Configuring ToS priority
Type of service (ToS) is an 8-bit field in an IP header that enables you to determine how an IP datagram should be delivered, using delay, throughput, priority, reliability, and cost criteria. Each criteria helps gateways determine the best way to route IP datagrams. A router maintains a ToS value for each route in its routing table. The lowest priority ToS is 0, and the highest is 7 when bits 3, 4, and 5 are all set to 1.
Together these bits are the ToS variable of the tos‑based-priority
command. The router tries to match the ToS of the datagram to the ToS on one of the possible routes to the destination. If there's no match, the datagram is sent over a zero ToS route. Using increased quality may increase the cost of delivery because better performance may consume limited network resources.
Each bit represents the priority as defined in RFC 1349:
These priority levels conform to the firewall traffic shaping priorities, as defined in RFC 1349.
- 1000 - minimize delay
- 0100 - maximize throughput
- 0010 - maximize reliability
- 0001 - minimize monetary cost
Traffic shaping and ToS follow this sequence:
- The CLI command
tos-based-priority
acts as atos-to-priority
mapping. FortiOS maps the ToS to a priority when it receives a packet. - Traffic shaping settings adjust a packet’s priority according to the traffic.
- Deliver the packet based on its priority.
Configure Type of Service (ToS) based priority table to set network traffic priorities.
Setting the ToS value
Configure the global ToS priority value – CLI
config system global
set tos-based-priority {high | low | medium}
end
where:
tos-based-priority
is the priority of theToS priority, which matches firewall traffic shaping priorities. The default is medium. Wherehigh
has a priority value of 0 andlow
is 2.
Set the ToS value – CLI
If you want to prioritize some ToS bit values differently than the global ToS-based priority, configure the priority for packets with that ToS bit value using the following commands. Priority values configured in this location will override the global ToS-based priority.
config system tos-based-priority
edit <item_ID>
set tos <tos_value>
set priority {low | medium | high}
next
end
where:
tos
is the value of the ToS bit in the IP datagram header (packet's IP header). The range is 0 to 15.priority
is the priority of theToS priority, which matches firewall traffic shaping priorities. The default is medium. Wherehigh
has a priority value of 0 andlow
is 2.
config system tos-based-priority
edit <id_int>
set tos [0-15]
set priority {high | low | medium}
next
end
Example: Configuring the ToS priority
For example, if you want to configure a FortiGate so that reliability is the first priority, set the ToS value to 4.
config system tos-based-priority
edit 1
set tos 4
set priority high
next
end
Here's another example:
config system tos-based-priority
edit 1
set tos 1
set priority low
next
edit 4
set tos 4
set priority medium
next
edit 6
set tos 6
set priority high
next
end