Enable QoS Marking and Prioritization in a Policy

In addition to marking the traffic that leaves a device interface, you can also mark traffic on a per-policy basis. The marking action you select is applied to all traffic that uses the policy. Multiple policies that use the same marking actions have no effect on each other. Device interfaces can also have their own QoS Marking settings. To use QoS Marking or prioritization settings for a policy, you must override any per-interface QoS Marking settings.

  1. Select Firewall > Firewall Policies or Firewall > Mobile VPN Policies.
    The Policies page appears.
  2. Click the name of the policy you want to edit.
  3. Select the Advanced tab.
  4. To enable the other QoS and prioritization options, select the Override per-interface settings check box.
  5. Configure the settings as described in the subsequent sections. The available settings depend on the policy type.
  6. Click Save.

QoS Marking Settings

The available QoS marking settings depend on the policy type. The H.323 and SIP ALGs have different QoS marking settings than other policies. All policies support DSCP and IP Precedence marking types and these marking methods.

Configure QoS Marking for a Packet Filter or Proxy Policy

  1. From the Marking Type drop-down list, select either DSCP or IP Precedence.
  2. From the Marking Method drop-down list, select the marking method

Policy configuration showing QoS per-interface override settings

  1. If you selected Assign in the previous step, from the Value drop-down list, select a marking value.
    If you selected the IP Precedence marking type you can select values from 0 (normal priority) through 7 (highest priority).
    If you selected the DSCP marking type, the values are 0–56.
  2. From the Prioritize Traffic Based On drop-down list, select QoS Marking.

Configure QoS Marking for an H.323-ALG or SIP-ALG

In an ALG, you can assign different marking values to audio, video, and data traffic.

  1. From the Marking Type drop-down list, select either DSCP or IP Precedence.
  2. From the Marking Method drop-down list, select the marking method.

Screen shot of the QoS settings for an application layer gateway

  1. If you selected Assign in the previous step, from the Audio Value, Video Value, and Data Value drop-down lists, select marking values to assign for audio, video and data traffic.
    If you selected the IP Precedence marking type you can select values from 0 (normal priority) through 7 (highest priority).
    If you selected the DSCP marking type, the values are 0–56.

Set a Custom Priority Value

Many different algorithms can be used to prioritize network traffic. Fireware XTM uses the strict priority queuing method to prioritize traffic through your XTM device. Prioritization in Fireware XTM is applied per policy and is equivalent to CoS (class of service) levels 0–7, where 0 is normal priority (default) and 7 is the highest priority. Level 5 is commonly used for streaming data such as VoIP or video conferencing. Reserve levels 6 and 7 for policies that allow system administration connections to make sure they are always available and avoid interference from other high priority network traffic. Use the Priority Levels table in the subsequent section as a guideline when you assign priorities.

  1. From the Prioritize Traffic Based On drop-down list, select Custom Value.
  2. From the Value drop-down list, select a priority level.

You cannot configure prioritization in H.323-ALG and SIP-ALG policies.

Priority Levels

We recommend that you assign a priority higher than 5 only to network administration policies, such as the WatchGuard policy or the WG-Mgmt-Server policy. Give high priority business traffic a priority of 5 or lower.

Priority Description
0 Routine (HTTP, FTP)
1 Priority
2 Immediate (DNS)
3 Flash (Telnet, SSH, RDP)
4 Flash Override
5 Critical (VoIP)
6 Internetwork Control (Remote router configuration)
7 Network Control (Firewall, router, switch management)

See Also

About QoS Marking

Give Us Feedback  •   Get Support  •   All Product Documentation  •   Knowledge Base