Fortinet black logo

Cookbook

Traffic shaping

Copy Link
Copy Doc ID fed12558-14f5-11e9-b86b-00505692583a:297431
Download PDF

Traffic shaping

QoS (quality of service) is the capability to adjust quality aspects of your overall network traffic, including techniques such as priority-based queuing and traffic policing. Because bandwidth is finite and some types of traffic are slow, jitter or packet loss sensitive, bandwidth intensive, or critical for operations, QoS is a useful tool to optimize the performance of various applications in your network. QoS is especially important for managing voice and streaming multimedia traffic because these types of traffic can rapidly consume bandwidth and are sensitive to latency. You can implement QoS on FortiGate devices using the following techniques:

Technique

Description

Traffic policing

The FortiGate drops packets that do not conform to the configured bandwidth limitations.

Note that excessive traffic policing can degrade network performance rather than improve it.

Traffic shaping

The FortiGate ensures that traffic consumes bandwidth at least at the guaranteed rate by assigning a greater priority queue to the traffic if the guaranteed rate is not being met.

The FortiGate ensures that traffic does not consume more than the maximum configured bandwidth. Traffic that exceeds the maximum rate is subject to traffic policing.

Queuing

The FortiGate transmits packets in the order of their assigned priority queue for that physical interface. All traffic in a higher priority traffic queue must be completely transmitted before traffic in lower priority queues is transmitted.

When determining how to configure QoS, it is helpful to know when a FortiGate uses each technique in the overall traffic processing flow and the considerations for each technique. After the FortiGate accepts packets, it classifies the traffic and may apply traffic policing at additional points during traffic processing. The FortiGate may also apply QoS techniques, such as prioritization and traffic shaping. Traffic shaping consists of both traffic policing to enforce bandwidth limits and adjusting priority queues to help packets achieve the guaranteed rate.

Traffic shaping accuracy is optimal for security policies without a protection profile where no FortiGate content inspection is processed.

Note

You can enable traffic shaping in System > Feature Visibility under the Additional Features section.

The following topics provide information about configuring traffic shaping policies:

Traffic shaping

QoS (quality of service) is the capability to adjust quality aspects of your overall network traffic, including techniques such as priority-based queuing and traffic policing. Because bandwidth is finite and some types of traffic are slow, jitter or packet loss sensitive, bandwidth intensive, or critical for operations, QoS is a useful tool to optimize the performance of various applications in your network. QoS is especially important for managing voice and streaming multimedia traffic because these types of traffic can rapidly consume bandwidth and are sensitive to latency. You can implement QoS on FortiGate devices using the following techniques:

Technique

Description

Traffic policing

The FortiGate drops packets that do not conform to the configured bandwidth limitations.

Note that excessive traffic policing can degrade network performance rather than improve it.

Traffic shaping

The FortiGate ensures that traffic consumes bandwidth at least at the guaranteed rate by assigning a greater priority queue to the traffic if the guaranteed rate is not being met.

The FortiGate ensures that traffic does not consume more than the maximum configured bandwidth. Traffic that exceeds the maximum rate is subject to traffic policing.

Queuing

The FortiGate transmits packets in the order of their assigned priority queue for that physical interface. All traffic in a higher priority traffic queue must be completely transmitted before traffic in lower priority queues is transmitted.

When determining how to configure QoS, it is helpful to know when a FortiGate uses each technique in the overall traffic processing flow and the considerations for each technique. After the FortiGate accepts packets, it classifies the traffic and may apply traffic policing at additional points during traffic processing. The FortiGate may also apply QoS techniques, such as prioritization and traffic shaping. Traffic shaping consists of both traffic policing to enforce bandwidth limits and adjusting priority queues to help packets achieve the guaranteed rate.

Traffic shaping accuracy is optimal for security policies without a protection profile where no FortiGate content inspection is processed.

Note

You can enable traffic shaping in System > Feature Visibility under the Additional Features section.

The following topics provide information about configuring traffic shaping policies: