QoS Over The Internet – Is it possible? Five Must-Know Facts

I had an inquiry from a potential customer yesterday asking if we could monitor their QoS. I was a bit miffed as to what to tell them. At first, the question struck me as if they’d asked if we can monitor electrons on their power grid. In other words, it was a legitimate question in a sense, but of what use would it be to monitor QoS? I then asked him why he had implemented QoS in the first place. How did he know he needed it?

After inquiring a bit deeper, I also found out this customer was using extensive VPNs to remote offices over DSL internet circuits. His WAN traffic from the remote offices was sharing links with regular Internet data traffic, and all of it was traversing the public Internet. Then it hit me – he did not realize his QoS mechanisms were useless outside of his internal network.

Where there is one customer with confusion there are usually others. Hence, I’ve put together a quick fact sheet on QoS over an Internet link. Below, you’ll find five quick facts that should help clarify QoS and answer the primary question of “is it possible over the Internet?”.

Fact #1

If your QoS mechanism involves modifying packets with special instructions (ToS bits) on how it should be treated, it will only work on links where you control both ends of the circuit and everything in between.

Fact #2

Most Internet congestion is caused by incoming traffic. For data originating at your facility, you can certainly have your local router give priority to it on its way out, but you cannot set QoS bits on traffic coming into your network (We assume  from a third party). Regulating outgoing traffic with ToS  bits will not have any effect on incoming traffic.

Fact #3

Your public Internet provider will not treat ToS bits with any form of priority (The exception would be a contracted MPLS type network). Yes, they could, but if they did then everybody would game the system to get an advantage and they would not have much meaning anyway.

Fact #4

The next two facts address our initial question — Is QoS over the Internet possible? The answer is, yes, QoS on an Internet link is possible. We have spent the better part of seven years practicing this art form and it is not rocket science, but it does require a philosophical shift in thinking to get your arms around it.

We call it “equalizing,” or behavior-based shaping, and it involves monitoring incoming and outgoing streams on your Internet link.  Priority or QoS is nothing more than favoring one stream’s packets over another stream’s. You can accomplish priority QoS on incoming streams by queuing (slowing down) one stream over another without relying on ToS bits.

Fact #5

Surprisingly, behavior-based methods such as those used by our NetEqualizer do provide a level QoS for VoIP on the public Internet. Although you can’t tell the Internet to send your VoIP packets faster, most people don’t realize the problem with congested VoIP is due to the fact that their VoIP packets are getting crowded out by large downloads. Often, the offending downloads are initiated by their own employees or users. A good behavior-based shaper will be able to favor VoIP streams over less essential data streams without any reliance on the sending party adhering to a QoS scheme.

For more information, check out Using NetEqualizer To Ensure Clean Clear VOIP.

22 Responses to “QoS Over The Internet – Is it possible? Five Must-Know Facts”

  1. NetEqualizer News: July 2013 | NetEqualizer News Blog Says:

    […] QoS Over The Internet – Is it possible? Five Must-Know Facts […]

  2. Gone Says:

    Great article! It really makes clear the limits of QoS outside of the private network. I should point out, however, that one of the biggest things users of QoS forget about on their own networks is that QoS means nothing at all UNTIL the link is saturated with traffic, so none of the set priorities will mean a thing if the link is having issues other than being saturated.

  3. NetEqualizer News: October 2014 | NetEqualizer News Blog Says:

    […] QoS Over The Internet – Is it possible? Five Must-Know Facts […]

  4. ahmad Says:

    hi ,
    i have a question

    assume in an ISP getting internet from bigger provider called abc. and my bw from abc is only 1 G CIR guranteed.

    now if i need to do QOS , on my router , if i shaped traffic download to about 980Mbps and applied the rules for gurantee and priority.

    will that work ?

    or i need equalizer still ?

  5. netequalizer Says:

    No that most likely will not work. In your situation, you can do QOS on your router for traffic coming from your network going to the outside, but not coming into your network.

  6. ahmad Says:

    great , but why ???
    i need to control the download traffic becasue its the bottle neck in my network , i dont need to control the upload , i have a plenty of it and no rush on upload traffic

    now agian , if my provider give me CIR 1Gbps and i did shaping my side to 980Mbs
    in this case i will gurantee that the congestion is only @ my side and the QOS rules will work ?!!

    after shapping i will do the gurantee & priority rules …….. plz inform me why that will not work fine ???

    plz clarify why im wrong , and advise me wt products or equalizers can help me and how will it heal me in that.


  7. netequalizer Says:

    Note: I am basing this answer on conversations with many of our customers who have tried to use QOS rules on incoming traffic.

    Suppose you have 2 streams coming into your network, one is a voip call and one is a download. Typically, Your router(s) QOS rules have no way to give priority to the download over the incoming voip call. Why ? Because routers can typically only manage the priority of traffic coming out of your network, not traffic that was sent by a third party coming into your network

    The netequalizer does not use typical QOS techniques like a router, it will actually sit in the middle and create slow virtual circuits on large streams to make the sending side think the link is slower, and the sending side will back off (of the download if needed )

  8. ahmad Says:

    but im still wondering why cisco cheat us ? and let us buy router like csco ASR with 40000 $ that support QOS ???

    i still dont undertand that , wherein cisco has a lot of courses for QIS deployment ?!!
    why here we destory all the hope for QOS in the internet and seems impossible ???

    i watched alot of videos and articles , but few that touch QOS on the internet ?!!
    does the instructors who also give the course , dont know that ??

    i hope to clarify and im really sad for the money spent to deploy QOS and in the end its meanless .


  9. Does Your School Have Enough Bandwidth for On-line testing ? | NetEqualizer News Blog Says:

    […] Another complication trying to give Internet traffic traditional priority is that a typical router cannot give priority to incoming traffic, and most of the test traffic is from the outside in. We detailed this phenomenon in our post about QOS and the Internet. […]

  10. ahmad Says:

    thank you so much , but i want a logical answer , you said “we cant prioritize the incoming traffic” why ?
    plz let me ask agian ….

    lets say that youtube traffic always has fast links from its path to my path of ISP. (download) & (upload)

    now assume i have 1000 Gbps traffic and i did shaping on 800 Gbps traffric on my router so that i escape from ISP provider shaping and let all drops be on my router side .

    as i learned in cisco CCIP that we can do LLQ or priority queuing that might give priority to traffic.

    now you will say to me “No you cant because you dont control the incoming traffic”

    ok i agree with you , i see , but i assume that youtube traffic (Link ) in download direction is fast and no slow or any drop from youtube side .

    why i still cant do prioritize or do any type of guarantee or priority BW ???

    why only the shaping work with me not the “gurantee ” work ??

    im sorry if i asked question agian in other view but i like to understand this story , why we cant do it ….

    i agree with you with all you mentioned above , but i just wanted to understand and fill the gap i have in understanding



  11. netequalizer Says:

    “thank you so much , but i want a logical answer , you said “we cant prioritize the incoming traffic” why ?
    plz let me ask agian ….”

    Perhaps I miss spoke or miss stated. Yes the NetEqualizer can prioritize incoming traffic, but it does not prioritize by type of traffic ( too much traffic is tunneled and encrypted to rely on this) But we can give priority to traffic by IP. This is done by reducing the streams of all “non” priority traffic thus leaving more traffic for the priority IP.

    In order to do this subject proper justice it sometimes takes a 30 minutes type webex session or more, as we are combining several different things to arrive at priority. The main point is we provide priority by making sure all none essential streams incoming are throttled by the NetEqualizer and thus there is bandwidth left over for the priority stream. The throttling of non essential streams is done by creating slow virtual ques for their packets as they traverse through the netequalizer and they naturally back off when they sense the slower circuit that we artificially created

    When I was talking about the inability of controlling incoming traffic and giving it priority I was not talking about the NEtEqualizer methodology, traditional packet tagging (cisco) , as I understand it , will not allow you to give an incoming traffic stream priority. Again to explain this statement in detail would require a webex session

  12. ahmad Says:

    do you mind if we had a webex session ?

    you can respond to my email
    thank you

  13. ahmad Says:

    im still interested with session to discuss its features before we order it for the ISP
    thank you

  14. netequalizer Says:

    Please e-mail us at sales@apconnections.net with your contact details, thanks

  15. netequalizer Says:

    Please e-mail us directly

  16. Broadview Networks’ “BYOB” Hosted VoIP Solution | Voxomate Test Says:

    […] managers to redefine their role as managers of the network rather than managers of users who are “consumerizing” tech. Now comes another known as BYOB, but it’s not a bottle I’m talking about. […]

  17. omega Says:

    you can’t apply QoS to incoming traffic because the packets have to reach the router for it to prioritise them. Once the packets reach the destination router it is too late, they are already using WAN link bandwidth. The sending router MUST be the one to rate limit or prioritise the send order.

  18. netequalizer Says:

    That is true with standard TOS methods , not with our methods… we eluded to that later in the article, and should have explained in more detail.But basically if you create a “slow”virtual circuit” for an incoming stream you can make it slow down, because the sender will sense the slower connection and reduce their rate of send. By choosing which streams you slow down , you can give more room on the circuit to other incoming traffic, hence a higher priority. It works like a charm, and we have been doing it for 10 years, there is no reason why Cisco and other routers cannot do this. But to my knowledge they don’t

  19. Dominic Raso Says:

    This information you provided is awesome and it makes complete sense on how to prioritize packets over the internet thank you again you have no idea how important this information was for me

  20. Tom Phoenix Says:

    One exception I can think of is the case where branch office links are VPN tunnels connected over the Internet. In that case you do control both sides of the link and Cisco-like QoS methods can work to prioritize business applications. This assumes Internet access for branch office users is backhauled to the central site. For the main ISP link, a NetEq type approach is needed. (Which we use)

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: