We have recently upgraded our office internet connection to a 10Mbps connection with unlimited transfers. The ISP's modem connects to a simple Linksys EF3116 switch which in-turn connects the feed to our Sophos UTM425 (the internal network). Within this network, we are hosting some web services (on one server connected to the DMZ interface, specifically) that need to be reliably available and since our upgrade, I've noticed that other traffic is sometimes maxing out our bandwidth pipe. (ie. FTP uploads/downloads to a separate FTP server within the network) In short, I am trying to use QoS to ensure that web traffic in & out from the web server always has some reserved bandwidth to use.
I have attached screenshots of my setup, and am wondering if this is the correct way to achieve a reserved bandwidth pool.
[:S] There were a couple of the steps in this setup that confused me:
[LIST=1]
- on the "Traffic Selectors" tab, I did not define any records that had the source or the destination as the "internal" LAN IP (host) of the web server. Is this correct? My thought here is that the in/out traffic is tied to the "Internet" interface and thus should use Traffic Selector rules based on the WAN IP
- I defined a reverse service definition for web traffic (as in screenshot), the one labeled HTTP Traffic out (80 --> 1:65535). Is this required? And correct? I am wondering whether the QoS feature is smart enough to shape reverse traffic for a connection (ie. the returning HTTP data, from an inbound request on port 80). If not, it would seem quite cumbersome to need to define the reverse ports configuration for every single service that you want to control through QoS
With this configuration, I am trying to allocate 5Mbps for the web traffic. Does anyone have example of similar configurations, done on clients and or NATed servers that need reserved bandwidth? Or am I missing anything here?
Thanks in advance!
This thread was automatically locked due to age.
