SonicWALL 5.8.1 Manuale Utente
Firewall Settings > QoS Mapping
757
SonicOS 5.8.1 Administrator Guide
prioritize the traffic. The Remote Site switch would treat the VoIP traffic the same as the
lower-priority file transfer because of the link saturation, introducing delay—maybe even
dropped packets—to the VoIP flow, resulting in call quality degradation.
lower-priority file transfer because of the link saturation, introducing delay—maybe even
dropped packets—to the VoIP flow, resulting in call quality degradation.
So how can critical 802.1p priority information from the Main Site LAN persist across the
VPN/WAN link to Remote Site LAN? Through the use of QoS Mapping.
VPN/WAN link to Remote Site LAN? Through the use of QoS Mapping.
QoS Mapping is a feature which converts layer 2 802.1p tags to layer 3 DSCP tags so that
they can safely traverse (in mapped form) 802.1p-incapable links; when the packet arrives
for delivery to the next 802.1p-capable segment, QoS Mapping converts from DSCP back
to 802.1p tags so that layer 2 QoS can be honored.
they can safely traverse (in mapped form) 802.1p-incapable links; when the packet arrives
for delivery to the next 802.1p-capable segment, QoS Mapping converts from DSCP back
to 802.1p tags so that layer 2 QoS can be honored.
In our above scenario, the firewall at the Main Site assigns a DSCP tag (e.g. value 48) to
the VoIP packets, as well as to the encapsulating ESP packets, allowing layer 3 QoS to be
applied across the WAN. This assignment can occur either by preserving the existing DSCP
tag, or by mapping the value from an 802.1p tag, if present. When the VoIP packets arrive
at the other side of the link, the mapping process is reversed by the receiving SonicWALL,
mapping the DSCP tag back to an 802.1p tag.
the VoIP packets, as well as to the encapsulating ESP packets, allowing layer 3 QoS to be
applied across the WAN. This assignment can occur either by preserving the existing DSCP
tag, or by mapping the value from an 802.1p tag, if present. When the VoIP packets arrive
at the other side of the link, the mapping process is reversed by the receiving SonicWALL,
mapping the DSCP tag back to an 802.1p tag.
3.
The receiving SonicWALL at the Remote Site is configured to map the DSCP tag range 48-
55 to 802.1p tag 6. When the packet exits the SonicWALL, it will bear 802.1p tag 6. The
Switch will recognize it as voice traffic, and will prioritize it over the file-transfer,
guaranteeing QoS even in the event of link saturation.
55 to 802.1p tag 6. When the packet exits the SonicWALL, it will bear 802.1p tag 6. The
Switch will recognize it as voice traffic, and will prioritize it over the file-transfer,
guaranteeing QoS even in the event of link saturation.
DSCP Marking
DSCP (Differentiated Services Code Point) marking uses 6-bits of the 8-bit ToS field in the IP
Header to provide up to 64 classes (or code points) for traffic. Since DSCP is a layer 3 marking
method, there is no concern about compatibility as there is with 802.1p marking. Devices that
do not support DSCP will simply ignore the tags, or at worst, they will reset the tag value to 0.
Header to provide up to 64 classes (or code points) for traffic. Since DSCP is a layer 3 marking
method, there is no concern about compatibility as there is with 802.1p marking. Devices that
do not support DSCP will simply ignore the tags, or at worst, they will reset the tag value to 0.
The above diagram depicts an IP packet, with a close-up on the ToS portion of the header. The
ToS bits were originally used for Precedence and ToS (delay, throughput, reliability, and cost)
settings, but were later repurposed by RFC2474 for the more versatile DSCP settings.
ToS bits were originally used for Precedence and ToS (delay, throughput, reliability, and cost)
settings, but were later repurposed by RFC2474 for the more versatile DSCP settings.
Bits
Bits
Bits
Version HLength
TOS
Total Length
ID
4
Precendence
Delay
Throughput
Reliability
Cost
MBZ
3
1
Differentiated Services Code Point
Unused
6
2
1
1
1
1
4
8
16
16
IP Packet