notempty
- Corrected portfilter rule
Network interfaces
The automatic or user-defined bandwidth management can be edited under
Depending on the application, it makes sense to select one of the two modes:
Mode: Automatic
In the "Automatic" mode, the prioritization information of the data packets is evaluated.
In addition, a bandwidth management can be done in this mode, where the maximum outgoing or incoming bandwidth can be set.
The note Recommended is located on the interface where the zone external is located. By clicking Edit the interface can be edited.
Once the settings have been saved, the data packets are now automatically classified on the basis of the ToS (Type of Service) or DSCP (Differentiated Services Code Point) information. The priority of the individual data packets is therefore determined by the applications.
The traffic is split into three queues:
- High Priority
- Normal Priority
- Low Priority
The queues are then processed with different priority.
The allocation is based on the following criteria:
Priorität: | ToS-Feld: |
---|---|
High (Minimum delay) | 0xb8, 0x10 |
Low (Maximum data throughput) | 0x08 |
Normal | Everything else |
Mode: User-defined
In " User-defined" mode, the bandwidth can be managed with the help of parent and child profiles. It is also possible to limit the bandwidth in the portfilter rules for specific services.
It is important that this is the actual bandwidth and not the data specified by the provider with the addition "up to". After all, the actual available bandwidth can be subject to strong fluctuations depending on the time of day, so the values that the provider specifies as the minimum available bandwidth must be entered here.
Profiles
At this point it is important to be aware of from where to where the data load takes place. The queue for bandwidth limiting is always attached to the interface on which the host that is to receive the data is located. The queue is defined in the parent profile.
Profiles can be created under Tab Profiles Button :
- First the parent-profile must be created.
- The parent-profile is added to the list with .
- Secondly, the child-profile must be created.
- Now the previously created parent profile can be selected from the drop-down menu as Parent:.
- The linked child-profile is added with Save.
- Now both profiles are displayed connected in the profile overview.
- In the parent-profile the total bandwidth is defined and in the child-profile the bandwidth that needs to be available for the later created rule.
- Then you can switch to the Network interfaces tab.
- Here the desired network interface for the parent-profile can be selected and edited by clicking on .
- Click to assign the parent-profile.
- If all settings were successful, the overview now shows "Upload-Parent" behind the assigned network interface.
- Click to finally create and set the parent-child profile.
Regulate upload or download
If the upload or download is to be regulated, a parent and a child profile are required:
- A parent-child profile for the upload must be created as already explained above.
- In the case of a parent-child profile that deals with the download, the download bandwidth promised by the provider must be entered.
- In the child profile, which regulates the download, identical values must be entered for Min: and Max:.
Portfilter rules
Finally, click Portfilter Button to create a suitable portfilter rule.
A port filter rule is required, which for QOS always has "internal-network" as the source and "internet" as the destination.
The portfilter rule for the download, if existing, then looks like this:
# | Source | Destination | Service | QoS | Action | Active | |||
4 | internal-network | internet | voip | On | |||||
In any case, additional portfilter rules must be created or exist to allow traffic between source and destination with the required ports.
Help for this can be found under Portfilter.