In a recent SearchNetworking VoIP live event, we discussed Quality of Service mechanisms for congestion management and congestion avoidance. After the event, a user asked if it were possible to have different policies for different users, instead of the way we typically do things, which involves segregating traffic by protocol to apply policies. This is an interesting question that I think deserves more attention and although it isn't widely discussed, many vendors have addressed this very issue.
There are several reasons why you might want to do this. For instance, for those of you who've had to provide tech support to "the executives," know all users weren't created equal. Or you might want your customer-service and sales folk to get priority over employee-to-employee conversations so that your customers experience higher quality calls.
Today, there are two basic answers to this question, although they're both somewhat flawed. The first and easiest method is to leverage the same access-lists you use to describe your protocols. For instance, typically, when you define voice traffic in an access-list, you do so by identifying the TCP and UDP port numbers. If the access-list supports this, odds are, it also supports specifying the source and/or destination IP address.
The problem here is that this solution requires your executives to have static IP addresses, which is just not practical, especially since as a group, they're keen on laptops that let them jet around the country. So the next answer is to use a more holistic way of identifying your priority people. Typically, this means using an LDAP product like Active Directory in conjunction with a policy management suite, so that no matter where they go, when they log in, LDAP identifies them and the policy management software gives them the appropriate priority.
The rub here is that despite widespread adoption of Windows 2000, almost nobody is using Active Directory. Frankly, it would probably be easier to give your execs all Gigabit links than to deploy LDAP in a usable fashion. However, if you do have AD up and running, you should use it to its potential!
Another problem with this objective is that most network hardware has a very limited number of queues. You will want to make executive VoIP higher priority than regular VoIP, which in turn is a higher priority than regular data traffic. When many organizations roll out QoS, they wind up defining and using several more queues for various other types of data traffic and before they realize what's happening, they're out of queues and have no practical way of separating specific users. So be careful when planning and remember to leave some space.
Thomas Alexander Lancaster IV is a consultant and author with over ten years experience in the networking industry, focused on Internet infrastructure.