SummaryThe Exinda appliances can utilize and work with DiffServ related network QoS. This article covers both how to filter traffic by DiffServ as well as how to mark the TOS/DSCP fields to abide by DiffServ
OverviewDiffServ is a way to perform generic QoS, through use of bits set in a Layer 3 IP packet header. Note that DiffServ in fact differs from 802.11q (that is, Class of Service at a Layer 2 level). The packet header includes a DS field (which replaces the TOS field used in IP packets prior to 1998, though certain DSCP markings are reserved to the equivilent TOS markings to keep backwards compatibility). DiffServ is often implemented by ISPs to provide QoS out through their network. The Exinda can also work with DSCP/TOS markings, either prioritizing traffic based on the markings, or specifically marking (or remarking) the packets with the appropriate information in order to get it to match what is set up in the infrastructure.
A policy can either by created on the Optimizer page, or edited on the "Policies" tab of the Optimizer page.
Create a policy to Filter Traffic Based on DSCP
- Enter the Policy Name.
- Enter the VC Policy Number which is the order of the policy in the policy tree.
Optionally, specify the Schedule.
- The default scheduling option is ALWAYS. Schedules that have been created via Configuration > Objects > Schedules will appear in the drop-list.
Specify the Action.
- Optimize - Perform traffic shaping, acceleration, or packet marking on the traffic
- Discard - Discard the packets effectively blocking the traffic
- Ignore - Perform no action on the packets allowing them to pass through the appliance unaffected. This setting is effective for a monitor only mode. Note that this option should not be used for policies within a dynamic virtual circuit.
- Return HTML Response - Present the webpage defined in the HTML response object to the source web browser.
- HTTP Redirect - Redirect the packets to a specified URL effectively presenting the URL to the network client.
- Specify additional details that present themselves for each of the action.
Enter the Filter Rules. Any of the following fields may be used to specify how to filter the traffic.
- VLAN - Select traffic based on 802.1Q VLAN ID and/or 802.iP VLAN priority tag using a pre-defined VLAN object set up under Configuration > Objects > VLANs.
- Source - Select a network object that filters for the initiation of a conversation.
- Destination - Select a network object that filters for the destination of the conversation.
- Direction - Select traffic based on one way or two way conversations between the source and destination network objects. If source and destination are not selected, ALL network objects are assumed. Traffic direction is relative to the Exinda appliance.
- ToS / DSCP - Select traffic based on particular ToS/DSCP marks in the IP header. If traffic is in the network that use these TOS / DSCP header bits, they can be selected here.
- Application - Select traffic based on a predefined application object or application group.
- Click Add New Policy to add this policy to the policy tree.
Configure the policy to mark packets
Marking the packets is a necessary thing to be done if traffic is going into, or will be routed through a network that is using DSCP or TOS markings. Otherwise, the traffic will not get appropriately QoSed by DiffServ in the network. Depending on how the infrastructure is set up, it is possible that non marked packets will be dropped, or put through at the lowest possible priority. If there is no other network device before the Exinda that is marking packets destined for the DiffServ infrastructure, the Exinda must do it through policies.
- Create the policy as above.
- Select the Optimize action and check the Packet Marking section to mark individual packets matching this policy.
- Specify which ToS/DSCP Mark to put in the IP header of each packet.
- Optionally, select a VLAN ID and Priority to mark a packet with a VLAN as well.
- Perform the filter rules to specify the traffic that is meant to be marked