If you are using a virtual private network (VPN), you can still create quality of service (QoS) policies. This example shows the two being used together.
Situation
You have a partner connected through a VPN and you want to combine VPN and QoS to provide security and predictable e-business flow for mission-critical data. The QoS configuration only travels in one direction. Therefore, if you have an audio/video application, you need to establish QoS for the application on both sides of the connection.
The figure shows your server and your client in a host-to-host VPN connection. Each R represents differentiated service-enabled routers along the traffic's pathway. As you can see, QoS policies only flow in one direction.
Objectives
You might use VPN and QoS to establish not only protection, but priority for this connection. First, set up a host-to-host VPN connection. After you have the protection of your VPN connection, you can set up your QoS policy. You might create a differentiated service policy. This policy might be assigned a high, expedited-forwarding codepoint value to affect how the network prioritizes mission-critical traffic.
Prerequisites and assumptions
- You have an SLA with your ISP to ensure that the policies receive the requested priority. The QoS policy you create on the iSeries™ server enables traffic (in the policy) to receive priority throughout the network. It does not guarantee it and is dependent on your SLA. In fact, taking advantage of QoS policies might give you some leverage to negotiate certain service-levels and rates. Use the service-level agreement link to find out more.
- Differentiated service policies require DiffServ-enabled routers along the network path. Most routers are DiffServ capable.