Chapter 10: Traffic Management
This chapter describes how NetDefendOS can manage network traffic.
• Traffic Shaping, page 776
• IDP Traffic Shaping, page 798
• Threshold Rules, page 803
• Server Load Balancing, page 807
10.1. Traffic Shaping
10.1.1. Overview
QoS with TCP/IP
A weakness of TCP/IP is the lack of true Quality of Service (QoS) functionality. QoS is the ability to
guarantee and limit network bandwidth for certain services and users. Solutions such as the
Differentiated Services (DiffServ) architecture have been designed to try and deal with the QoS
issue in large networks by using information in packet headers to provide network devices with
QoS information.
NetDefendOS DiffServ Support
NetDefendOS supports the DiffServ architecture in the following ways:
• NetDefendOS forwards the 6 bits which make up the DiffServ Differentiated Services Code
Point (DSCP).
• As described later in this chapter, DSCP bits can be used by the NetDefendOS traffic shaping
subsystem as a basis for prioritizing traffic passing through the NetDefend Firewall.
It is important to understand that NetDefendOS traffic shaping does not add new DiffServ
information as packets traverse a NetDefend Firewall. The NetDefendOS traffic shaping priorities
described later in this chapter are for traffic shaping within NetDefendOS only and are not
translated into DiffServ information that is then added to packets.
776
To Next Page
Loading...
