PDA

View Full Version : how to associate the diff-serv class with a qos policy



sebastan_bach
2008-05-26, 16:48
hi all i am having trouble here with diff-serv clss in qos.

in the dash board from the manager tab i added a qos diff-serv class named it voice. in the topology of the gateway object in the extneral interface i added the voice diff serv class and specified the bandwidth parameters.

now my main doubt that whether the floddgate is gonna mark the packets with the diff-serv markings i specified in the diff-serv class . or will it just match the diff-serv markings set by a downstream router and set the bandwidth on those packets.

cause till here i have not seen anywhere that the dif-serv markings i specified for example AF11 to the class name voice will be actually applied to which traffic.

and how to assciate this diff-serv class in qos policy.

cause in the rules tab of the dashboard to add the qos class above a rule or below a rule.

so this diff-serv markings will be applied to which traffic i am really confused out here .

can somebody pls help me out.

these things are so simple in cisco.

regards

sebastan

Tan Da Boss
2008-05-28, 17:43
Hi Sebastian,

I think you did half of the configuration.
You have already defined your Class of Service (Diffserv - EF for Voice I assume) and you have configured your interface for QOS.

Now, you have to define a QOS policy.

If you haven't added it yet to your configuration, you should click on
File>Add Policy to package and choose QOS then you will have a QOS tab.

Now you have to add this class to your QOS policy by clicking on
Rules>Add QOS Class

Then you have to create the rules for this class, it works like traditional security policy, just have to define source, destination and port. You also have to specify the QOS properties (weight, limit and/or guarantee)

You need to identify all the traffic you wanna mark by creating rules under the "Voice" class. Only the traffic matching the Voice class' rules will be marked!
Check Point doesn't forward DSCP flags (Diffserv marking) when using Check Point's QOS.

I think you should take a look to the QOS.pdf from Check Point for further details. Almost everything is explained.

Hope I bring you some clarifications regarding Diffserv on Check Point.

Cheers

Tan

sebastan_bach
2008-05-28, 18:40
hi tan thanks a lot for ur reply mate.
tan can u tell me something that do we have to create a separate qos policy package for the same. i mean on my smartdashboard i have the qos tab in which i have created some basic qos rules.

now in the dashboard in the rules tab when i click on add qos class it gives 2 options above or below . the in the qos rule page i can see both the best -effort and the voice class out there but it does not allow me to modify the source or destination in that rule.

similarly if i create a empty qos rule and try to add a qos class it again gives the same options above or below.

how can i solve this problem. can u pls help me out. i am just stuck in this part here.

waiting for ur reply mate.

regards

sebastan

Tan Da Boss
2008-05-29, 18:26
Hi Sebastian

I think you try to modify the default rule created by Check Point that's why you cannot modify the source or the destination.

Here is an example of QOS policy.

http://img260.imageshack.us/img260/8316/qosnc1.png

under ToIP, rules "QOS ToIP entrant" and "QOS ToIP sortant" belongs to the "ToIP" Class of service.
It is a diffserv class (EF Flag), so any traffic matching one of these rules, will be tagged with EF flag.
The rule "default" is the automatically created by Check Point, you cannot change the "Any" values of its. The last rule belongs to the "Best Effort" Class of Service.

You just have to add your "Voice" class of service once and create then the rules you need.

Hope that it can unstuck your situation.

Tomorrow I'll be at the office, so I'll have more time if you need.

Cheers

Tan

sebastan_bach
2008-05-29, 18:54
hi tan thanks a lot mate. mate let;s do it step by step.

first i need to set the interface properties of the external interface for qos.

then from manage tab of the dashboard i create a qos class and specify the diff-serv value right.

then from the rules page we need to add the qos class.

here i always even though i specify the specific class still the best effor class also gets added.

in the voice class i did add rule below and in the rule i specify the source and destination and service and specify their limits and guarantees.

am i getting it right tan.

thanks a million friend u have really got me working on this.

thanks once again.

best regards

sebastan

menz456
2010-03-11, 09:40
HI,
Sebastien/Tan.Could you please post some more screenshots of this.
I'm trying to copy this configuration for a first time VPN qos
configuration.
I'm not sure how to create the QOS class rule?

Screenshots would be really helpful.
Even your interface properties would be useful.
I was unsure about lots of things in this. What guarantees to give to the New EF Diffserv class that i created. Also what weighting or gurantees to give the actual rules.
It just seems so difficult at the moment.


What
Many Thanks

Sam

lammbo
2010-03-11, 09:53
HI,
Sebastien.Could you please post some screenshots of this.


Good luck with this, the post is almost 2 years old and I have not seen sebastan_bach online for quite some time.

CBN_IN_NZ
2010-06-22, 05:13
HI,
Sebastien/Tan.Could you please post some more screenshots of this.
I'm trying to copy this configuration for a first time VPN qos
configuration.
I'm not sure how to create the QOS class rule?

Screenshots would be really helpful.
Even your interface properties would be useful.
I was unsure about lots of things in this. What guarantees to give to the New EF Diffserv class that i created. Also what weighting or gurantees to give the actual rules.
It just seems so difficult at the moment.


What
Many Thanks

Sam


Best bet is to download the qos admin/user guide from user centre, has a good rundown..

cheers,

TommyBoay
2010-12-29, 13:11
Diffserv classes are defined on dashboard under :

Manage -> QoS -> QoS Classes

From there, you can choose to create regular classes matching DSCP values AFXX or EF. You can also choose low latency classes that are more CP specific. They will always match strict priority queues on your CP devices.

Please note that you should never prioritize anything above administration or network protocols so be careful with low latency classes.