Questions about BWM feature in USG flex 200

MattiasLu

Hi everyone. I want to guarantee some bandwidth to some traffic. I do not need to set any caps on any traffic. For example, I want to guarantee 10Mbps for any traffic related to Microsoft Teams.

 

My question is:

1 do I need to configure a reverse BWM policy for Teams traffic, like this:

2 do I need to configure the egress bandwidth and the ingress bandwidth of every BWM-related interface for the firewall to know if the bandwidth of BWM related interfaces has used up and then do some guaranteed bandwidth actions? By the way, I can see from the tips that I need to configure egress bandwidth for BWM.

 

3 If I need to configure egress bandwidth of BWM related interfaces, then there is a problem that I do not know exactly how much bandwidth the LAN interface should be configured and because the LAN interface also includes the traffic between different vlan subnets and the traffic between LAN interface subnet and vlan subnets, I wonder if the configured bandwidth will limit the intranet traffic

 

4 It is possible to do BWM for the traffic originated from the Zyxel firewall itself?

For example, I set up an ipsec VPN tunnel with the firewall in HongKong. Can I guarantee the bandwidth of the ipsec VPN traffic?

MattiasLu

My firewall information:

Firewall Model: USG FLEX 200

Firmware version: V5.32(ABUI.0)

Zyxel_James

Hello @MattiasLu,

It depends on your scenario, the BWM policy will only apply on the direction you set up. If your want to apply BWM on both directions, then you need to set up two BWM policies for it.

For WAN interface Egress/Ingress bandwidth, you may ask your ISP. BWM works when WAN interface Egress/Ingress bandwidth is set up correctly.

And Yes, you can apply the BWM policy on the traffic generated by the device itself

James