Configuring QoS for Branch Gateways
This topic describes how to set up QoS on branch gateways to shape inbound and outbound traffic. It includes these sections:
Configuring QoS
Enabling QoS on uplinks
Configuring QoS
QoS for branch gateways is a per-uplink traffic shaper for inbound and outbound traffic.
SteelConnect provides an easy-to-use queue management system for inbound and outbound traffic. With QoS for branch gateways:
there are no classes to configure.
you set the bandwidth with a fixed value.
SteelConnect looks for the differentiated services code point (DSCP) marking on traffic as it comes into the SteelConnect gateway. This marking can be the DSCP value that you set in the traffic rules using SCM or the DSCP value that you set using another device, such as a SteelHead appliance, LAN switch, VoIP phone, or router.
For details on setting the DSCP value in traffic rules using SCM, see QoS priority. SteelConnect uses this DSCP value to enforce QoS classification and shaping.
The SDI-5030 data center gateway doesn’t provide QoS enforcement; however, it does support QoS marking.
How does QoS for gateways work?
QoS for gateways uses the common applications kept enhanced (CAKE) scheduler. CAKE uses an advanced fair queue mechanism that distributes bandwidth while considering packet delays. CAKE is a connection-based system that tracks latency on each connection or traffic flow rather than bandwidth per class.
CAKE is not a typical traffic shaper or policer: it tries to give each traffic flow a fair share of the traffic. It does not allow fat flows to take up the whole circuit. CAKE is purposely built for internet-based uplinks so it is ideal for dynamic WAN throughput. CAKE automatically adjusts to traffic changes throughout the day, providing increased bandwidth when a traffic flow requires it and less bandwidth if the traffic flow slows down. CAKE also avoids excessive buffering, which can lead to a bad user experience.
For details on CAKE, go to https://www.bufferbloat.net/projects/codel/wiki/Cake/.
The underlying QoS scheduling algorithm implemented on SteelHead SD appliances is not the same as the CAKE scheduling algorithm on SDI branch and data center gateways. For details, see Introducing QoS shaping for SteelHead SD appliances in the SteelHead SD User Guide.
The CAKE scheduler dynamically places traffic flows in these traffic class queues for mapping enforcement:
QoS class
Example of traffic type
DSCP values
Latency Sensitive -
25% bandwidth
VoIP
Class Selector (CS)7, CS6, CS5, CS4, Expedited Forwarding (EF) Voice Admit (VA)
Streaming Media -
50% bandwidth
Video
Assured Forwarding (AF)4x, AF3x, AF2x, CS3, CS2, TOS4, TOS1
Best Effort -
100% bandwidth
MAPI
CS0, AF1x, Type of Service (TOS)2 or if the DSCP value isn’t specified
Background Traffic - 6.25% bandwidth
YouTube
CS1
Note: The DSCP standards for QoS have been specified and respecified many times, for the latest standards, see DSCP RFC 2474, RFC 3168, RFC 3260, RFC 5865.
According to Bufferbloat.net, “CAKE implements soft admission control, making it robust against starvation attacks relying on strict priority that otherwise would be easy to trigger by accident. If a traffic class (including all traffic in higher classes than itself) exceeds its bandwidth threshold, it is demoted in priority until it falls below the threshold again. Thus, if there is no competing traffic, any traffic class can use the full link bandwidth, but it is always possible for new traffic in a different class to start up.”
For more information, go to https://www.bufferbloat.net/projects/codel/wiki/CakeTechnical/.
How do you assign traffic a DSCP value?
Only DSCP marked traffic is placed in the QoS priority queues. Traffic must have a DSCP marking value for QoS traffic to be classified and shaped.
You can mark traffic with a DSCP value using:
SCM when you create traffic rules. For details, see To create a traffic rule.
the SteelHead appliance QoS feature. For details, see the SteelHead Deployment Guide.
a switch, VoIP phone, or router.
Enabling QoS on uplinks
To enable QoS on outbound traffic
1. Choose Network Design > Uplinks to display the Uplinks.
2. Click the uplink that you want to configure to expand the page.
3. Click the QoS tab to display Outbound and Inbound options.
4. Under Outbound Quality of Service (QoS), click On.
5. Under Bandwidth, specify an upper bandwidth value. For the best results, we recommend you use a slightly lower value than what is allocated by your service provider.
Click the arrows on the right side to increase or decrease the value in the text box.
6. Select either Mbits/sec or Kbits/sec.
7. Click Submit.
To enable QoS on inbound traffic
1. Choose Network Design > Uplinks to display the Uplinks.
2. Click the uplink that you want to configure to expand the page.
3. Click the QoS tab to display Outbound and Inbound options.
4. Under Inbound Quality of Service (QoS), click On.
5. Under Bandwidth, specify an upper bandwidth value. For the best results, we recommend you use a slightly lower value than what is allocated by your service provider.
Click the arrows on the right side to increase or decrease the value in the text box.
6. Select either megabits per second or kilobits per second.
7. Click Submit.