Manualshelf

Quick Reference Guide

ManualsBrandsNetgear ManualsNetworkingSRXN3205
919293949596979899100
ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual
Firewall Security and Content Filtering 5-21
v1.0, January 2010
Setting Quality of Service (QoS) Priorities
The QoS setting determines the priority of a service, which in turn determines the quality of that
service for the traffic passing through the firewall. You can change the QoS Priority:
On the Services screen in the Custom Services Table for customized services (see
Figure 5-11 on page 5-20).
On the Add LAN WAN Outbound Services screen (see Figure 5-2 on page 5-8).
The QoS priority definition for a service determines the queue that is used for the traffic passing
through the VPN firewall. A priority is assigned to IP packets using this service. Priorities are
defined by the “Type of Service (ToS) in the Internet Protocol Suite” standards, RFC 1349. A ToS
priority for traffic passing through the VPN firewall is one of the following:
Normal-Service. No special priority given to the traffic. The IP packets for services with this
priority are marked with a ToS value of 0.
Minimize-Cost. Used when data has to be transferred over a link that has a lower “cost”. The
IP packets for services with this priority are marked with a ToS value of 1.
Maximize-Reliability. Used when data needs to travel to the destination over a reliable link
and with little or no retransmission. The IP packets for services with this priority are marked
with a ToS value of 2.
Maximize-Throughput. Used when the volume of data transferred during an interval is
important even if the latency over the link is high. The IP packets for services with this priority
are marked with a ToS value of 4.
Minimize-Delay. Used when the time required (latency) for the packet to reach the destination
must be low. The IP packets for services with this priority are marked with a ToS value of 8.
Creating Bandwidth Profiles
Bandwidth limiting determines the way in which data is communicated with your host. The
purpose of bandwidth limiting is to provide a method for limiting traffic, thus preventing LAN
users from consuming all the bandwidth on your WAN link. Bandwidth limiting is done on the
available WAN interface.
As an example: when a new connection is established by a device, the device will locate the
firewall rule corresponding to the connection.
If the rule has a bandwidth profile specification, then the device will create a bandwidth class
in the kernel.
If multiple connections correspond to the same firewall rule, they will share the same class.