Watchguard V10 User Manual page 227

work. When severe network congestion occurs, all traffic is
affected equally.
The Firebox Vclass security appliance offers two Quality-
of-Service (QoS) features that enable you to assign more
bandwidth to your most valuable traffic.
The QoS features implemented in Firebox Vclass appli-
ances include Weighted Fair Queuing (WFQ), Type of Ser-
vice (TOS) marking, and port shaping.
The WFQ algorithm
TOS marking
Port shaping
Firebox Vclass User Guide
This data queueing technique allows you to assign
a relative bandwidth ratio for specific types of
traffic with different weights. For example, data
exchanges between the corporate center and
branch offices can be allotted a weight of 20 while
Internet traffic is given a weight of 4. During
periods of extreme network congestion, the traffic
between HQ and branch offices will benefit from
five times more bandwidth than that allowed to
outbound Internet data.
This allows you to overwrite the TOS byte value in
the IP header of qualified packets. These TOS
values can be used by routers that recognize TOS
precedence/DTR bits or by routers that implement
Differentiate Services Code Point (DCP) so that they
can prioritize packets during routing.
This allows you to restrict the bandwidth of
outgoing traffic directed through interface 0 or
interface 1. Typically, interface 0 is connected to the
private network with higher capacity connections
than interface 1, which is usually connected to the
Internet through a lower-capacity T1 line. In such a
case, packets in outgoing traffic are dropped due to
the physical limitations of the internal-to-external
connection. With port shaping, you can restrict the
overall capacity of interface 1 to match the actual
Using Quality of Service (QoS)
195