QoS policy and QoS mapping
Issue 4 May 2005 181
Therefore, it is not necessary to create a class for all other traffic. If 0% is allocated, the
class is removed from the existing configuration.
Note: When the media interface is configured, the total upstream bandwidth can be
specified in Media Settings and this setting is partitioned to the specified classes.
● Whether Burst is enabled. For each class, the burst capability value can be set to Yes or
No. The default is No. If bursting is configured for a class, when this class becomes
over-limit, it tries to borrow from the unused bandwidth of other classes. If no unused
bandwidth is available, the packets are dropped when the class becomes over-limit.
CAUTION: Allowing bursting in classes that do not contain voice traffic can affect the
availability of bandwidth to voice traffic.
● DSCP values are assigned. The valid range of values is 0-63. The default value is 0. This
indicates that DSCP is not used for classification. Non-zero DSCP values must be unique
among all the classes for one zone because the DSCP value is the only distinguishing
factor once a packet is encrypted and sent of the VPN. For example, if DSCP value 10 is
assigned to the High class for media interface Ethernet0, DSCP value 10 cannot be
assigned to Highest, Medium or Low for Ethernet1. It can be assigned to the High class for
Ethernet 1.
When DSCP value of 0 is specified during configuration, the security gateway generates an
internal non-zero DSCP value within the range of 1-63. The non-zero DSCP value
generated by the security gateway cannot be used in other classes.
● Source Network Objects. Traffic originating from specific networks/hosts can be selected
from existing Network Objects. The source network object specifies the source IP address
of the IP packets in this class.
● Destination Network Objects. Traffic destined to specific networks/hosts can be selected
from existing network objects. The destination network object specifies the destination IP
address of the IP packets in this class.
● Service. Traffic can be specified by predefined or user-configured services. A service
specifies the IP protocol, TCP/UDP source and destination ports to describe the traffic in
this class.
Note: ESP or IKE cannot be assigned with a class as these encrypted packets are
assigned to all the classes based on the DSCP value of the packet.
Note: It is not recommended that a user creates a class with DSCP=, Services=ANY,
and Networks=ANY because it is an ambiguous configuration. All traffic not
assigned to classes is treated as default traffic. Hence it is not necessary to
create such a class.