With most vendors' implementations of QoS, there are a lot of different ways to identify the traffic you want to manipulate. Sometimes the options can be overwhelming, and like most tools, 20% are used 80% of the time and the other 80% are hardly ever used. Nevertheless, you should explore your options before settling on an approach.
The vast majority of people identify their traffic based on IP Precedence. Specifically, most VoIP vendors transmit all their RTP packets with a precedence of 5, so it's easy to configure network devices to just put all traffic with a precedence of 5 into a given queue.
But you could, for example, match traffic based on source or destination IP address and TCP/UDP port. This would be useful if you need to protect some non-voice mission-critical applications like your SAP or ERP traffic.
Another method is to distinguish traffic based on packet size. This is useful in places like low-speed WAN links where you can put large packets into a separate queue. This would generally protect a wide range of interactive traffic (e.g. telnet) that historically uses small packets.
Also, many vendors are able to identify popular types of traffic explicitly. For instance, in Cisco's IOS, you can use the following:
match protocol napster
match protocol kazaa2
match protocol gnutella
This is very useful because it allows you to put this sort of traffic into a special class and police it, that is, drop it if it exceeds a certain bandwidth.
One last useful method for identifying traffic is the source interface. This can be useful if you put all your voice traffic on a dedicated switch or VLAN. Alternately, you may have something like a special VLAN for server backups or workstation imaging, so you could do something like shape all traffic from the backup VLAN to a certain amount of bandwidth to prevent the buffers in your LAN from getting overloaded.
Thomas Alexander Lancaster IV is a consultant and author with over ten years experience in the networking industry, focused on Internet infrastructure.