Application: limiting bandwidth in a LAN/WAN architecture

For this section, it is assumed that the user already has the lowest configuration required to apply QoS in a LAN/WAN architecture.

This section also explains how to add the components needed in order to apply bandwidth limitation or reservation to some traffic passing through the links attached to the LAN and WAN interfaces.

Details of the traffic management policy set up by the administrator are shown below.

Limiting and reserving bandwidth over the WAN link

NOTE
The sum of all bandwidth reserved for a link must not exceed 85% of the link's total bandwidth. This is because the usable bandwidth for such reservations is equal to the bandwidth assigned to the corresponding traffic shaper (90% of total bandwidth) minus the bandwidth assigned to the acknowledgment queue (5% of total bandwidth).

Transferring work files (FTP)

Set a queue named FTP_WAN_Q:

  • Limitation to 30 Mbit/s for outgoing traffic,
  • Limitation to 40 Mbit/s for return traffic.

Limitation of YouTube traffic when the intrusion prevention engine detects a signature

To restrict specific traffic that the intrusion prevention engine detects (YouTube in this example), the method used is to apply a specific QoS queue (YTB_WAN_Q in this example) to the corresponding detection signature (Applications and protections module - "Multimedia: YouTube" signature in this example).

Set a queue named YTB_WAN_Q:

  • Limitation to 20 Mbit/s for outgoing traffic,
  • Limitation to 20 Mbit/s for return traffic.