Introduction to QoS

Hillstone provides quality of service (QoS) which guarantees the customer's network performance, manages and optimizes the key bandwidth for critical business traffic, and helps the customer greatly in fully utilizing their bandwidth resources.

QoS is used to provide different priorities to different traffic, in order to control the delay and flapping, and decrease the packet loss rate. QoS can assure the normal transmission of critical business traffic when the network is overloaded or congested.

QoS is controlled by license. To use QoS, apply and install the QoS license.

QoS Implement

The packets are classified and marked after entering the system from the ingress interface. For the classified and marked traffic, the system will smoothly forward the traffic through shaping mechanism, or drop the traffic through policing mechanism. If selecting shaping mechanism to forward the traffic, the congestion management and congestion avoidance mechanisms give different priorities to different types of packets so that the packets of higher priority can pass the gateway earlier to avoid network congestion.

In general, QoS include:

Classification and marking mechanism: Classification and marking is the process of identifying the priority of each packet. This is the first step of QoS.
Policing and shaping mechanisms: Policing and shaping mechanisms are used to identify traffic violation and make responses. The policing mechanism checks traffic in real time, and takes immediate actions according to the settings when it discovers violation. The shaping mechanism works together with queuing mechanism. It sends all traffic to one interface and make sure that the traffic will never exceed the defined flow rate so that the traffic can go through that interface smoothly.
Congestion management mechanism: Congestion management mechanism uses queuing theory to solve problems in the congested interfaces. As the data rate can be different among different networks, congestion may happen to both wide area network (WAN) and local area network (LAN). Only when an interface is congested will the queuing theory begin to work.
Congestion avoidance mechanism: Congestion avoidance mechanism is a supplement to the queuing algorithm, and it also relies on the queuing algorithm. The congestion avoidance mechanism is designed to process TCP-based traffic.

QoS in Hillstone Devices

By configuring pipes, Hillstone devices implement QoS. Pipe, which is a virtual concept, represents the bandwidth of transmission path. The system classifies the traffic by using the pipe as the unit, and control the traffic crossing the pipes according to the actions defined for the pipes. For all traffic crossing the device, they will flow into virtual pipes according to the traffic matching conditions they match. If the traffic does not match any condition, they will flow into the default pipe predefined by the system.

Pipes, except the default pipe, include two parts of configurations: traffic matching conditions and traffic management actions:

Traffic matching conditions: Defines the traffic matching conditions to classify the traffic crossing the device into matched pipes. The system will limit the bandwidth to the traffic that matches the traffic matching conditions.
Traffic management actions: Defines the actions adopted to the traffic that has been classified to a pipe. The data stream control includes the forward control and the backward control. Forward control controls the traffic that flows from the source to the destination; backward control controls the traffic flows from the destination to the source.

Note: You can define multiple traffic matching conditions to a pipe. The logical relation between each condition is OR. When the traffic matches a traffic matching condition of a pipe, it will enter this pipe. If the same conditions are configured in different root pipes, the traffic will first match the root pipe listed at the top of the Level-1 Control list in the Policy > QoS page.

Multiple-level Pipes

To provide flexible configurations, the system supports the multiple-level pipes. Configuring multiple-level pipes can limit the bandwidth of different applications of different users. This can ensure the bandwidth for the key services and users. Pipes can be nested to at most four levels. Sub pipes cannot be nested to the default pipe. The logical relation between pipes is shown as below:

Notes：

You can create multiple root pipes that are independent individually. At most three levels of sub pipes can be nested to the root pipe.
For the sub pipes at the same level, the total of their minimum bandwidth cannot exceed the minimum bandwidth of their upper-level parent pipe, and the total of their maximum bandwidth cannot exceed the maximum bandwidth of their upper-level parent pipe.
If you have configured the forward or backward traffic management actions for the root pipe, all sub pipes that belongs to this root pipe will inherit the configurations of the traffic direction set on the root pipe.
The root pipe that is only configured the backward traffic management actions cannot work.

The following chart illustrates the application of multiple-level pipes in a company. The administrator can create the following pipes to limit the traffic:

Create a root pipe to limit the traffic of the office located in Beijing.
Create a sub pipe to limit the traffic of its R&D department.
Create a sub pipe to limit the traffic of the specified applications so that each application has its own bandwidth.
Create a sub pipe to limit the traffic of the specified users so that each user owns the defined bandwidth when using the specified application.

Process of QoS

The system supports two-level traffic control: level-1 control and level-2 control. In each level, the traffic control is implemented by pipes. Traffic that is dealt with by level-1 control flows into the level-2 control, and then the system performs the further management and control according to the pipe configurations of level-2 control. After the traffic flows into the device, the process of QoS is shown as below:

According to the chart above, the process of traffic control is described below:

The traffic first flows into the level-1 control, and then the system classifies the traffic into different pipes according to the traffic matching conditions of the pipe of level-1 control. The traffic that cannot match any pipe will be classified into the default pipe. If the same conditions are configured in different root pipes, the traffic will first match the root pipe listed at the top of the Level-1 Control list in the Policy > QoS page. After the traffic flows into the root pipe, the system classifies the traffic into different sub pipes according to the traffic matching conditions of each sub pipe.
According to the traffic management actions configured for the pipes, the system manages and controls the traffic that matches the traffic matching conditions.
The traffic dealt with by level-1 control flows into the level-2 control. The system manages and controls the traffic in level-2 control. The principle of traffic matching, management and control are the same as the one of the level-1 control.
Complete the process of QoS.

Note: The disabled levels or pipes will not take effect during the QoS process. The unavailable pipes will not take effect as well.

Related Topics:

QoS Configuration