "$_result"
action 280 if $_result gt 100
action 290 counter name "call_in_progress" op set value 1
action 300 end
action 310 if $_result lt 100
action 320 counter name "call_in_progress" op set value 0
action 330 end
