QoS rules direction

[Jay_D]

Hi,

this probably sounds like a noob-question, but I am doubting:
I want to limit Outlook RPC over HTTPS (Outlook Anywhere) communication. This traffic goes from somewhere on the internet to a DMZ server. This DMZ server then sends the traffic to the client on the internet.
The security rule for this is
any to DMZ-server for service https allow.
Of course this rule allows the return traffic to go to the client.
Is the same true for QoS rules?
Is a rule from any to DMZ-server for service https limit 512 kbit enough? Or should I also create a rule from DMZ-server to WAN limit 512 kbit?

I got doubts and want to be certain....the bulk of the traffic is sent as a reply to a connection initiated from the internet so I assume a QoS rule just like the security rule is sufficient?

TIA,
JD.

[chillyjim]

I'm no Floodgate expert but I've always been under the impression you would write the rules in the same direction as the firewall rules, so:

any -> DMV-server https limit 521

[MarioL]

Yeah, that rule should do the trick.

I don't usually recommend using limits though. If you use just the priorities you will make the best possible use of available bandwidth, so I don't really see a reason to limit stuff.

[Jay_D]

Thanks all for your reply.

I sometimes prefer limits because this always works. If you have http and smtp going at the same time, then Floodgate doesn't seem to give more bandwidth to http. It's as if some time has is needed to lower the bandwidth for smtp but by the time that's done, the http requests is no longer needed.
Maybe weights are good for traffic that take some time like a download/upload more for those spikes like normal browsing, I don't think it works very well.

I always limit smtp as this eats bandwidth and nobody cares if a mail arrives in 1 second or 10 minutes, as long as it arrives.