Quality of Service – FortiBalancer

12.3 QoS Configuration

12.3.1 Configuration Guidelines

Table 12-1 General Settings of QoS

Operation Command
Configure QoS interface qos interface <interface_name> [direction] [bandwidth]
Define QoS queue qos queue root <queue_name> <interface_name> [direction] [bandwidth]

[priority] [borrow] [default]

qos queue sub <queue_name> <parent_queue> [bandwidth] [priority] [borrow] [default]

Define QoS filter rules qos filter <filter_name> <queue_name> < src_addr> <smask> <sport> <dst_addr> <dmask> <dport> <proto> [priority]
Enable QoS qos enable <interface_name> [direction]

 

12.3.2 Configuration Example via CLI

  • Step 1 Define QoS interfaces

FortiBalancer(config)#qos interface port1 OUT 5Mb

FortiBalancer(config)#qos interface port1 IN 5Mb

  • Step 2 Define outgoing QoS queues

FortiBalancer(config)#qos queue root qr_oall port1 OUT 5Mb 3

FortiBalancer(config)#qos queue sub qs_ossh qr_oall 2Mb 3 UNBORROW NONDEFAULT

FortiBalancer(config)#qos queue sub qs_oftp qr_oall 512kb 2 UNBORROW NONDEFAULT FortiBalancer(config)#qos queue sub qs_odeflt qr_oall 8kb 3 UNBORROW DEFAULT

Default queue is for all the other packets which cannot hit any defined queues.

  • Step 3 Define incoming QoS queues

FortiBalancer(config)#qos queue root qr_iall port1 IN 5Mb 3

FortiBalancer(config)#qos queue sub qs_issh qr_iall 2Mb 3 BORROW NONDEFAULT

FortiBalancer(config)#qos queue sub qs_iftp qr_iall 2Mb 2 BORROW NONDEFAULT

FortiBalancer(config)#qos queue sub qs_ideflt qr_iall 8kb 3 BORROW DEFAULT

  • Step 4 Define QoS filter rules

FortiBalancer(config)#qos filter fltr_ftp_o qs_oftp 0.0.0.0 0.0.0.0 0 10.3.54.40 255.255.255.255

0 tcp 2

FortiBalancer(config)#qos filter fltr_ftp_i qs_iftp 10.3.54.40 255.255.255.255 0 0.0.0.0 0.0.0.0 0 tcp 2

FortiBalancer(config)#qos filter fltr_ssh_o qs_ossh 0.0.0.0 0.0.0.0 22 0.0.0.0 0.0.0.0 0 tcp 3

FortiBalancer(config)#qos filter fltr_ssh_i qs_issh 0.0.0.0 0.0.0.0 0 0.0.0.0 0.0.0.0 22 tcp 3

Ø    Step 5 Enable QoS

FortiBalancer(config)#qos enable port1 OUT

FortiBalancer(config)#qos enable port1 IN

 


Having trouble configuring your Fortinet hardware or have some questions you need answered? Check Out The Fortinet Guru Youtube Channel! Want someone else to deal with it for you? Get some consulting from Fortinet GURU!

This entry was posted in Administration Guides, FortiBalancer and tagged , , on by .

About Mike

Michael Pruett, CISSP has a wide range of cyber-security and network engineering expertise. The plethora of vendors that resell hardware but have zero engineering knowledge resulting in the wrong hardware or configuration being deployed is a major pet peeve of Michael's. This site was started in an effort to spread information while providing the option of quality consulting services at a much lower price than Fortinet Professional Services. Owns PacketLlama.Com (Fortinet Hardware Sales) and Office Of The CISO, LLC (Cybersecurity consulting firm).

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.