Examples of application and usage recommendations

Example 1: Prioritization of DNS traffic

DNS queries, based on UDP, lose a large number of packets due to the definition of UDP – which  does not provide mechanisms for managing transmission errors – and the overwhelming presence of TCP traffic that drowns out UDP traffic in the mass of TCP packets.

To preserve such traffic, and in particular DNS traffic, the creation of a PRIQ QoS rule is recommended. This rule will help to diminish frequent packet loss, as well as latency that may occur on this type of traffic, which requires high responsiveness (this is the precise reason for DNS queries being done on UDP).

Defining the QoS rule for DNS

Name

Type

Priority

Bp min

Bp max

Min inv.

Max inv.

Color

Comments

Priority queue (1 item)

QoS_DNS

 

1

 

 

 

 

 

Prioritization of DNS traffic

Using the QoS rule in the filter policy

To view QoS in the Filtering tab, in the Filtering and NAT module, double-click on the Action column once you have set up your filter rule (see the document on Filtering and NAT or go to the menu Security Policy\Filtering and NAT module\Action column).

Effects on traffic

  • Decreases the number of lost packets if the rule has level 1 priority (and is the only such rule).
  • Reduces latency.

 

Example 2: Restricting HTTP  traffic

HTTP traffic consumes more bandwidth from the internet link and local network than any other type of internet traffic. Heavy use of the internet may cause congestion of network traffic and decrease in overall performance, making it bothersome to use the network.

We recommended limiting HTTP traffic using a CBQ QoS rule that defines the maximum throughput allowed. Fortunately, the situation can be remedied. This rule will allow preserving the network’s bandwidth and reducing the impact of using the internet on the network’s overall performance.

Defining the QoS rule for HTTP

Name

Type

Priority

Bp min

Bp max

Min inv.

Max inv.

Color

Comments

Class-based queue (1 item)

QoS_HTTP

 

 

0kb

512kb

0kb

512kb

 

Restriction on HTTP traffic

Using the QoS rule in the filter policy

To view QoS in the Filtering tab, in the Filtering and NAT module, double-click on the Action column once you have set up your filter rule (see the document on Filtering and NAT or go to the menu Security Policy\Filtering and NAT module\Action column).

Effects on traffic

  • Lowers the risk of network congestion.
  • Reduces the impact of traffic on the network’s overall performance.

 

Example 3: Guaranteeing a minimum level of service

Some applications (e.g. VoIP) require a level of service with the guarantee of compliance. Failure to comply would result in the suspension of the service (e.g. VoIP conversations can no longer be held). Other applications and their impact on the network’s general performance may disrupt the progress of obtaining the required service level.

To ensure the maintenance of the required service level, we recommend that you create a CBQ QoS rule that defines a minimum guaranteed throughput. It will guarantee a service level for specified traffic irrespective of the impact of other traffic on the network’s overall performance and without defining the bandwidth restriction for these other types of traffic.

Defining the QoS rule for VoIP

Name

Type

Priority

Bp min

Bp max

Min inv.

Max inv.

Color

Comments

Class-based queue (1 item)

QoS_VoIP

 

 

1kb

0kb

100kb

0kb

 

Guarantee of a minimum level of service

Using the QoS rule in the filter policy

To view QoS in the Filtering tab, in the Filtering and NAT module, double-click on the Action column once you have set up your filter rule (see the document on Filtering and NAT or go to the menu Security Policy\Filtering and NAT module\Action column).

Effects on traffic

  • Guarantees bandwidth for a specified traffic type.
  • Introduces a maximum data transfer time for the service.