QoS bandwidth management allows you to control traffic
flows on a network so that traffic does not exceed network capacity
(resulting in network congestion) and also allows you to allocate
bandwidth for certain types of traffic and for applications and
users. With QoS, you can enforce bandwidth for traffic on a narrow
or a broad scale. A QoS profile allows you to set bandwidth limits
for individual QoS classes and the total combined bandwidth for
all eight QoS classes. As part of the steps to
Configure
QoS, you can attach the QoS profile to a physical interface
to enforce bandwidth settings on the traffic exiting that interface—the
individual QoS class settings are enforced for traffic matching that
QoS class (QoS classes are assigned to traffic matching
QoS
Policy rules) and the overall bandwidth limit for the profile
can be applied to all clear text traffic, specific clear text traffic
originating from source interfaces and source subnets, all tunneled
traffic, and individual tunnel interfaces. You can add multiple
profile rules to a single QoS interface to apply varying bandwidth settings
to the traffic exiting that interface.
Egress Guaranteed—The amount of bandwidth
guaranteed for matching traffic. When the egress guaranteed bandwidth
is exceeded, the firewall passes traffic on a best-effort basis. Bandwidth
that is guaranteed but is unused continues to remain available for all
traffic. Depending on your QoS configuration, you can guarantee
bandwidth for a single QoS class, for all or some clear text traffic,
and for all or some tunneled traffic.
Example:
Class
1 traffic has 5 Gbps of egress guaranteed bandwidth, which means
that 5 Gbps is available but is not reserved for class 1 traffic.
If Class 1 traffic does not use or only partially uses the guaranteed
bandwidth, the remaining bandwidth can be used by other classes
of traffic. However, during high traffic periods, 5 Gbps of bandwidth
is absolutely available for class 1 traffic. During these periods
of congestion, any Class 1 traffic that exceeds 5 Gbps is best effort.
Egress Max—The overall bandwidth allocation
for matching traffic. The firewall drops traffic that exceeds the
egress max limit that you set. Depending on your QoS configuration,
you can set a maximum bandwidth limit for a QoS class, for all or
some clear text traffic, for all or some tunneled traffic, and for
all traffic exiting the QoS interface.
The cumulative
guaranteed bandwidth for the QoS profile attached to the interface
must not exceed the total bandwidth allocated to the interface.