Firewall > QoS Mapping
491
SonicOS Enhanced 4.0 Administrator Guide
• Marking – Also known as tagging or coloring – The act of applying layer 2 (802.1p) or
layer 3 (DSCP) information to a packet for the purpose of differentiation, so that it can be
properly classified (recognized) and prioritized by network devices along the path to its
destination.
• MPLS - Multi Protocol Label Switching. A term that comes up frequently in the area of QoS,
but which is natively unsupported by most customer premise IP networking devices,
including SonicWALL appliances. MPLS is a carrier-class network service that attempts to
enhance the IP network experience by adding the concept connection-oriented paths
(Label Switch Paths – LSPs) along the network. When a packet leaves a customer premise
network, it is tagged by a Label Edge Router (LER) so that the label can be used to
determine the LSP. The MPLS tag itself resides between layer 2 and layer 3, imparting
upon MPLS characteristics of both network layers. MPLS is becoming quite popular for
VPNs, offering both layer 2 and layer 3 VPN services, but remains interoperable with
existing IPsec VPN implementation. MPLS is also very well known for its QoS capabilities,
and interoperates well with conventional DSCP marking.
• Per Hop Behavior (PHB) – The handling that will be applied to a packet by each DiffServ
capable router it traverses, based upon the DSCP classification of the packet. The behavior
can be among such actions as discard, re-mark (re-classify), best-effort, assured
forwarding, or expedited forwarding.
• Policing – A facility of traffic conditioning that attempts to control the rate of traffic into or
out of a network link. Policing methods range from indiscriminate packet discarding to
algorithmic shaping, to various queuing disciplines.
• Queuing – To effectively make use of a link’s available bandwidth, queues are commonly
employed to sort and separately manage traffic after it has been classified. Queues are
then managed using a variety of methods and algorithms to ensure that the higher priority
queues always have room to receive more traffic, and that they can be serviced (de-queued
or processed) before lower priority queues. Some common queue disciplines include:
–
FIFO – First In First Out. A very simple, undiscriminating queue where the first packet
in is the first packet to be processed.
–
Class Based Queuing (CBQ) – A queuing discipline that takes into account the CoS
of a packet, ensuring that higher priority traffic is treated preferentially.
–
Weighted Fair Queuing (WFQ) – A discipline that attempts to service queues using a
simple formula based upon the packets’ IP precedence and the total number of flows.
WFQ has a tendency to become imbalanced when there is a disproportionately large
number of high-priority flows to be serviced, often having the opposite of the desired
effect.
–
Token Based CBQ – An enhancement to CBQ that employs a token, or a credit-based
system that helps to smooth or normalize link utilization, avoiding burstiness as well as
under-utilization. Employed by SonicOS’ BWM.
• RSVP – Resource Reservation Protocol. An IntServ signaling protocol employed by some
applications where the anticipated need for network behavior (e.g. delay and bandwidth) is
requested so that it can be reserved along the network path. Setting up this Reservation
Path requires that each hop along the way be RSVP capable, and that each agrees to
reserve the requested resources. This system of QoS is comparatively resource intensive,
since it requires each hop to maintain state on existing flows. Although IntServ’s RSVP is
quite different from DiffServ’s DSCP, the two can interoperate. RSVP is not supported by
SonicOS.