QoS with Routed VPN

    Hi guys,

    I have ZS setup as a router and have created multiple LAN to LAN VPN connections at multiple remote sites. I would now like to configure QoS.

    I see most of the documentation referring to using QoS with a bridge but am I able to apply QoS effectively to the VPN interface itself?

    Note: I am not aiming to apply QoS over the remote VPN connections themselves (over the internet) just on the local system to help local performance.

    At the primary ZS site I have a single 5000kbps/850kbps ADSL router in bridge mode connected to ETH00 and have configured PPP0 in ZS. I then have segmented Voice, Servers and PC clients into their own IP space on the LAN with their own VLAN’s on ETH01, ETH02 and ETH03 respectively. I have created two VPN’s. VPN01 is used by the Servers and Voice devices on ETH01 and ETH02 and VPN02 is used by PC clients on ETH03 for general internet usage.

    So far in QoS I have configured the Global Bandwidth on PPP0 (not ETH00 that the ADSL modem is connected to) to be 850kbps (maximum upload of ADSL).

    Almost all the traffic going over the PPP0 connection is within the two VPN connections except for 1 Voice device on ETH01. This device is routed directly out the PPP0 connection via Netbalancer and not sent over any VPN.

    To be able to prioritize traffic within each VPN am I able to apply QoS settings to the VPN interface itself?

    If I were to prioritize Voice traffic over FTP traffic in VPN01 can I apply a QoS rule to the VPN01 interface to give Voice High Priority and Guaranteed 512kbps of bandwidth (of the 850kbps available over the single ADSL WAN PPP0 connection) and give FTP Low Priority and a Limit of 128kbps?

    In turn if this works well could I then apply QoS settings directly to the PPP0 interface to control the performance of each VPN and the single voice device I have communicating directly over the PPP0 interface? E.g apply rules using the IP of the Voice Device and Ports used by the VPN connections to give the voice device High Priority and Guaranteed bandwidth of 256kbps, VPN01 Medium Priority and VPN02 Low Priority.

    Would all of the above be correct?..


