Managing IP Quality of Service in Oracle® Solaris 11.2

Exit Print View

 
Updated: July 2014
 
 

IPQoS Network Topologies

This section illustrates IPQoS strategies for various network needs.

IPQoS on Individual Hosts

The following figure shows a single network of IPQoS-enabled systems. This network is only one segment of a corporate intranet. By enabling IPQoS on the application servers and web servers, you can control the rate at which each IPQoS system releases outgoing traffic. If you make the router Diffserv aware, you can further control incoming and outgoing traffic.

The examples in this guide use this scenario.

Figure 2-1  IPQoS Systems on a Network Segment

image:Topology diagram shows a local network with a Diffserv router, and three IPQoS-enabled systems: FTP server, database server, and a web server.

IPQoS on a Network of Server Farms

The following figure shows a network with several heterogeneous server farms. In this setup, the router is Diffserv-aware, and therefore able to queue and rate both incoming and outgoing traffic. The load balancer is also Diffserv-aware, and the server farms are IPQoS enabled. The load balancer can provide additional filtering beyond the router by using selectors such as user ID and project ID. These selectors are included in the application data.

Figure 2-2  Network of IPQoS-Enabled Server Farms

image:Topology diagram shows a network with a Diffserv router, an IPQoS-enabled load balancer, and three server farms.

This scenario provides flow control and traffic forwarding to manage congestion on the local network. This scenario also prevents outgoing traffic from the server farms from overloading other portions of the intranet.

IPQoS on a Firewall

The following figure shows a segment of a corporate network that is secured from other segments by a firewall. In this scenario, traffic flows into a Diffserv-aware router where the packets are filtered and queued. All incoming traffic that is forwarded by the router then travels into the IPQoS-enabled firewall. To use IPQoS, the firewall must not bypass the IP forwarding stack.

Figure 2-3  Network Protected by an IPQoS-Enabled Firewall

image:Topology diagram shows a network consisting of a Diffserv router, an IPQoS-enabled firewall, an Oracle Solaris system, and other hosts.

The firewall's security policy determines whether incoming traffic is permitted to enter or depart the internal network. The QoS policy controls the service levels for incoming traffic that has passed the firewall. Depending on the QoS policy, outgoing traffic can also be marked with a forwarding behavior.

Copyright © 1999, 2014, Oracle and/or its affiliates. All rights reserved. Legal Notices
Previous
Next