Showing results for 
Search instead for 
Did you mean: 

End to end QoS



I have a network where I have three servers in the DMZ that need to talk to two servers on the LAN and visa versa. The DMZ switch is a 3750, The next hop towards the LAN servers is an ASA 5520. After that there is a Cisco 4507 and then finally we get to the LAN switch which is another 3750. So all and all, there are 4 network devices.


My very limited understanding of QoS is I need to configure all 4 devices for QoS correct?

Does having the FW in the middle change anything in my QoS strategy?

I want to keep this as simple as possible. Can I use source and destination addresses to state what should get priority on the devices?






Yes QoS is setup across the entire network, up to a QoS "boundary". The boundary is where you will setup QoS Categorizations and QoS Marking of cos(802.3 cos bits), dscp (differentiated services code point), and ip precedence (Layer 3 TOS bits), in this case the ethernet port where the server is connected.  The internal parts of the network are usually set to trust all packets markings, therefore, queueing and packet switching is faster, and less configuration intensive.  Attached is a document that covers the QoS strategy.

Having the Firewall in the middle has no effect on the strategy, only on the trusted state of each port (i.e. inside, outside, dmz).

Hope this helps...


Thanks Darren. I appreaciate the information very much.

The only thing is the doc you send me is a thousand pages. For something that sounds like it should be easy, it sure looks tough from here.

Thanks again

Well, it can get complicated when you start shaping and policing over the wide area, but for the LAN, and what you are l

ooking at, it's not that difficult.  Just dive in and study it, the lights will come on as you get into it.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: