Fortinet black logo

Handbook

Configuring ToS priority

6.0.0
Copy Link
Copy Doc ID 4afb0436-a998-11e9-81a4-00505692583a:493220
Download PDF

Configuring ToS priority

Type of service (ToS) is an 8-bit field in an IP header that enables you to determine how an IP datagram should be delivered, using delay, throughput, priority, reliability, and cost criteria. Each criteria helps gateways determine the best way to route IP datagrams. A router maintains a ToS value for each route in its routing table. The lowest priority ToS is 0, and the highest is 7 when bits 3, 4, and 5 are all set to 1.

Together these bits are the ToS variable of the tos‑based-priority command. The router tries to match the ToS of the datagram to the ToS on one of the possible routes to the destination. If there's no match, the datagram is sent over a zero ToS route. Using increased quality may increase the cost of delivery because better performance may consume limited network resources.

Each bit represents the priority as defined in RFC 1349:

These priority levels conform to the firewall traffic shaping priorities, as defined in RFC 1349.

  • 1000 - minimize delay
  • 0100 - maximize throughput
  • 0010 - maximize reliability
  • 0001 - minimize monetary cost

Traffic shaping and ToS follow this sequence:

  • The CLI command tos-based-priority acts as a tos-to-priority mapping. FortiOS maps the ToS to a priority when it receives a packet.
  • Traffic shaping settings adjust a packet’s priority according to the traffic.
  • Deliver the packet based on its priority.

Configure Type of Service (ToS) based priority table to set network traffic priorities.

Setting the ToS value

Configure the global ToS priority value – CLI

config system global

set tos-based-priority {high | low | medium}

end

where:

  • tos-based-priority is the priority of theToS priority, which matches firewall traffic shaping priorities. The default is medium. Where highhas a priority value of 0 and low is 2.
Set the ToS value – CLI

If you want to prioritize some ToS bit values differently than the global ToS-based priority, configure the priority for packets with that ToS bit value using the following commands. Priority values configured in this location will override the global ToS-based priority.

config system tos-based-priority

edit <item_ID>

set tos <tos_value>

set priority {low | medium | high}

next

end

where:

  • tos is the value of the ToS bit in the IP datagram header (packet's IP header). The range is 0 to 15.
  • priority is the priority of theToS priority, which matches firewall traffic shaping priorities. The default is medium. Where highhas a priority value of 0 and low is 2.

config system tos-based-priority

edit <id_int>

set tos [0-15]

set priority {high | low | medium}

next

end

Example: Configuring the ToS priority

For example, if you want to configure a FortiGate so that reliability is the first priority, set the ToS value to 4.

config system tos-based-priority

edit 1

set tos 4

set priority high

next

end

Here's another example:

config system tos-based-priority

edit 1

set tos 1

set priority low

next

edit 4

set tos 4

set priority medium

next

edit 6

set tos 6

set priority high

next

end

Configuring ToS priority

Type of service (ToS) is an 8-bit field in an IP header that enables you to determine how an IP datagram should be delivered, using delay, throughput, priority, reliability, and cost criteria. Each criteria helps gateways determine the best way to route IP datagrams. A router maintains a ToS value for each route in its routing table. The lowest priority ToS is 0, and the highest is 7 when bits 3, 4, and 5 are all set to 1.

Together these bits are the ToS variable of the tos‑based-priority command. The router tries to match the ToS of the datagram to the ToS on one of the possible routes to the destination. If there's no match, the datagram is sent over a zero ToS route. Using increased quality may increase the cost of delivery because better performance may consume limited network resources.

Each bit represents the priority as defined in RFC 1349:

These priority levels conform to the firewall traffic shaping priorities, as defined in RFC 1349.

  • 1000 - minimize delay
  • 0100 - maximize throughput
  • 0010 - maximize reliability
  • 0001 - minimize monetary cost

Traffic shaping and ToS follow this sequence:

  • The CLI command tos-based-priority acts as a tos-to-priority mapping. FortiOS maps the ToS to a priority when it receives a packet.
  • Traffic shaping settings adjust a packet’s priority according to the traffic.
  • Deliver the packet based on its priority.

Configure Type of Service (ToS) based priority table to set network traffic priorities.

Setting the ToS value

Configure the global ToS priority value – CLI

config system global

set tos-based-priority {high | low | medium}

end

where:

  • tos-based-priority is the priority of theToS priority, which matches firewall traffic shaping priorities. The default is medium. Where highhas a priority value of 0 and low is 2.
Set the ToS value – CLI

If you want to prioritize some ToS bit values differently than the global ToS-based priority, configure the priority for packets with that ToS bit value using the following commands. Priority values configured in this location will override the global ToS-based priority.

config system tos-based-priority

edit <item_ID>

set tos <tos_value>

set priority {low | medium | high}

next

end

where:

  • tos is the value of the ToS bit in the IP datagram header (packet's IP header). The range is 0 to 15.
  • priority is the priority of theToS priority, which matches firewall traffic shaping priorities. The default is medium. Where highhas a priority value of 0 and low is 2.

config system tos-based-priority

edit <id_int>

set tos [0-15]

set priority {high | low | medium}

next

end

Example: Configuring the ToS priority

For example, if you want to configure a FortiGate so that reliability is the first priority, set the ToS value to 4.

config system tos-based-priority

edit 1

set tos 4

set priority high

next

end

Here's another example:

config system tos-based-priority

edit 1

set tos 1

set priority low

next

edit 4

set tos 4

set priority medium

next

edit 6

set tos 6

set priority high

next

end