net qos profile add
Step 2 Format The following settings apply to both rate control profiles and priority profiles:
The following settings apply only to rate control profiles:
The following settings apply only to priority profiles:
Mode net-config [network-qos-profile]
net qos profile add
qos_type {Rate-Control | Priority}
interface {WAN1 | WAN2}
service_name {default_services <default service name> | {custom_services <custom service name>}
diffserv_qos_match <number>
diffserv_qos_remark <number>
direction_for_rate_control {Inbound | Outbound | Both}
congestion_priority {Default | High | Medium-high | Medium | Low}
hosts {Single-IP-Address {hosts_start_ip <ipaddress>} |
IP-Address-Range {hosts_start_ip <ipaddress>} {hosts_end_ip <ipaddress>} | Group {hosts_group {Group1 | Group2 | Group3 | Group4 | Group5 | Group6 | Group7 | Group8}}}
bandwidth_allocation {Shared | Individual}
outbound_min_bandwidth <bandwidth>
outbound_max_bandwidth <bandwidth>
inbound_min_bandwidth <bandwidth>
inbound_max_bandwidth <bandwidth>
direction_for_priority {Inbound-Traffic | Outbound-Traffic}
priority {Low | High}
Keyword (might consist of two separate words)
Associated Keyword to Select or Parameter to Type
Description
Common settings
qos_type Rate-Control or
Priority
Specifies the type of profile:
• Rate-Control. Configure the keywords and parameters that are shown in the Common settings section and Rate control profile settings section of this table.
• Priority. Configure the keywords and parameters that are shown in the Common settings section and Priority profile settings section of this table.
interface WAN1 or WAN2 Specifies the interface to which the profile applies.
service_name DNS:TCP, FINGER, FTP, HTTP, HTTPS, ICMP-TYPE-3, ICMP-TYPE-4,
ICMP-TYPE-13, ICQ, IMAP2, IMAP3, IRC, NEWS, NFS, NNTP, PING, POP3, PPTP, RCMD, REAL-AUDIO, REXEC, RLOGIN, RTELNET,
RTSP:TCP, RTSP:UDP, SFTP, SMTP, SNMP:TCP, SNMP:UDP, SNMP-TRAPS:TCP,
SNMP-TRAPS:UDP, SQL-NET, SSH:TCP, SSH:UDP,
STRMWORKS, TACACS, TELNET, TFTP, RIP, IKE, SHTTPD, IPSEC-UDP-ENCAP, IDENT, VDOLIVE, SSH, SIP-TCP, SIP-UDP, NFS-TCP, or RPC-TCP
Specifies the default service and protocol to which the profile applies.
service_name custom_services
custom service name The custom service that you configure with the security services add command and to which the profile applies.
diffserv_qos_match number (Optional) The DSCP value, from 0 through 63. Packets are classified against this value.
diffserv_qos_remark number (Optional) The DSCP value, from 0 through 63. Packets are marked with this value.
Keyword (might consist of two separate words)
Associated Keyword to Select or Parameter to Type
Description
Rate control profile settings
direction_for_rate_control Inbound, Outbound, or Both
Specifies the direction to which rate control applies:
• Inbound. Rate control applies to inbound packets only. You must issue the inbound_min_bandwidth and inbound_max_bandwidth
keywords and specify the bandwidth that is allocated.
• Outbound. Rate control applies to outbound packets only. You must issue the
outbound_min_bandwidth and outbound_max_bandwidth keywords and specify the bandwidth that is allocated.
• Both. Rate control applies to both inbound and outbound packets. You must issue the
inbound_min_bandwidth, inbound_max_bandwidth, outbound_min_bandwidth, and outbound_max_bandwidth keywords and specify the bandwidth that is allocated.
congestion_priority Default, High, Medium-high, Medium, or Low
Specifies the priority queue that determines the allocation of excess bandwidth and the classification level of the packets among other priority queues on the VPN firewall:
• Default. Traffic is mapped based on the ToS field in the packet’s IP header.
• High. This queue includes the following DSCP values: AF41, AF42, AF43, AF44, and CS4.
• Medium-high. This queue includes the following DSCP values: AF31, AF32, AF33, AF34, and CS3.
• Medium. This queue includes the following DSCP values: AF21, AF22, AF23, AF24, and CS2.
• Low. This queue includes the following DSCP values: AF11, AF12, AF13, AF14, CS1, 0, and all other values.
Keyword (might consist of two separate words)
Associated Keyword to Select or Parameter to Type
Description
hosts Single-IP-Address, IP-Address-Range, or Group
Specifies the IP address, range of IP addresses, or group to which the profile applies:
• Single-IP-Address. The profile applies to a single IP address. Issue the hosts_start_ip keyword to specify the IP address.
• IP-Address-Range. The profile applies to an IP address range. Issue the hosts_start_ip and
hosts_end_ip keywords to specify the start and end IP addresses of the range. In addition, issue the
bandwidth_allocation keyword to specify if bandwidth is shared between all IP addresses in the range or is allocated to each IP address in the range.
• Group. The profile applies to a group.
Issue the hosts_group keyword to specify the group. In addition, issue the bandwidth_allocation keyword to specify if bandwidth is shared between all members of the group or is allocated to each member in the group.
hosts_start_ip ipaddress The following two options are available:
• The IP address if the hosts keyword is set to Single-IP-Address.
• The start IP address if the hosts keyword is set to
IP-Address-Range.
hosts_end_ip ipaddress The end IP address if the hosts keyword is set to IP-Address-Range.
hosts_group Group1, Group2, Group3, Group4, Group5, Group6, Group7, or Group8
Specifies the group if the hosts keyword is set to Group.
Note: You cannot enter group names that you specify with the net lan lan_groups edit
<row id> <new
group name> command.
Keyword (might consist of two separate words)
Associated Keyword to Select or Parameter to Type
Description
bandwidth_allocation Shared or Individual Specifies how bandwidth is allocated.
These options apply when the hosts keyword is set to IP-Address-Range or to group.
• Shared. The bandwidth is shared among all IP addresses in a range or all members of a group.
• Individual. The bandwidth is allocated to each IP address in the range or each member of a group.
outbound_min_bandwidth bandwidth The outbound minimum bandwidth in Kbps, from 0 to 100,000. This option applies if the
direction_for_rate_control keyword is set to outbound or both.
outbound_max_bandwidth bandwidth The outbound maximum bandwidth in Kbps, from 100 to 100,000. This option applies if the
direction_for_rate_control keyword is set to outbound or both.
inbound_min_bandwidth bandwidth The inbound minimum bandwidth in Kbps, from 0 to 100,000. This option applies if the direction_for_rate_control keyword is set to inbound or both.
inbound_max_bandwidth bandwidth The inbound maximum bandwidth in Kbps, from 100 to 100,000. This option applies if the
direction_for_rate_control keyword is set to inbound or both.
Priority profile settings
direction_for_priority Inbound-Traffic or Outbound-Traffic
Specifies the direction to which the priority queue applies:
• Inbound-Traffic. The priority queue applies to inbound traffic only.
• Outbound-Traffic. The priority queue applies to outbound traffic only.
Keyword (might consist of two separate words)
Associated Keyword to Select or Parameter to Type
Description
Command example:
FVS336Gv2> net qos profile add
net-config[network-qos-profile]> qos_type Rate-Control net-config[network-qos-profile]> interface WAN2
net-config[network-qos-profile]> service_name default_services http net-config[network-qos-profile]> direction_for_rate_control Inbound net-config[network-qos-profile]> congestion_priority High
net-config[network-qos-profile]> hosts IP-Address-Range net-config[network-qos-profile]> hosts_start_ip 192.168.110.2 net-config[network-qos-profile]> hosts_end_ip 192.168.110.199 net-config[network-qos-profile]> bandwidth_allocation Shared net-config[network-qos-profile]> inbound_min_bandwidth 7500 net-config[network-qos-profile]> inbound_max_bandwidth 15000 net-config[network-qos-profile]> diffserv_qos_match 5
net-config[network-qos-profile]> diffserv_qos_remark 12 net-config[network-qos-profile]> save