This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Is QoS working?

Hello everyone,

This is our first implementation of QoS so perhaps more experienced members can confirm that is all is setup right. We have worked with Support and it seems like all the settings are correct but our Data network spikes past the limits set by QoS.

We want to limit all data traffic for internal LAN traffic (Data QoS) to 5-7Mbps. However we are seeing spikes to full 10Mpbs in utilization.

QoS (WAN = 10/10Mps)

Utilization

Traffic Selectors

Each selectors is a different subnet with VLANed interface - all is well internally with DHCP and traffic separation.

Bandwidth Pools

Data Pool 

So what gives? How is it that our Data Pool can be consuming full 10Mbps?

Thank you!



This thread was automatically locked due to age.
  • Your settings are correct. QoS flakes out once in a while if you are using web proxy etc because the proxy is actually sending and receiving on behalf of the internal network so the internal network rules don't work when sending traffic externally. I usually try to use application control to limit traffic and it works great. I just tested what you are trying and seems that it works correctly if you apply download throttling instead of data pools (maybe they broke it in one of the firmware updates and nobody complained[:(] )

    Leave everything like it is, turn off your data pool rule. Then go under download throttling and recreate the same rule but on internal network.

    This will actually throttle the traffic leaving the internal interface and will be throttled. Since you have support contract, file this as a bug also so they are aware of it. Keep in mind that if you are running any servers like smtp etc, that connection may not get throttled using this method since the message is first queued in the smtp proxy spool before it is delivered.

  • Hi Billybob,

    Thank you for confirming this. I will definitely file the bug. After looking over more reports it does seems that traffic outbound is what is causing the spillover.

    For the record we running on firmware version: 9.405-5 at the time.

    What about the other data pools? Should I also disable them in Bandwidth and convert over to the Download Throttling rules applying to their own respectful interfaces? They are just not getting hit hard enough to make the difference right now or be measured so I am not sure they are working.

    Thanks so much.

    Here are two 2 graphs of interest to support the case.

    Network Usage - weekly

    You can see Inbound traffic respecting the QoS while Outbound uses all available.

    Network Usage - monthly

    Graphing is done based on QoS max setting (6-7Mbps) but the actual bandwidth values are still consuming as much bandwidth as available at the time (10-13Mbps).

  • I guess you got my response via email and it still hasn't posted on the board. Sophos automatically marks ALL MY POSTS as spam (thanks guys) and the mod has to manually clear them. 

    In any case, you can use bandwidth pools if you like, I use them mostly since you can define upper and lower limits for guaranteed QoS. Download throttling is more suitable for sharing/limiting available bandwidth and was initially introduced because some people had hard time figuring out bandwidth pools. I would leave your download rules as they are since they are already working and tweak the outbound bandwidth only.

    Regards

    Bill

  • Hi Bill,

    Thanks for the follow up. Yes I did see your post here and then it vanished. Still getting the hang of this community and SSO, not quite like other forums...anyhow.

    Thank you again for confirming, I was under impression that QoS would also limit the bandwidth - I wasn't ware that both have to be implemented to truly control the flow. Should I replicate the same Bandwidth Pools values and create Throttle Rules for each?

  • After adding the limit to Throttling up I still see spikes past the set value of 7Mpbs. Not sure if I am missing something. 

    Thank you.

  • Well, I finally got a chance to work with support and after some testing consensus was that Bandwidth Pools is sort of best effort and min. bandwidth guarantee and it fails when controlling downloads. Which, to me, beats the whole purpose of QoS if users(networks) can trigger a large file download and consume the full WAN link. What good is the "guaranteed" bandwidth value if you can't impose it in both directions? So is QoS actually working? Maybe, but seems useless without throttling.

    So the solution was to:

    1. Enable every interface under Status, being concerned only with WAN's true speed.

    2. Create traffic selectors for Both Upload and Download to be used for Throttling on each network/interface.

    3. Then on the Bandwidth Throttling apply the Download Throttling on the External Interface for Downloads, and on the Internal interface for Uploads - repeat for each of the internal interfaces/networks to control Uploads. This took me a bit to digest, use of "(up)" naming for each interface was confusing.

    External Interface 

    Internal (up) = "Data"

    It seems to be a long way around to get this to work but it checks out, hopefully someone can chime in with a more elegant way if there is one.