Class Manager (QoS)

Overview

The basic functionality of the Flow Classification is to apply various filter over network packet and take or assist to take an specific action if the network packets matches the particular rule.

Functionality

Flow Classification is used in the following Chains in ZWAN Controller:

Flow Optimizer ; Chain name: NetBalancer
Firewall ; Chain name: Forward/Input/Output (or custom chain which is linked to the existing one)
Quality of Service (Traffic Shaping) ; Chain name: QoS

Based on where it is used the target action will vary.

Network Packet -> Filter -> Action

Routing - Flow Optimization:

In the case of Routing, the filter is applied over incoming packets. If the packet matches the filter, then the action could be routing the those packet via a specific interface. The interface could be Ethernet Interface (or IPSec Tunnel interface) or an Gateway IP.

Bandwidth Control - QoS:

In the case of QoS, the output interface for a packet is already decided. Here the filter is used to control certain packet flow bandwidth usage. The target for this rule could be the Class Manager defined in QoS.

Firewall

Based on the filter, both incoming and outgoing packets are accepted or dropped. It can jump to a custom chain (which has further rules) before it is accepted or dropped.

Configuration Parameters:

What are the filters?

Packet Header: Input Interface, Output interface, Source IP (range), Destination IP (range), Packet size, DSCP mark
IP Protocol : Protocol number, Source Port (range), Destination Port (range), TCP flags, ICMP type,
Connection State: new, established, related, invalid, untracked, notconnected
DPI (third and fourth OSI layer) 400+ apps are supported
Time (days of the week and time of the day)
Connection Limit and Bandwidth Usage etc.

Flow Classification

flow_classification

Notes:

Can Enable/Disable a rule/filter
Can Sequence the order or rule/filter
Lower Sequence is exercised first.

Expected behavior in the system:

Once a rule is successfully created (and enabled), the rule will be immediately applied on the network packets. Depends on where it is used, it will take the appropriate action.

Known Limitation

Currently only 999 rules can be added to a Chain

zWAN as a Solution

zTC as a Solution

Secure Endpoint Solutions

Zero Trust Network

Network Infrastructure

Network Storage

Class Manager (QoS)

SnapOS

SnapOS

Getting Started

Session Connections

Peripheral & Application Management

Security & Certificates

System Administration & Updates

Diagnostics & Recovery

Support & Resources

zMAN

Overview & Architecture

Installation & Setup

Onboarding

Analytics & Monitoring

Device Management & Dashboard

Firmware & Repository Management

Profiles & Settings Management

Support & Resources

zDM Integration & Provisioning

User Management

Configuration

Firmware Update

Reset VNC

Task Management

Repository Management

Server Configuration

Provisioning

Group Management

Solutions

Voice-Over-IP/Video Conferencing

Validation and Test Cases

Proof of Concept Test Cases

zTC

Diagnostics & Recovery

Getting Started

Peripheral & Application Management

Security & Certificates

Session Connections

Support & Resources

System Administration & Updates

zWAN

Deployment

Getting Started

Introduction

Configuration

Installation Guides

POC Evaluation

Director

Device Management

Edge Controllers

Analytics

System

Backup and Restore

Network

Analytics

Reporting

Alerting

User Management

Edge Controllers

z25

Troubleshooting

z40

Device Management

z50

Troubleshooting

Frequently Asked Questions

zAccess

Endpoint Sessions

Event Logs

Gateway Devices

Network Configuration

Policy Configuration

StorTrends