Policy Pages Reference : Networking Policy Settings : Inbound QoS
  
Inbound QoS
You configure inbound QoS in the Inbound QoS page.
Riverbed recommends that you migrate legacy QoS profiles to QoS 9.0 or later. Basic and advanced QoS profiles have policy push restrictions. You cannot push legacy QoS profiles to SteelHeads running 9.0 and later. You cannot push legacy QoS classes and rules to SteelHead EXs running 3.6 and later. For detailed information about migrating to QoS 9.0 or later, see Migrating Legacy QoS Policies or the SteelHead Management Console User’s Guide for SteelHead CX.
Inbound QoS allocates bandwidth and prioritizes traffic flowing into the LAN network behind the SteelHead appliance. This provides the benefits of QoS for environments that cannot meet their QoS requirements with outbound QoS.
For details about Inbound QoS environments and deployments, see the SteelHead Management Console User’s Guide for SteelHead CX.
WAN Link
Complete the configuration as described in this table.
Control
Description
Enable Inbound QoS Shaping and Enforcement
Enables QoS to control the prioritization of different types of inbound network traffic and to ensure that the SteelHead gives certain network traffic (for example, Voice over IP) higher priority than other network traffic. Traffic is not classified until at least one WAN interface is enabled.
By default, inbound QoS classification is disabled.
To disable inbound QoS, clear this check box and restart the optimization service.
Enable QoS on <interface> with WAN bandwidth: <kbps> kbps
Enables a WAN interface <X-Y>. Specify its bandwidth link rate in kbps. The bandwidth for the default site is automatically set to this value.
Inbound QoS supports in-path interfaces only; it does not support primary or auxiliary interfaces.
The link rate is the bottleneck WAN bandwidth, not the interface speed out of the WAN interface into the router or switch. For example, if your appliance connects to a router with a 100-Mbps link, do not specify this value—specify the actual WAN bandwidth (for example, T1, T3).
Important: Different WAN interfaces can have different WAN bandwidths; you must enter the bandwidth link rate correctly for QoS to function properly.
Apply
Click to apply your settings.
Inbound QoS Classes
Complete the configuration as described in this table.
Control
Description
Add a Class
Displays the controls to add a class.
Class Name
Specify a name for the QoS class.
Priority
Specify the priority from the drop-down list. Priority indicates how delay-sensitive a traffic class is to the QoS scheduler. Select a service class for the application from the drop-down list (highest priority to lowest):
•  Realtime - Specifies real-time traffic class. Give this value to your highest priority traffic: for example, VoIP or video conferences.
•  Interactive - Specifies an interactive traffic class: for example, Citrix, RDP, Telnet, and SSH.
•  Business Critical - Specifies the high priority traffic class: for example, Thick Client Applications, ERPs, and CRMs.
•  Normal Priority - Specifies a normal priority traffic class: for example, Internet browsing, file sharing, and email.
•  Low Priority - Specifies a low priority traffic class: for example, FTP, backup, replication, other high-throughput data transfers, and recreational applications such as audio file sharing.
•  Best Effort - Specifies the lowest priority.
These are minimum service class guarantees; if better service is available, it is provided: for example, if a class is specified as low priority and the higher priority classes are not active, then the low priority class receives the highest possible available priority for the current traffic conditions. This parameter controls the priority of the class relative to the other classes.
The service class describes only the delay sensitivity of a class, not how much bandwidth it is allocated, nor how important the traffic is compared to other classes. Typically you configure low priority for high-throughput, non-packet delay sensitive applications like FTP, backup, and replication.
Minimum Bandwidth
Specify the minimum amount of bandwidth (as a percentage) to guarantee to a traffic class when there is bandwidth contention. All of the classes combined cannot exceed 100 percent. During contention for bandwidth, the class is guaranteed the amount of bandwidth specified. The class receives more bandwidth if there is unused bandwidth remaining.
Excess bandwidth is allocated based on the relative ratios of minimum bandwidth. The total minimum guaranteed bandwidth of all QoS classes must be less than or equal to 100 percent of the parent class.
A default class is automatically created with minimum bandwidth of 10 percent. Traffic that does not match any of the rules is put into the default class. Riverbed recommends that you change the minimum bandwidth of the default class to the appropriate value.
You can adjust the value as low as 0 percent.
The system rounds decimal numbers to 5 points.
Maximum Bandwidth
Specify the maximum allowed bandwidth (as a percentage) a class receives as a percentage of the parent class maximum bandwidth. The limit is applied even if there is excess bandwidth available.
The system rounds decimal numbers to 5 points.
Link Share Weight
Specify the weight for the class. Applies to flat mode only. The link share weight determines how the excess bandwidth is allocated among sibling classes. Link share does not depend on the minimum guaranteed bandwidth. By default, all the link shares are equal.
Classes with a larger weight are allocated more of the excess bandwidth than classes with a lower link share weight.
You cannot specify a Link Share Weight in Hierarchical QoS. In Hierarchical QoS, the link share weight is the same proportion as the guaranteed bandwidth of the class.
The Link Share Weight does not apply to MX-TCP queues.
Add
Adds a class.
Remove Selected
Select the check box next to the name and click Remove Selected.
Inbound QoS Rules
Complete the configuration as described in this table.
Control
Description
Add a Rule
Displays the controls to add a QoS rule.
Name
Specify a rule name.
Insert Rule At
Inserts a QoS rule for a QoS class. Select Start, End, or a rule number from the drop-down list.
Appliances evaluate rules in numerical order starting with rule 1. If the conditions set in the rule match, then the rule is applied, and the system moves on to the next packet. If the conditions set in the rule do not match, the system consults the next rule: for example, if the conditions of rule 1 do not match, rule 2 is consulted. If rule 2 matches the conditions, it is applied, and no further rules are consulted.
Description
Describe the rule to facilitate administration.
For Traffic with the Following Characteristics:
 
Remote Subnet or Host Label
Specify an IP address and mask pattern for the traffic destination, or you can specify all or 0.0.0.0/0 as the wildcard for all traffic.
Use this format: XXX.XXX.XXX.XXX/XX
or
Specify a host label.
Port or Port Label
Optionally, specify all source ports, a single source port value or a port range of port1-port2, where port1 must be less than port2. The default setting is all ports.
or
Specify a port label.
Local Subnet or Host Label
Specify an IP address and mask for the traffic source, or you can specify all or 0.0.0.0/0 as the wildcard for all traffic.
Use this format: XXX.XXX.XXX.XXX/XX
or
Specify a host label.
Port or Port Label
Optionally, specify all destination ports, a single source port value or a port range of port1-port2, where port1 must be less than port2. The default setting is all ports.
or
Specify a port label.
Protocol
Select All, TCP, GRE, UDP, ICMP, IPSec Authentication Header (AH), IPSec Encapsulating Security Payload (ESP), or a number from the drop-down list. All specifies all TCP and UDP-based protocols.
Traffic Type
Select All, Optimized, or Passthrough from the drop-down list. The system applies the QoS rules to optimized and pass-through (ingress only) traffic.
Note: Session reliability (port 2598) is not supported with pass-through Citrix traffic.
DSCP
Optionally, specify a DSCP value from 0 to 63.
VLAN Tag ID
Optionally, specify the VLAN tag for the rule.
Application
Select an application from the drop-down list of global applications. To narrow the search, type the first characters in the application name.
You can define and add any applications that do not appear in the list.
Selecting HTTP expands the control to include the Domain Name and Relative Path controls. Enter the domain name and relative path. The relative path is the part of the URL that follows the domain name.
To facilitate configuration, you can use wildcards in the name and relative path controls; for example, *.akamaitechnologies.com
Will match: Anything.akamaitechnologies.com
Examples:
a.akamaitechnologies.com
a.b.akamaitechnologies.com
a.b.c.akamaitechnologies.com
a.b.c.d.akamaitechnologies.com
Using more than one wildcard; for example,
*.*.akamaitechnologies.com
Will match: Anything.Anything.akamaitechnologies.com
Note that you must include the second “.”
Examples:
a.b.akamaitechnologies.com
a.b.c.akamaitechnologies.com
a.b.c.d.akamaitechnologies.com
But not: a.akamaitechnologies.com
Selecting SSL expands the control to allow classification of pass-through SSL traffic matching the TLS/SSL server common name. In the Common Name control, specify the common name of a certificate.
To facilitate configuration, you can use wildcards in the name; for example, *.nbttech.com. If you have three origin servers using different certificates such as webmail.nbttech.com, internal.nbttech.com, and marketingweb.nbttech.com, on the server-side SteelHeads, all three server configurations can use the same certificate name *.nbttech.com.
You cannot classify SSL optimized traffic using the Common Name control. Instead, you can create a QoS HTTP rule to match the domain and server name.
Apply these QoS Settings:
 
Service Class Name
Select the latency priority for the class from the drop-down list (highest priority to lowest):
•  Realtime - Specifies real-time traffic class. Give this value to your highest priority traffic: for example, VOIP or video conference.
•  Interactive - Specifies an interactive traffic class: for example, Citrix, RDP, Telnet and SSH.
•  Business Critical - Specifies the high priority traffic class: for example, Thick Client Applications, ERPs, and CRMs.
•  Normal Priority - Specifies a normal priority traffic class: for example, Internet browsing, file sharing, and email.
•  Low Priority - Specifies a low priority traffic class for all traffic that does not fall into any other service class: for example, FTP, backup, replication, other high-throughput data transfers, and recreational applications such as audio file sharing.
•  Best Effort - Specifies the lowest priority.
These are minimum priority guarantees; if better service is available, it is provided. For example, if a class is specified as low priority and the higher priority classes are not active, then the low priority class receives the highest possible available priority for the current traffic conditions. This parameter controls the priority of the class relative to the other classes.
The latency priority describes only the delay sensitivity of a class, not how much bandwidth it is allocated, nor how important the traffic is compared to other classes. Typically, you configure low latency priority for high-throughput, non-packet delay sensitive applications like FTP, backup, and replication.
Add
Adds a rule to the inbound QoS rule list.
Remove Selected
Removes the selected rules.
Move
Select the box next to the name and click Move QoS Rules. Click the arrow next to the desired rule position. The rule moves to the new position.