We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda NextGen Firewall X

How to use TOS-Bit values on Barraucda NG Firewall?

  • Type: Knowledgebase
  • Date changed: one year ago
Solution #00005206 
 
Scope:
This solution replies to:
- NG Firewall firmware versions 4.2.x, 5.0.x, 5.2.x, 6.x, 7.x
- netfence firmware versions 4.2.x

 
Symptoms:

What values must be inserted for TOS-Bit values?


 
Solution:

TOS-Bit interpretation according to RFC3168 (since 2001) also known as the DSCP (DiffServ - http://de.wikipedia.org/wiki/DSCP) may set as a value between 0 and 255. How this value will be interpreted is up to the remote site.

 

For example Cisco looks like this...

  Class AF11 - DSCP 10
  Class AF12 - DSCP 12
  Class AF13 - DSCP 14
  Class AF21 - DSCP 18
  Class AF22 - DSCP 20 
  Class AF23 - DSCP 22
  Class AF31 - DSCP 26
  Class AF32 - DSCP 28
  Class AF33 - DSCP 30
  Class AF41 - DSCP 34
  Class AF42 - DSCP 36
  Class AF43 - DSCP 38

 

More information about Cisco DSCP values are located here...
http://www.cisco.com/en/US/tech/tk543/tk757/technologies_tech_note09186a00800949f2.shtml

 

More information about precedence values are located here...
http://www.bogpeople.com/networking/dscp.shtml

http://www.tucny.com/Home/dscp-tos

 

 

As a matter of principle the netfence controls the precedence field but you set set the DSCP value in the netfence configuration.

 

For example:
  DSCP       Precedence  Purpose 
  0            0            Best effort
  8            1            Class 1
  16           2            Class 2
  24           3            Class 3
  32           4            Class 4
  40           5            Express forwarding
  48           6            Control
  56           7            Control


Additional Note: In certain situations you might want to “clear” the TOS value of a received packet before it is forwarded out another interface. This is currently not possible. If you configure decimal value 0 within the access rule advance settings, that means the TOS value of the received packet stays unchanged.


Link to This Page:
https://campus.barracuda.com/solution/50160000000IKZzAAO