SkyEdge II Configuring Outbound QoS - 0908

Configuring Outbound QoS
September 2008
Document No. DC-000483(A)
Gilat Satellite Networks Ltd.
This document contains information proprietary to Gilat Satellite Networks Ltd. and may not be reproduced
in whole or in part without the express written consent of Gilat Satellite Networks Ltd. The disclosure by
Gilat Satellite Networks Ltd. of information contained herein does not constitute any license or authorization
to use or disclose the information, ideas or concepts presented. The contents of this document are subject to
change without prior notice.
Contents
1. Introduction .......................................................................................................... 1
1.1. General Overview ........................................................................................ 1
1.2. QoS Definition.............................................................................................. 1
1.3. Outbound QoS in SkyEdgeII Systems .......................................................... 2
1.4. Hardware Components................................................................................. 3
1.5. Document Overview ..................................................................................... 3
2. Allot NetEnforcer and NetXplorer Configuration ................................................ 4

2.1. Recommended QoS Techniques .................................................................. 4
2.1.1. Catalog Definition ............................................................................... 4
2.1.2. Classification Level Hierarchy............................................................. 4
2.1.3. Policy Creation at each Classification Level........................................ 5
2.2. Defining Catalog Objects.............................................................................. 5
2.2.1. VSAT (Subnet) Configuration ............................................................. 5
2.2.2. VSAT Group (SLA) Configuration ....................................................... 7
2.2.3. QoS Rule Configuration for Lines ......................................................10
2.2.4. QoS Rule Configuration for Pipes ......................................................12
2.2.5. QoS Rule Configuration for Virtual Channels .....................................13
2.3. Defining Policies .........................................................................................15
2.3.1. Outbound Configuration (NetEnforcer Level) .....................................15
2.3.2. MPN Configuration (Line Level) .........................................................17
2.3.3. SLA Configuration (Pipe Template Level) ..........................................20
2.3.4. Application Configuration (VC Level) .................................................23
2.4. Configuration Results..................................................................................27
2.5. Configuration Example ................................................................................29
3. Appendix A- Distributing Configuration to Redundant NetEnforcer ................30

September, 2008 i
Proprietary and Confidential
Figures
Figure 1: Outbound QoS Solution – Schematic View .......................................................2
Figure 2: New Host List Option........................................................................................6
Figure 3: Host List Entry Properties..................................................................................6
Figure 4: Adding Host Item..............................................................................................7
Figure 5: New Host Group Option ...................................................................................8
Figure 6: Host Group Entries Properties..........................................................................8
Figure 7: Add Group Items ..............................................................................................9
Figure 8: Creating New Line QoS..................................................................................10
Figure 9: Line QoS Entry Properties..............................................................................11
Figure 10: Pipe QoS Entry Properties ...........................................................................12
Figure 11: Virtual Channel QoS Entry Properties ..........................................................14
Figure 12: Configuring Maximum Outbound Bandwidth Level........................................16
Figure 13: Configuration: Identification & Key................................................................17
Figure 14: Accessing Policy Editor ................................................................................18
Figure 15: Policy Editor .................................................................................................19
Figure 16: Line Properties-Insert ...................................................................................19
Figure 18: Insert Pipe Template ....................................................................................21
Figure 19: Pipe Template Properties - Insert .................................................................21
Figure 20: Conditions Properties-Edit............................................................................22
Figure 22: Policy Editor .................................................................................................24
Figure 23: Virtual Channel Properties – Insert ...............................................................25
Figure 24: Conditions Properties – Edit .........................................................................26
Figure 25: Network Policy screen ...................................................................................27
Figure 26: Host Catalog screen......................................................................................28
Figure 27: Policy Distribution.........................................................................................30
Figure 28: Policy Distribution.........................................................................................31
Figure 29: Policy Distribution – Distribution Completed .................................................32
Tables
Table 1: Configuration Actions .......................................................................................29

September, 2008 ii
1. Introduction
This document explains how to configure Outbound QoS using the Allot Machines .
1.1. General Overview
Gilat system provides QoS (quality of service) capabilities in both traffic directions.
On the Inbound, the QoS is implemented at the VSAT; before traffic reaches the
satellite media. On the Outbound, the QoS is implemented at the hub before traffic
reaches the satellite media. The Outbound QoS is implemented by Allot
Communications Ltd., equipment.
1.2. QoS Definition
QoS refers to the ability of a network to provide improved service to selected

network traffic over various underlying technologies. In particular, QoS features
provide improved and more predictable network service by providing the following
services:
Supporting dedicated bandwidth
Improving loss characteristics
Avoiding and managing network congestion
Shaping network traffic
Setting traffic priorities across the network

September, 2008 1
1.3. Outbound QoS in SkyEdgeII Systems
Figure 1 shows a schematic view of the SkyEdgeII Outbound QoS solution.
Figure 1: Outbound QoS Solution – Schematic View
Allot NetEnforcer implements the Outbound QoS functionalities in the SkyEdge

network. Outbound traffic coming from the Internet/intranet passes through the
NetEnforcer device and then goes to the hub. Each Network Segment (NS) may
include one active and one standby Allot NetEnforcer units.
At the NetEnforcer, the traffic is prioritized and shaped according to the QoS policies
defined in the NetXplorer Server.
NetXplorer Server provides one centralized management platform for all

NetEnforcer units in the system. One NetXplorer Server is used for multiple Network
Segments. NetXplorer GUI provides real-time traffic statistics at all levels for up to
48 hours (at 5 min interval) and long term (Reporter) traffic statistics at all levels
with volume-based traffic reports for up to 1 year.

September, 2008 2
NOTE
The long term Reporter traffic statistics feature requires an additional license
per NetEnforcer.
1.4. Hardware Components
NetXplorer Server – The Server is Windows XP machine with RAID 1, 4G

RAM, and an 80G hard drive. NetXplorer requires a special license if more than
one NetEnforcer active unit is used.
NetEnforcer AC-402 or AC-802 units
1.5. Document Overview
This document contains the following sections:
Allot NetEnforcer and NetXplorer Configuration
Appendix A- Distributing Configuration to Redundant NetEnforcer

September, 2008 3
2. Allot NetEnforcer and NetXplorer Configuration
This section contains the following procedures:
Recommended QoS Techniques
Defining Catalog Objects
Defining Policies
Configuration Results
Configuration Example
2.1. Recommended QoS Techniques
2.1.1. Catalog Definition
The following Objects should be defined:
Host – VSAT subnet
Host Group – a group of VSATs that use the same SLA
QoS – an action item where traffic-shaping (e.g., MIR, CIR, CBR) is defined
Service – a protocol-based traffic signature used for classifying applications.
Other Objects that can be defined include: VLANs, TOS, and Time of day.
2.1.2. Classification Level Hierarchy
The following levels should be defined:
Outbound – NetEnforcer level (all traffic passing through the device)
MPN – a collection of pipes that receive the same Line-level QoS
VSAT (subnet) – Pipe level template defined for one SLA
Application – VC (Virtual Channel) level defined under a VSAT

September, 2008 4
2.1.3. Policy Creation at each Classification Level
A QoS Policy can be applied to various Objects at the following levels:
NetEnforcer (Outbound) – An MIR can be specified for all Outbound traffic. In

a SkyEdgeII network with ACM, this MIR can change dynamically.
Line (MPN) – This level represents predefined Pipe policies. Its classification is
determined by the Pipe policies defined under it. The Line policy is applied to a
QoS (action) Object.
Pipe (SLA/VSAT template) – This level’s classification is specified by the IP

subnets that belong to a Host Group. The Host Group catalog Object represents
VSATs with the same SLA. The Pipe policy is applied to a QoS (action) Object.
VC (Application) – The VC classification is determined by applications or

protocols using a Service. The VC policy is assigned to a QoS (action) Object.
NOTE
Pipe and VC level policies can be based on other classifications such as
VLAN, TOS and Time. However, after a connection is established, dynamic
changes to its TOS will not affect the policy for that connection.
2.2. Defining Catalog Objects
The following object configuration procedures are described in this section:
VSAT (Subnet) Configuration
VSAT Group (SLA) Configuration
QoS Rule Configuration for Lines
2.2.1. VSAT (Subnet) Configuration
To configure VSAT subnet:
1. In the left pane of the Allot GUI, select the Catalogs tab.
2. In the Catalog tree, select the Host node.
3. Right-click anywhere in the Host table and select New Host List.

September, 2008 5
Figure 2: New Host List Option
Result: The Host List Entry Properties window is displayed.
Figure 3: Host List Entry Properties
4. In the Name field, enter the host name (VSAT) and specify a meaningful
Description.
5. Click the Add button.

September, 2008 6
Result: The Add Host Item window is displayed.
Figure 4: Adding Host Item
6. In the Add Host Item dialog box, define the VSAT subnet and click Apply.
7. In the Host List Entry Properties window, click Save.
NOTE
If a VSAT has multiple subnets behind it, they should be defined at this
stage.
2.2.2. VSAT Group (SLA) Configuration
This procedure identifies one or more VSATs that receive the same QoS under a
Service Level Agreement (SLA).
To configure VSAT Group SLA:
1. In the left pane of the Allot GUI, select Catalogs.
2. In the Catalogs tree, select the Host node.
3. Right-click anywhere in the Host table and select New Host Group.

September, 2008 7
Figure 5: New Host Group Option
Result: The Host Entry Properties window is displayed.
Figure 6: Host Group Entries Properties
4. In the Name field, enter the SLA group name.

September, 2008 8
5. In the Description field, specify a meaningful description.
6. Click Add.
Result: The Add Group Items window is displayed.
Figure 7: Add Group Items
7. In the Add Group Items window, select all of the Host objects (VSATs) that
belong to this Group / SLA. To select more than one Host object, hold down the
<Ctrl> key.
8. Click the OK.
Result: Selected items are moved from the Available Catalog Entries list of
the Add Group Items window to the Host Group Entry Properties window.
9. In the Host Group Entry Properties window, click Save.

September, 2008 9
2.2.3. QoS Rule Configuration for Lines
NOTE
In NetXplorer’s GUI, “Inbound” refers to the Outbound and “Outbound” refers
to the Inbound.
To configure QoS rules for Lines (MPNs):
2. In the Catalogs tree, select the Quality of Service node.
3. Right-click anywhere in the Quality of Service table and select New Line QoS.
Figure 8: Creating New Line QoS
Result: The New Line QoS window is displayed.

September, 2008 10
Figure 9: Line QoS Entry Properties
4. In the Name field, enter the MPN name.
6. In the Line Based QoS Coverage field, select

Each Direction Defined Separately.
7. Do not specify values in the Outbound panes because Inbound traffic is

managed by VSAT QoS rules.
8. Make the following specifications for Outbound traffic in the Inbound pane:
Select the Priority (2 Lowest, 10 Highest) option button and specify a priority
from 2 to 10.
Optionally, specify the Minimum Bandwidth in Kbps.
Optionally, select the Maximum Allowed checkbox or uncheck (deselect) that

checkbox and specify the Maximum Bandwidth in Kbps.
9. Save the changes.

September, 2008 11
2.2.4. QoS Rule Configuration for Pipes
This procedure specifies QoS rules for Pipe Templates (SLAs).
To configure QoS Rules for Pipe Templates:
3. Right-click anywhere in the Quality of Service table and select New Pipe QoS.
Result: The New Pipe QoS window is displayed.
Figure 10: Pipe QoS Entry Properties
4. In the Name field, enter the SLA name.
6. In the Pipe Based QoS Coverage field, select

Each Direction Defined Separately.


September, 2008 12
from 2 to 10.

2.2.5. QoS Rule Configuration for Virtual Channels
These procedures specify QoS rules for VCs (Applications).
To configure Virtual Channels:
3. Right-click anywhere in the Quality of Service table and select

New Virtual Channel QoS.
Result: The New Virtual Channel QoS window is displayed.

September, 2008 13
Figure 11: Virtual Channel QoS Entry Properties
4. In the Name field, enter the application name.
6. In the Virtual Channel Based QoS Coverage field, select Each Direction
Defined Separately.

from 2 to 10.


September, 2008 14
2.3. Defining Policies
The following policies are defined on the Allot NetXplorer:
Outbound Configuration (NetEnforcer Level)
MPN Configuration (Line Level)
SLA Configuration (Pipe Template Level)
Application Configuration (VC Level)
If a NetEnforcer redundancy exists, see Appendix A- Distributing Configuration to

Redundant NetEnforcer, page 30, for information about distributing QoS Policies to
a NetEnforcer backup unit.
2.3.1. Outbound Configuration (NetEnforcer Level)
This procedure specifies maximum Outbound Bandwidth at the NetEnforcer level.
To configure the maximum Outbound Bandwidth level at the NetEnforcer level:
1. In the left pane of the Allot GUI, select Network.
2. In the Network tree, right-click the NetEnforcer node that you want to define
and select Configuration.

September, 2008 15
Figure 12: Configuring Maximum Outbound Bandwidth Level
Result: The Configuration screen is displayed in the right pane.
3. In the Configuration screen, click the Identification & Key tab.
Result: The Identification & Key tab is displayed.

September, 2008 16
Figure 13: Configuration: Identification & Key
NOTE
Do not modify the Activation Key.
4. In the Bandwidth Capacity Limitations pane, perform either of the following:
When using CCM in the Outbound, uncheck the (Allot Inbound) Max Allowed
checkbox and set Inbound Bandwidth Limited to (Kbps) to the maximum
Outbound bandwidth.
When using ACM, Outbound is defined automatically by the hub DPS. Select
(check) the (Allot Outbound) Max Allowed checkbox.
2.3.2. MPN Configuration (Line Level)
To configure QoS rules of an MPN at the Line level:
1. In the left pane of the Allot GUI, select the Network tab.
2. In the Network tree, right-click the Line node (e.g., MPN1) that you want to
define and select Policy Editor.

September, 2008 17
Figure 14: Accessing Policy Editor
Result: The Policy Editor opens.
3. Right-click any existing Line in the Policy (e.g., NS1 QoS1) window and select
the Insert Line option in the pop-up menu.

September, 2008 18
Figure 15: Policy Editor
Result: The Line Properties – Insert window is displayed.
Figure 16: Line Properties-Insert

September, 2008 19
4. In the Line Properties – Insert window, edit the Name field, specify a
Description, and in the Quality of Service drop-down list, select a rule (e.g.,
Line speed) that was previously defined in the QoS Catalog.
5. Click OK.
2.3.3. SLA Configuration (Pipe Template Level)
To configure QoS rules for an SLA at the Pipe (Template) level:
1. If the Policy window is not already displayed, select the Network tab in the left
pane of the Allot GUI and in the Network tree, right-click the Pipe node that you
want to define and select Policy Editor.
Result: The Policy Editor opens.
2. In the Policy window, right-click a Pipe entry under the appropriate Line and
select Insert Pipe Template.

September, 2008 20
Figure 18: Insert Pipe Template
Result: The Pipe Template Properties – Insert window is displayed.
Figure 19: Pipe Template Properties - Insert

September, 2008 21
3. In the Pipe Template Properties – Insert window, edit the Name field and
specify a Description.
4. In the Conditions pane, select the condition to be edited.
5. In the Quality of Service drop-down list, select a QoS rule previously defined in
the Catalog.
6. Click the Edit button.
Result: The Conditions Properties – Edit window is displayed.
Figure 20: Conditions Properties-Edit
7. In the Conditions Properties – Edit window, from the Internal drop-down list
select the Host Group (previously defined in the Host Catalog) that represents the
SLA.
8. Click OK in the Conditions Properties – Edit dialog box.
9. Click OK in the Pipe Template Properties – Insert window.

September, 2008 22
2.3.4. Application Configuration (VC Level)
To configure QoS rules for an Application at the Virtual Channel level:
1. If the Policy window is not already displayed, select the Network tab in the left
pane of the Allot GUI and in the Network tree, right-click the Pipe node that you
want to define and select Policy Editor.
Result: The Policy Editor window is displayed.

September, 2008 23
Figure 22: Policy Editor
2. In the Policy window, right-click a VC entry under the appropriate Pipe and
select Insert Virtual Channel
Result: The Virtual Channel Properties window is displayed.

September, 2008 24
Figure 23: Virtual Channel Properties – Insert
3. In the Virtual Channel Properties – Insert window, edit the Name field and
specify a Description.
4. In the Conditions pane, select the condition to be edited.
5. In the Quality of Service drop-down list, select a QoS rule previously defined in
the Catalog.
6. Click the Edit button.
Result: The Conditions Properties – Edit window is displayed.

September, 2008 25
Figure 24: Conditions Properties – Edit
7. In the Service drop-down list of the Conditions Properties – Edit dialog box,
select the Protocol (Group) that represents the Application (defined previously
in the Host Catalog).
8. Click OK in the Conditions Properties – Edit dialog box.
9. Click OK in the Virtual Channel Properties – Insert window.

September, 2008 26
2.4. Configuration Results
After implementing the procedures described in Section 2.2, page 5 and Section 2.3,
page 15, the Network Policy screen will look like Figure 25 and the Host Catalog
screen will look like Figure 26.
Figure 25: Network Policy screen

September, 2008 27
Figure 26: Host Catalog screen

September, 2008 28
2.5. Configuration Example
Table 1 lists a series of configuration actions in the sequence that they should be
performed to produce a sample configuration. The result of this configuration is
listed below the table.
Table 1: Configuration Actions
Configuration Action Objects/Policies Configured Reference
Define 3 Hosts VSATs 2001, 2002, and 3001 Section 2.2.1
Define 2 Host Groups (SLAs) and VGrp2 (VSATs 2001 and 2002), Section 2.2.2
assign VSATs to them VGrp3 (VSAT 3001)
Define 1 Line-level QoS rule MPN1 QoS rule: 512 Kbps maximum Section 2.2.3
Define 2 Pipe-level QoS rules Gold QoS rule: 512 Kbps maximum Section 2.2.3
Silver QoS rule: 256 Kbps maximum
Define 1 Line-level Policy and MPN1 Line Policy Section 2.3.2
assign a Line-level QoS to it
Create 2 Pipe templates under the Gold and Silver Pipe templates created under Section 2.3.3
MPN1 Line the MPN1 Line
Assign Pipe-level QoS rules to the Gold Pipe QoS assigned to Gold template Section 2.3.3
Pipe templates Silver Pipe QoS assigned to Silver template
Assign Host Groups (SLAs) to the VGrp3 assigned to Gold template Section 2.3.3
Pipe templates VGrp2 assigned to Silver template
Configuration Results:
The maximum transmission rate for VSATs 2001 and 2002 is 256 Kbps each.
The maximum transmission rate for VSAT_3001 is 512 Kbps.
The maximum transmission rate for all simultaneous traffic generated by all of
the VSATs whose traffic passes through the MPN1 Line is 512 Kbps.

September, 2008 29
3. Appendix A- Distributing Configuration to Redundant NetEnforcer
To distribute configuration to the redundant NetEnforcer:
1. In the left pane of the Allot GUI, select Network tab.
2. In the Network tree, right-click the node of the NetEnforcer whose QoS Policy
needs to be distributed to its redundant device. In this example, it is NS1 QoS1.
Figure 27: Policy Distribution
3. Select Policy Distribution in the pop-up menu.
Result: The Policy Distribution dialog box is displayed.

September, 2008 30
Figure 28: Policy Distribution
4. In the Distribution column, select the checkbox of the NetEnforcer device that
should receive this QoS Policy distribution. In this example, it is NS1 QoS2.
5. Click the Distribute button.
6. When the distribution process ends, Distribution completed should be displayed

in the Last Message field, Success should be displayed in the Message column,
and the time when the distribution finished should be in the Time column.

September, 2008 31
Figure 29: Policy Distribution – Distribution Completed
7. Close the Policy Distribution window.

September, 2008 32

SkyEdge II Configuring Outbound QoS - 0908

Uploaded by

Copyright:

Available Formats

You might also like

SkyEdge II Configuring Outbound QoS - 0908

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

SkyEdge II Configuring Outbound QoS - 0908

Uploaded by

Copyright:

Available Formats

Configuring Outbound QoS

Document No. DC-000483(A)

Gilat Satellite Networks Ltd.

2. Allot NetEnforcer and NetXplorer Configuration ................................................ 4

3. Appendix A- Distributing Configuration to Redundant NetEnforcer ................30

Configuring Outbound QoS

Configuring Outbound QoS

1.1. General Overview

1.2. QoS Definition

QoS refers to the ability of a network to provide improved service to selected

 Supporting dedicated bandwidth

 Improving loss characteristics

 Avoiding and managing network congestion

 Shaping network traffic

 Setting traffic priorities across the network

Configuring Outbound QoS

1.3. Outbound QoS in SkyEdgeII Systems

Figure 1 shows a schematic view of the SkyEdgeII Outbound QoS solution.

Figure 1: Outbound QoS Solution – Schematic View

Allot NetEnforcer implements the Outbound QoS functionalities in the SkyEdge

NetXplorer Server provides one centralized management platform for all

Configuring Outbound QoS

1.4. Hardware Components

 NetXplorer Server – The Server is Windows XP machine with RAID 1, 4G

 NetEnforcer AC-402 or AC-802 units

1.5. Document Overview

This document contains the following sections:

 Allot NetEnforcer and NetXplorer Configuration

 Appendix A- Distributing Configuration to Redundant NetEnforcer

Configuring Outbound QoS

2. Allot NetEnforcer and NetXplorer Configuration

This section contains the following procedures:

 Recommended QoS Techniques

 Defining Catalog Objects

2.1. Recommended QoS Techniques

2.1.1. Catalog Definition

The following Objects should be defined:

 Host – VSAT subnet

 Host Group – a group of VSATs that use the same SLA

 Service – a protocol-based traffic signature used for classifying applications.

2.1.2. Classification Level Hierarchy

The following levels should be defined:

 Outbound – NetEnforcer level (all traffic passing through the device)

 MPN – a collection of pipes that receive the same Line-level QoS

 VSAT (subnet) – Pipe level template defined for one SLA

 Application – VC (Virtual Channel) level defined under a VSAT

Configuring Outbound QoS

2.1.3. Policy Creation at each Classification Level

A QoS Policy can be applied to various Objects at the following levels:

 NetEnforcer (Outbound) – An MIR can be specified for all Outbound traffic. In

 Pipe (SLA/VSAT template) – This level’s classification is specified by the IP

 VC (Application) – The VC classification is determined by applications or

2.2. Defining Catalog Objects

The following object configuration procedures are described in this section:

 VSAT (Subnet) Configuration

 VSAT Group (SLA) Configuration

 QoS Rule Configuration for Lines

Supporting dedicated bandwidth

Improving loss characteristics

Avoiding and managing network congestion

Shaping network traffic

Setting traffic priorities across the network

NetXplorer Server – The Server is Windows XP machine with RAID 1, 4G

NetEnforcer AC-402 or AC-802 units

Allot NetEnforcer and NetXplorer Configuration

Appendix A- Distributing Configuration to Redundant NetEnforcer

Recommended QoS Techniques

Defining Catalog Objects

Host – VSAT subnet

Host Group – a group of VSATs that use the same SLA

Service – a protocol-based traffic signature used for classifying applications.

Outbound – NetEnforcer level (all traffic passing through the device)

MPN – a collection of pipes that receive the same Line-level QoS

VSAT (subnet) – Pipe level template defined for one SLA

Application – VC (Virtual Channel) level defined under a VSAT

NetEnforcer (Outbound) – An MIR can be specified for all Outbound traffic. In

Pipe (SLA/VSAT template) – This level’s classification is specified by the IP

VC (Application) – The VC classification is determined by applications or

VSAT (Subnet) Configuration

VSAT Group (SLA) Configuration

QoS Rule Configuration for Lines

Optionally, specify the Minimum Bandwidth in Kbps.

Optionally, select the Maximum Allowed checkbox or uncheck (deselect) that

Optionally, specify the Minimum Bandwidth in Kbps.

Optionally, select the Maximum Allowed checkbox or uncheck (deselect) that