Management and Configuration Guide Supplement 4.4.0.50
6
Traffic Classification and QoS Marking
Traffic Classification and QoS Marking
The new QoS marking feature allows client traffic to be filtered based on a
number of criteria, and classified based on the results of the filtering. Classi-
fication can be based on Differentiated Services (DiffServ), IP Precedence or
Type of Service (ToS), or 802.1Q/p settings.
QoS filtering is specified in the Access Policy, so traffic can be filtered and
classified using different rules for different sets of users based on their Identity
or when or how they are connected to the network.
Ingress packet priority settings can be retained, mapped to different priority
settings, or in the case of 802.1Q/p, removed. Client packets can be marked
based on 802.1p, DiffServ, IP Precedence, and ToS standards.
In addition, you can apply VLAN tags based on packet information. which may
be useful for separating application data on the same device. For example, a
mixed-mode device, like a PDA with a soft-phone application, can have data
traffic sent down one VLAN and priority VoIP traffic sent down a different
VLAN.
Ingress packets with VLAN tags can retain their 802.1p settings while their
VLAN ID is replaced.
The VLAN ID and 802.1p priority settings will not be overwritten by the VLAN
ID specified in the Access Policy. However, the QoS Marking capability to
manipulate VLAN tags is not intended as a replacement for the Access Policy’s
forced VLAN tagging option.
To use QoS marking, there are two basic steps:
■ Create a set of named “QoS Markings” that specify the filtering
criteria, and the resultant marking that should occur when the criteria
are met.
Each QoS marking filter is based on a single criteria type, and a matching
value. The filter criteria can be Ingress DiffServ CodePoint, Ingress ToS
setting, Ingress VLAN ID, IP protocol, source and/or destination IP
addresses and ports, client MAC address, user identity, slot/port combi-
nation, 802.1P Priority, or Ethertype.