Filter
Top Products
ZyWALL 110/310/1100 Series User’s Guide 349
CHAPTER 25
Bandwidth Management
25.1 Overview
Bandwidth management provides a convenient way to manage the use of various services on the
network. It manages general protocols (for example, HTTP and FTP) and applies traffic prioritization
to enhance the performance of delay-sensitive applications like voice and video.
25.1.1 What You Can Do in this Chapter
Use the BWM screens (see Section 25.2 on page 353) to control bandwidth for services passing
through the ZyWALL, and it identifies the conditions that refine this.
25.1.2 What You Need to Know
When you allow a service, you can restrict the bandwidth it uses. It controls TCP and UDP traffic.
Use policy routes to manage other types of traffic (like ICMP).
Note: Bandwidth management in policy routes has priority over policy routes to manage
the bandwidth of TCP and UDP traffic.
If you want to use a service, make sure both the firewall allow the service’s packets to go through
the ZyWALL.
Note: The ZyWALL checks firewall rules before it checks bandwidth management rules for
traffic going through the ZyWALL.
Bandwidth management examines every TCP and UDP connection passing through the ZyWALL.
Then, you can specify, by port, whether or not the ZyWALL continues to route the connection.
DiffServ and DSCP Marking
QoS is used to prioritize source-to-destination traffic flows. All packets in the same flow are given
the same priority. CoS (class of service) is a way of managing traffic in a network by grouping
similar types of traffic together and treating each type as a class. You can use CoS to give different
priorities to different packet types.
DiffServ (Differentiated Services) is a class of service (CoS) model that marks packets so that they
receive specific per-hop treatment at DiffServ-compliant network devices along the route based on
the application types and traffic flow. Packets are marked with DiffServ Code Points (DSCPs)
indicating the level of service desired. This allows the intermediary DiffServ-compliant network
devices to handle the packets differently depending on the code points without the need to
negotiate paths or remember state information for every flow. In addition, applications do not have
to request a particular service or give advanced notice of where the traffic is going.