Define DSCP Match/Mark rules in QoS Policy elements

Read or write DSCP markers to communicate traffic priorities with other network equipment in your environment.

For more details about the product and how to configure features, click Help or press F1.

Steps

  1. Select Configuration.
  2. Browse to Policies > QoS Policies.
  3. Right-click the policy you want to edit, then select Edit QoS policy.
    The QoS Policy opens in the Policy Editing view.
  4. Click the DSCP Match/Mark tab in the QoS Policy.
  5. Right-click the ID cell of an existing rule, then select Add Rule Before or Add Rule After or the ID cell of the Not Classified rule, then select Add Rule.
    A new blank rule is added.
  6. Click the QoS Class cell in the new rule, then select the QoS Class.
  7. Define how the Secure SD-WAN Engine reads or writes DSCP codes for traffic in this QoS Class using the available options.
  8. Save the QoS Policy.
  9. Refresh the Secure SD-WAN Engine’s policy to transfer the changes.

QoS Policy Editing view

Use this view to edit a QoS Policy element.

Option Definition
Resources Use this pane to create and add elements to the policy.
Search Opens a search field for the selected element list.
Up (Backspace) Navigates up one level in the navigation hierarchy. Not available at the top level of the navigation hierarchy.
New Opens the associated dialog box to create an element.
Tools Show Deleted Elements — Shows elements that have been moved to the Trash.
Option Definition
Policy Toolbar
Save Saves the changes.
Undo operation Undoes the last change made.
Redo operation Redoes the last change that was undone.
Tools
Expand Rule Sections If you have added Rule Sections, they are expanded.
Collapse Rule Sections If you have added Rule Sections, and they are expanded, they are all collapsed.
Option Definition
QoS tab
ID

An identifier that shows the order of the rules. The number changes as you add, remove, and move rules.

Right-clicking this type of cell opens these menu items:
  • Properties — Opens the Rule Properties dialog box.
  • Cut Rule — Copies the rule to the clipboard and deletes the rule from the policy.
  • Copy Rule — Copies the rule from the policy.
  • Paste — Pastes the rule into the policy.
  • Delete Rule — Deletes the rule from the policy.
  • Disable Rule — Temporarily disables the rule without deleting it.
  • Add Rule Before — Adds the new rule before the selected rule or section.
  • Add Rule After — Adds the new rule after the selected rule or section.
  • Add Rule Section Before — Creates a collapsible section before the selected rule or section.
  • Add Rule Section After — Creates a collapsible section after the selected rule or section.
  • Move Rule Up — Moves the rule position up on the list.
  • Move Rule Down — Moves the rule position down on the list.
QoS Class

A list of the defined QoS Classes, which match the QoS rules to traffic. The QoS Class is assigned to traffic in Access rules or through the DSCP Match cell in the QoS Policy.

Right-clicking this type of cell opens these menu items:
  • Edit QoS Class — Allows you to define the QoS Class.
  • Properties — Opens the element Properties dialog box.
  • Copy — Copies the QoS Class.
  • Rule — Opens a menu of list items for the cell.
  • References — Shows all rules that reference the selected element.
Guarantee

Sets the minimum bandwidth given to this type of traffic under any conditions. The guarantee can be set in kilobits per second or as a percentage of the available bandwidth.

  • Edit Limit — Allows you to edit the cell content.
  • Clear Cell — Removes the cell content.
  • Rule — Opens a menu of list items for the cell.
Limit

Sets the maximum bandwidth that this type of traffic is allowed to consume at any single moment as kilobits per second or as a percentage of the available bandwidth.

  • Edit Limit — Allows you to edit the cell content.
  • Clear Cell — Removes the cell content.
  • Rule — Opens a menu of list items for the cell.
Priority Assigns this type of traffic a number that determines the order in which the Secure SD-WAN Engine sends packets onwards if there is not enough bandwidth available to send all packets onwards directly, so that packets have to be queued. The priority is a number between 1 (highest priority) and 16 (lowest priority). Higher-priority packets are inserted in the queue ahead of any lower-priority packets already in the queue.
  • Edit Priority — Allows you to edit the cell content.
  • Clear Cell — Removes the cell content.
  • Rule — Opens a menu of list items for the cell.
Weight

The weight of the QoS Class controls the distribution of bandwidth between QoS Classes with the same priority after the Guarantees for the QoS Classes are reached. The weight of the QoS Class is entered as a value from 0 to 100. The relative weight of each QoS Class is displayed in parentheses as a percentage.

  • Edit Weight — Allows you to edit the cell content.
  • Clear Cell — Removes the cell content.
  • Rule — Opens a menu of list items for the cell.
Latency

The average time packets are held in the queue for Active Queue Management (AQM). The Secure SD-WAN Engine makes a best effort to handle the packets within the specified time, but the Latency value is not a guarantee.

  • Edit Latency — Allows you to edit the cell content.
  • Clear Cell — Removes the cell content.
  • Rule — Opens a menu of list items for the cell.
Comment

An optional free-form comment for your own reference.

Right-clicking this type of cell opens these menu items:
  • Edit Comment — Opens a text area that allows you to edit the comment.
  • Clear Cell — Removes the cell content.
  • Rule — Opens a menu of list items for the cell.
Rule Name
Contains a rule tag and optionally a rule name.
  • Name (Optional) — Name or description for the rule. Displayed alongside the rule tag.
  • Tag (Not editable) — Automatically assigned unique identification for the rule. Works as a link between the log entries and the rule that has generated the log entries. The rule tag consists of two parts (for example, @20.1). The first part of the tag is permanent and belongs to only that rule. The second part changes when the rule is changed. The first part and the second part are separated by a period.
Right-clicking this type of cell opens these menu items:
  • Edit Rule Name — Opens a text area for editing the rule name.
  • Clear Cell — Removes the cell content.

  • Properties — Opens the Rule Properties dialog box.

  • Remaining list items are the same as for the ID cell.
Option Definition
DSCP Match/Mark tab
ID

An identifier that shows the order of the rules. The number changes as you add, remove, and move rules.

Right-clickingthis type of cell opens these menu items:
  • Properties — Opens the Rule Properties dialog box.
  • Cut Rule — Copies the rule to the clipboard and deletes the rule from the policy.
  • Copy Rule — Copies the rule from the policy.
  • Paste — Pastes the rule into the policy.
  • Delete Rule — Deletes the rule from the policy.
  • Disable Rule — Temporarily disables the rule without deleting it.
  • Add Rule Before — Adds the new rule before the selected rule or section.
  • Add Rule After — Adds the new rule after the selected rule or section.
  • Add Rule Section Before — Creates a collapsible section before the selected rule or section.
  • Add Rule Section After — Creates a collapsible section after the selected rule or section.
  • Move Rule Up — Moves the rule position up on the list.
  • Move Rule Down — Moves the rule position down on the list.
QoS Class

A list of the defined QoS Classes, which match the QoS rules to traffic. The QoS Class is assigned to traffic in Access rules or through the DSCP Match cell.

Right-clicking this type of cell opens these menu items:
  • Edit QoS Class — Allows you to define the QoS Class.
  • Properties — Opens the element Properties dialog box.
  • Copy — Copies the QoS Class.
  • Rule — Opens a menu of list items for the cell.
  • References — Shows all rules that reference the selected element.
DSCP Match

Assigns the rule’s QoS Class to traffic when the DSCP code (ToS field) defined in this cell is seen in traffic. The value specified in this cell is the only option that is applied on the interface that the packets use to enter the Secure SD-WAN Engine.

Right-clicking this type of cell opens these menu items:
  • Edit DSCP Match — Allows you to select a value for the cell.
  • Clear Cell — Removes the cell content.
  • Remaining list items are the same as for the ID cell.
DSCP Mark

Defines the DSCP code (ToS field) that is written to packets that match this DSCP Match/Mark rule when the packets exit the Secure SD-WAN Engine. The DSCP Mark allows you to communicate the priority of this traffic to other devices that support QoS. You can also use the cell to clear the DSCP classification set by other devices by entering 0 as the value (shown in the policy as 0x00).

Right-clicking this type of cell opens these menu items:
  • Edit DSCP Mark — Allows you to select a value for the cell.
  • Clear Cell — Removes the cell content.
  • Remaining list items are the same as for the ID cell.
Comment

An optional comment for your own reference.

Right-clicking this type of cell opens these menu items:
  • Edit Comment — Opens a text area that allows you to edit the comment.
  • Clear Cell — Removes the cell content.
  • Rule — Opens a menu of list items for the cell.
Rule Name
Contains a rule tag and optionally a rule name.
  • Name (Optional) — Name or description for the rule. Displayed alongside the rule tag.
  • Tag (Not editable) — Automatically assigned unique identification for the rule. Works as a link between the log entries and the rule that has generated the log entries. The rule tag consists of two parts (for example, @20.1). The first part of the tag is permanent and belongs to only that rule. The second part changes when the rule is changed. The first part and the second part are separated by a period.
Right-clicking on this type of cell opens these menu items:
  • Edit Rule Name — Opens a text area that allows you to edit the rule name.
  • Clear Cell — Removes the cell content.
  • Remaining list items are the same as for the ID cell.
Option Definition
General tab
Name The name of the rule.
Rule Tag The rule's tag.
Comment An optional comment for your own reference.
Rule Info tab The rule cells and their values.
History
  • Creator — Shows the administrator who created the rule.
  • Created — Shows the time when the rule was created.
  • Modifier — Shows the administrator who modified the rule.
  • Modified — Shows the time when the rule was modified.
  • Audit History — Opens the Logs view and displays the audit log data for traffic that matches the rule.