Hello As I am gradually migrating from MikroTik to Sophos Firewall Home Edition at home due to its more advanced security features, I have some clarifications regarding traffic shaping. Current Setup: I am using a Multi-WAN configuration where both connections are active. Policy-based routing directs specific internal networks to designated ISPs. ISP1 provides speeds of 300–400 Mbps, while ISP2 offers 200–300 Mbps. I have the following questions regarding traffic shaping: 1. Best Practices for Traffic Shaping What are the recommended best practices for implementing traffic shaping in a multi-WAN environment? 2. Mixing Rule-Based and Application-Based QoS Is it possible to have rule-based and application-based QoS effectively in rules and policies? For example: Rule 1: LAN to WAN with application-based QoS Rule 2: LAN to WAN with rule-based QoS What would be the best practice approach for this setup? 3. Individual vs. Shared Bandwidth Usage Types If I set a 50 Mbps limit using the "individual" type, does this allocate 50 Mbps to each user (e.g., for 5 users, 50 Mbps each)? If set as "shared," does this mean all 5 users share the 50 Mbps, assuming all are active? 4. Separate Rules for Each QoS Requirement Do I need to create separate rules for different QoS use cases, such as: Application-based QoS to prioritize video conferencing (e.g., Google Meet, Zoom, Skype, Messenger, Viber). Rule-based QoS to limit bandwidth for specific networks like Guest or IoT? Planned QoS Implementation: Prioritize Video Conferencing Use application-based QoS to prioritize video conferencing applications (e.g., Google Meet, Zoom, Skype, Messenger, Viber) with at least 10–20 Mbps up/down as the highest priority. Limit Game Updates Limit bandwidth for gaming applications (e.g., Steam game updates) to a maximum of 100 Mbps as the second priority. Limit Specific Networks Restrict bandwidth for specific networks (e.g., Guest and IoT) using rule-based QoS to 50 Mbps. Allocate Remaining Bandwidth Assign all other traffic to the third priority, using the remaining available bandwidth I would greatly appreciate your insights and recommendations for refining and implementing these configurations Thanks

Guidance on Traffic Shaping and QoS Configuration in Sophos Firewall Home Edition

Kramnai 8 hours ago

Hello

As I am gradually migrating from MikroTik to Sophos Firewall Home Edition at home due to its more advanced security features, I have some clarifications regarding traffic shaping.

Current Setup:

I am using a Multi-WAN configuration where both connections are active.
Policy-based routing directs specific internal networks to designated ISPs.
ISP1 provides speeds of 300–400 Mbps, while ISP2 offers 200–300 Mbps.

I have the following questions regarding traffic shaping:

1. Best Practices for Traffic Shaping

What are the recommended best practices for implementing traffic shaping in a multi-WAN environment?

2. Mixing Rule-Based and Application-Based QoS

Is it possible to have rule-based and application-based QoS effectively in rules and policies? For example:
- Rule 1: LAN to WAN with application-based QoS
- Rule 2: LAN to WAN with rule-based QoS
What would be the best practice approach for this setup?

3. Individual vs. Shared Bandwidth Usage Types

If I set a 50 Mbps limit using the "individual" type, does this allocate 50 Mbps to each user (e.g., for 5 users, 50 Mbps each)?
If set as "shared," does this mean all 5 users share the 50 Mbps, assuming all are active?

4. Separate Rules for Each QoS Requirement

Do I need to create separate rules for different QoS use cases, such as:
- Application-based QoS to prioritize video conferencing (e.g., Google Meet, Zoom, Skype, Messenger, Viber).
- Rule-based QoS to limit bandwidth for specific networks like Guest or IoT?

Planned QoS Implementation:

Prioritize Video Conferencing
- Use application-based QoS to prioritize video conferencing applications (e.g., Google Meet, Zoom, Skype, Messenger, Viber) with at least 10–20 Mbps up/down as the highest priority.
Limit Game Updates
- Limit bandwidth for gaming applications (e.g., Steam game updates) to a maximum of 100 Mbps as the second priority.
Limit Specific Networks
- Restrict bandwidth for specific networks (e.g., Guest and IoT) using rule-based QoS to 50 Mbps.
Allocate Remaining Bandwidth
- Assign all other traffic to the third priority, using the remaining available bandwidth

I would greatly appreciate your insights and recommendations for refining and implementing these configurations

Thanks

Edited TAGs
[edited by: Erick Jan at 7:47 AM (GMT -8) on 12 Dec 2024]