Policy-based QoS
QoS features allow administrators to configure
certain network protocols and applications to have a higher network
bandwidth priority than others. QoS also allows administrators to limit
the bandwidth used by lower priority applications. The use of QoS has
increased rapidly over the past several years as more organizations have
begun using their networks to send more than just email and browse the
Web. Today’s businesses are using their networks to stream multimedia
from and to the Internet, use cloud-based services, and support Voice
over IP (VoIP) phone systems. Using these services requires prioritizing
some protocols over others. QoS has traditionally been a network
feature that could be set up on network routers and layer 3 switches.
The network devices are set up to inspect network traffic and give
certain protocols a higher priority than others.
The
most widely used method of implementing QoS is using differential
services code point (DSCP) tagging. DSCP assigns a value between 0 and
63 to data packets. QoS services read this value and give higher
numbers, a higher priority on the network.
|
QoS in Windows Server 2003 and Windows XP
Microsoft introduced some basic QoS APIs in Windows
XP and Windows Server 2003. This allowed application developers to apply
QoS settings to their applications but was limited in features and
needed to have code written to support QoS. Additionally, the
administrator would need to install the QoS packet scheduler on the
Windows Server after Windows installation. It should be noted that to
support QoS, the full network path has to trust the QoS values coming
from the client. This is typically something implemented on internal
networks, but due to an organization’s inability to control
Internet-based network routers, it is rarely implemented over an
Internet connection.
|
Windows Server 2008 R2 includes the feature
Policy-based QoS. Policy-based QoS allows Windows administrators to
apply DSCP values to traffic entering or leaving a computer based on
application, port number, protocol, or source and destination IP
addresses. These QoS polices can be applied to Windows Vista, Windows 7,
Windows Server 2008, and Windows Server 2008 R2 computers and users
logged onto these operating systems. These policies are deployed via
traditional group policies. This means that you can apply different QoS
policies to different systems based upon their Active Directory (AD)
site, OU membership, or the domain they belong to. This makes QoS
management very granular and less complicated to administer. Let us set
up and see Policy-based QoS in action. Policy-based QoS can be
especially helpful in VoIP technology deployments such as Microsoft
Office Communications Server 2007 R2.
Creating a Policy-based QoS GPO
In the below exercise, we will create a new
Policy-based QoS GPO for traffic destined for port 80 (http). This will
give standard Web browsing traffic a higher value leaving the computer
over other network traffic. If the network devices support the DSCP
value provided by the policy, they will also give the traffic higher
priority.
1. | In
our example, we will use a local computer policy; however, the same
policy can be set up in AD. Open the group policy editor: Start | Run type gpedit.msc and click OK. The Local Group Policy Editor will open as seen in Figure 3.
|
2. | Expand the nodes Computer Configuration | Windows Settings and User Configuration | Windows Settings (see Figure 4).
You will notice that Policy-based QoS can be applied to the computer or
to the user. For our example, we will use a computer-based policy.
|
3. | Right click the Policy-based QoS node and choose Create New Policy.
|
4. | The Policy-based QoS Wizard will launch (see Figure 5). Enter a descriptive name in the Policy Name field. Then use the Specify DSCP value option to set a DSCP value. In our example, we will not be throttling the traffic so leave this option unchecked. Click Next to continue.
|
5. | We
can assign the DSCP policy to specific applications by choosing the
executable, or if this server is set up as a Web application server, we can specify the URL of the application. For our example, we will leave the default of All Applications selected (see Figure 6). Click Next to continue.
|
6. | We can specify that this policy applies only to certain source or destination IP addresses (see Figure 7). We will leave both of these options as the default for our example. Click Next.
|
7. | We now need to choose the protocol and port number or range that we want the DSCP value to (see Figure 8).
For our testing purposes, let us choose port 80 (http) as the
destination port. This will allow us to easily use a Web browser to test
our policy. Click Finish to create the policy.
|
8. | You should now see the policy appear under the Policy-based QoS node in the Local Group Policy Editor window as seen in Figure 9.
|
9. | Now
let us test our new policy. To perform this test, you will need to
download and install Network Monitor. Network Monitor can be downloaded
from Microsoft Download Center at http://download.microsoft.com. After installing Network Monitor, open it by going to Start | All Programs | Network Monitor 3.3.
|
10. | The Network Monitor Start Page will be opened as seen in Figure 10. Click the link New Capture Tab to set up a new network capture session.
|
11. | A new capture tab will be opened. Click the Start button at the top of the Network Monitor window to start capturing traffic (see Figure 11).
|
12. | Now let us create some outbound http traffic. Open Internet Explorer by going to Start | All Programs | Internet Explorer.
|
13. | Browse a standard http Web site. Then close Internet Explorer.
|
14. | Go back to the Network Monitor window and click the Stop button. You should see that the utility has captured traffic in the frame summary pane (see Figure 12).
|
15. | Expand the iexplorer.exe node in the network conversations pane.
|
16. | Locate one of the IPv4 sessions (see Figure 13) and select the session you want to view.
|
17. | After selecting an IPv4 session, notice the list of frames in the frames summary pane as seen in Figure 14. Select a frame that contains DstPort=HTTP(80).
|
18. | Expand the IPv4 section in the frame details pane (see Figure 15). Notice the DifferentiatedServicesField
subnode. You will notice that the frame has been given a DSCP value of
10. This shows that the policy is correctly applying a DSCP value to
outbound port 80 traffic.
|
Test various QoS policies in your test lab
during your Windows Server 2008 R2 deployment. You can use them to help
ensure that the critical applications receive necessary network
bandwidth to perform optimally.
