QoS_Rate-Limit_Guest Network_NAT query_Configuration example

cancel
Showing results for 
Search instead for 
Did you mean: 

QoS_Rate-Limit_Guest Network_NAT query_Configuration example

L1 Bithead

could someone advise me to set rate-limit for guest(10.1.10.0/24) traffic in this topology

 

DNARNI_3-1592498823681.png

 

 

I read the article that We need to apply policy on egress interface always. Hence, for upload, it's on outside interface connected to Internet and for download it is on inside interface (ae) connected to SW

(1) Internet Speed 500 Mbps

(2) Rate-limit for Guest traffic (10.1.10.0/24 GW is on Firewall ae.10 ) to any traffic both download and upload -100 Mbps

(3) All internal IP addresses both Guest and Enterprise Networks are translated to same Public IP 

 

if I want to achieve it, 

(1) Create QoS Profile " MyQos" with Egress max -100 Mbps and I don't add any classes as I know there is no Voice or video from Guest Network Range like below 

DNARNI_5-1592498893400.png

 

(2) apply this to outside interface connected to internet and also to aggregate interface "ae.10 "

 

DNARNI_4-1592498856246.png

 

(3)Create QoS Policy - Here do I need two policies - one from Trust -->untrust zone 

and for download , Untrust --> to Trust

 

also, what IP ranges I need to select in source selection, is it before NAT or post NAT 

 

Thanks in advance

1 REPLY 1

L2 Linker

Hi ,

QOS policy is evalauted before the NAT, so always it should be for  Pre-NAT ip.

 

Thanks,

Ram

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!