NETGEAR FVS318G Modem User Manual


 
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual
Firewall Protection and Content Filtering 4-27
v1.1, August 2010
A ToS priority for traffic passing through the VPN firewall is one of the following:
Normal-Service. No special priority given to the traffic. The IP packets for services with this
priority are marked with a ToS value of 0.
Minimize-Cost. Used when data has to be transferred over a link that has a lower “cost”. The
IP packets for services with this priority are marked with a ToS value of 1.
Maximize-Reliability. Used when data needs to travel to the destination over a reliable link
and with little or no retransmission. The IP packets for services with this priority are marked
with a ToS value of 2.
Maximize-Throughput. Used when the volume of data transferred during an interval is
important even if the latency over the link is high. The IP packets for services with this priority
are marked with a ToS value of 4.
Minimize-Delay. Used when the time required (latency) for the packet to reach the destination
must be low. The IP packets for services with this priority are marked with a ToS value of 8.
Creating Bandwidth Profiles
Bandwidth limiting determines the way in which data is communicated with your host. The
purpose of bandwidth limiting is to provide a method for limiting traffic, thus preventing LAN
users from consuming all the bandwidth on your broadband link. Bandwidth limiting does not
apply to the DMZ interface.
For example, when a new connection is established by a device, the device will locate the firewall
rule corresponding to the connection.
If the rule has a bandwidth profile specification, then the device will create a bandwidth class
in the kernel.
If multiple connections correspond to the same firewall rule, they will share the same class.
An exception occurs for an individual bandwidth profile if the classes are per source IP. The source
IP is the IP of the first packet of the connection:
The class is deleted when all the connections using the class expire.