QoS 策略方案QoS Policy Scenarios

适用于:Windows Server(半年频道)、Windows Server 2016Applies to: Windows Server (Semi-Annual Channel), Windows Server 2016

您可以使用本主题来查看演示使用 QoS 策略的方式、时间和原因的假设方案。You can use this topic to review hypothetical scenarios that demonstrate how, when, and why to use QoS Policy.

本主题中的两个方案为:The two scenarios in this topic are:

  1. 为业务线应用程序的网络流量设置优先级Prioritize Network Traffic for a Line-of-Business Application
  2. 为 HTTP 服务器应用程序的网络流量设置优先级Prioritize Network Traffic for an HTTP Server Application

备注

本主题中的某些部分包含执行所述操作时可以执行的常规步骤。Some sections of this topic contain general steps you can take to perform the described actions. 有关管理 QoS 策略的更多详细说明,请参阅管理 Qos 策略For more detailed instructions on managing QoS Policy, see Manage QoS Policy.

方案1:对业务线应用程序的网络流量设置优先级Scenario 1: Prioritize Network Traffic for a Line-of-Business Application

在这种情况下,IT 部门可以通过使用 QoS 策略来实现多个目标:In this scenario, an IT department has several goals that they can accomplish by using QoS Policy:

  • 为任务关键型应用程序提供更好的网络性能 - 。Provide better network performance for mission-critical applications.
  • 使用特定的应用程序时,为一组关键用户提供更好的网络性能。Provide better network performance for a key set of users while they are using a specific application.
  • 确保公司 - 范围数据备份应用程序一次使用过多的带宽不会阻碍网络性能。Ensure that the company-wide data Backup application doesn't impede network performance by using too much bandwidth at one time.

IT 部门决定将 QoS 策略配置为设置特定应用程序的优先级,方法是使用区分服务代码点 ( DSCP ) 值来分类网络流量,并将其路由器配置为针对更高优先级的流量提供优先处理。The IT department decides to configure QoS Policy to prioritize specific applications by using Differentiation Service Code Point (DSCP) values to classify network traffic, and to configure its routers to provide preferential treatment for higher priority traffic.

备注

有关 DSCP 的详细信息,请参阅主题质量 (qos) 策略中的差分服务码位定义 QoS 优先级部分。For more information on DSCP, see the section Define QoS Priority Through a Differentiated Services Code Point in the topic Quality of Service (QoS) Policy.

除了 DSCP 值,QoS 策略还可以指定限制速率。In addition to DSCP values, QoS policies can specify a throttle rate. 限制的效果是将符合 QoS 策略的所有出站流量限制为特定发送速率。Throttling has the effect of limiting all outbound traffic that matches the QoS Policy to a specific send rate.

QoS 策略配置QoS Policy Configuration

通过三个不同的目标来完成,IT 管理员决定创建三个不同的 QoS 策略。With three separate goals to accomplish, the IT administrator decides to create three different QoS policies.

LOB 应用服务器的 QoS 策略QoS Policy for LOB App Servers

-IT 部门创建 QoS 策略的第一个任务关键应用程序是公司 - 范围内的企业资源规划 ( ERP ) 应用程序。The first mission-critical application for which the IT department creates a QoS Policy is a company-wide Enterprise resource planning (ERP) application. ERP 应用程序托管在运行 Windows Server 2016 的多台计算机上。The ERP application is hosted on several computers that are all running Windows Server 2016. 在 Active Directory 域服务中,这些计算机是 ( ) 为业务线 ( LOB ) 应用程序服务器创建的组织单位 OU 的成员。In Active Directory Domain Services, these computers are members of an organization unit (OU) that was created for line-of-business (LOB) application servers. -ERP 应用程序的客户端组件安装在运行 Windows 10 并 Windows 8.1 的计算机上。The client-side component for the ERP application is installed on computers that are running Windows 10 and Windows 8.1.

在组策略中,IT 管理员选择 ( ) 将应用 QoS 策略的组策略对象 GPO。In Group Policy, an IT administrator selects the Group Policy Object (GPO) upon which the QoS policy will be applied. 通过使用 QoS 策略向导,IT 管理员将创建一个名为 "服务器 LOB 策略" 的 QoS 策略,该策略指定 - 所有应用程序的高优先级 DSCP 值44、任何 IP 地址、TCP 和 UDP 以及端口号。By using the QoS policy wizard, the IT administrator creates a QoS policy called "Server LOB policy" that specifies a high-priority DSCP value of 44 for all applications, any IP address, TCP and UDP, and port number.

QoS 策略仅适用于 LOB 服务器,只是通过组策略管理控制台 GPMC 工具将 GPO 链接到仅包含这些服务器的 OU ( ) 。The QoS policy is applied only to the LOB servers by linking the GPO to the OU that contains only these servers, via the Group Policy Management Console (GPMC) tool. 当计算机发送网络流量时,此初始服务器 LOB 策略会应用高 - 优先级 DSCP 值。This initial server LOB policy applies the high-priority DSCP value whenever the computer sends network traffic. 稍后可以 ( 在组策略对象编辑器工具中编辑此 QoS 策略 ) ,以包含 ERP 应用程序的端口号,这会将该策略限制为仅在使用指定的端口号时应用。This QoS policy can later be edited (in the Group Policy Object Editor tool) to include the ERP application's port numbers, which limits the policy to apply only when the specified port number is used.

财务组的 QoS 策略QoS Policy for the Finance Group

虽然公司内的多个组访问 ERP 应用程序,但财务小组依赖于此应用程序来处理客户,并且组要求应用程序的性能始终高。While many groups within the company access the ERP application, the finance group depends on this application when dealing with customers, and the group requires consistently high performance from the app.

为了确保财务组可以支持其客户,QoS 策略必须将这些用户的流量归类为高优先级。To ensure that the finance group can support their customers, the QoS policy must classify these users' traffic as high priority. 但是,当财务组的成员使用 ERP 应用程序以外的其他应用程序时,该策略不应应用。However, the policy should not apply when members of the finance group use applications other than the ERP application.

因此,IT 部门在组策略对象编辑器工具中定义了名为 "客户端 LOB 策略" 的另一个 QoS 策略,该策略在财务用户组运行 ERP 应用程序时应用 DSCP 值60。Because of this, the IT department defines a second QoS policy called "Client LOB policy" in the Group Policy Object Editor tool that applies a DSCP value of 60 when the finance user group runs the ERP application.

备份应用的 QoS 策略QoS Policy for a Backup App

在所有计算机上运行单独的备份应用程序。A separate backup application is running on all computers. 为了确保备份应用程序的流量不会使用所有可用的网络资源,IT 部门会创建备份数据策略。To ensure the backup application's traffic does not use all available network resources, the IT department creates a backup data policy. 此备份策略根据备份应用程序的可执行文件名称指定 DSCP 值1,此值backup.exeThis backup policy specifies a DSCP value of 1 based on the executable name for the backup app, which is backup.exe.

将为域中的所有客户端计算机创建和部署第三个 GPO。A third GPO is created and deployed for all client computers in the domain. 只要备份应用程序发送数据,就会应用低优先级 DSCP 值,即使该应用程序源自财务部门的计算机。Whenever the backup application sends data, the low-priority DSCP value is applied, even if it originates from computers in the finance department.

备注

没有 QoS 策略的网络流量将发送 DSCP 值0。Network traffic without a QoS Policy sends with a DSCP value of 0.

方案策略Scenario Policies

下表汇总了此方案的 QoS 策略。The following table summarizes the QoS policies for this scenario.

策略名称Policy name DSCP 值DSCP value 中止速率Throttle rate 应用于组织单位Applied to organization units 描述Description
[无策略][No policy] 00 NoneNone [无部署][No deployment] 最大努力 (未分类流量的默认) 处理。Best effort (default) treatment for unclassified traffic.
备份数据Backup data 11 NoneNone 所有客户端All clients 为此大容量数据应用低优先级的 DSCP 值。Applies a low-priority DSCP value for this bulk data.
服务器 LOBServer LOB 4444 NoneNone 适用于 ERP 服务器的计算机 OUComputer OU for ERP servers 对 ERP 服务器流量应用高优先级 DSCPApplies high-priority DSCP for ERP server traffic
客户端 LOBClient LOB 6060 NoneNone 财务用户组Finance user group 对 ERP 客户端流量应用高优先级 DSCPApplies high-priority DSCP for ERP client traffic

备注

DSCP 值用十进制格式表示。DSCP values are represented in decimal form.

使用组策略定义和应用 QoS 策略后,出站网络流量将接收策略指定的 DSCP 值。With QoS policies defined and applied by using Group Policy, outbound network traffic receives the policy-specified DSCP value. 然后,路由器将使用队列根据这些 DSCP 值提供差异处理。Routers then provide differential treatment based on these DSCP values by using queuing. 对于此 IT 部门,路由器配置了四个队列:高优先级、中间优先级、最大努力和低优先级。For this IT department, the routers are configured with four queues: high-priority, middle-priority, best-effort, and low-priority.

当流量到达带有 DSCP 值来自 "服务器 LOB 策略" 和 "客户端 LOB 策略" 的路由器时,数据将被放入高优先级队列。When traffic arrives at the router with DSCP values from "Server LOB policy" and "Client LOB policy," the data is placed into high-priority queues. DSCP 值为0的流量接收到最大努力级别的服务。Traffic with a DSCP value of 0 receives a best-effort level of service. 从备份应用程序) DSCP 值为 1 (的数据包接收低优先级处理。Packets with a DSCP value of 1 (from the backup application) receive low-priority treatment.

对业务线应用程序进行排序的先决条件Prerequisites for prioritizing a line-of-business application

若要完成此任务,请确保满足以下要求:To complete this task, ensure that you meet the following requirements:

  • 涉及的计算机运行的是 - 兼容 QoS 的操作系统。The computers involved are running QoS-compatible operating systems.

  • 涉及的计算机是 Active Directory 域服务 AD DS 域的成员, ( ) 以便可以使用组策略来配置它们。The computers involved are members of an Active Directory Domain Services (AD DS) domain so that they can be configured by using Group Policy.

  • TCP/IP 网络与配置了 DSCP RFC 2474 的路由器一起设置 ( ) 。TCP/IP networks are set up with routers configured for DSCP (RFC 2474). 有关详细信息,请参阅RFC 2474For more information, see RFC 2474.

  • 满足管理凭据要求。Administrative credentials requirements are met.

管理凭据Administrative credentials

若要完成此任务,必须能够创建并部署组策略对象。To complete this task, you must be able to create and deploy Group Policy Objects.

设置测试环境以确定业务线应用程序的优先级Setting up the test environment for prioritizing a line-of-business application

若要设置测试环境,请完成以下任务。To set up the test environment, complete the following tasks.

  • 创建一个 AD DS 域,其中包含客户端,并将用户分组为组织单位。Create an AD DS domain with clients and users grouped into organization units. 有关部署 AD DS 的说明,请参阅核心网络指南For instructions on deploying AD DS, see the Core Network Guide.

  • 根据 DSCP 值将路由器配置为差异 queue。Configure the routers to differentially queue based on DSCP values. 例如,DSCP 值44进入 "白金" 队列,所有其他队列均为 "加权" 队列。For example, DSCP value 44 enters a "Platinum" queue and all others are weighted-fair-queued.

备注

可以通过将网络捕获与网络监视器等工具结合使用来查看 DSCP 值。You can view DSCP values by using network captures with tools like Network Monitor. 执行网络捕获后,可以观察捕获的数据中的 TOS 字段。After you perform a network capture, you can observe the TOS field in captured data.

对业务线应用程序进行排序的步骤Steps for prioritizing a line-of-business application

若要确定业务线应用程序的优先级,请完成以下任务:To prioritize a line-of-business application, complete the following tasks:

  1. 使用 QoS 策略创建和链接组策略对象 ( GPO ) 。Create and link a Group Policy Object (GPO) with a QoS policy.

  2. 将路由器配置为差异根据所选 DSCP 值使用队列) ,将业务线应用程序 (。Configure the routers to differentially treat a line-of-business application (by using queuing) based on the selected DSCP values. 此任务的过程取决于你拥有的路由器类型。The procedures of this task will vary depending upon the type of routers you have.

方案2:确定 HTTP 服务器应用程序的网络流量的优先级Scenario 2: Prioritize Network Traffic for an HTTP Server Application

在 Windows Server 2016 中,基于策略的 QoS 包含基于功能 URL 的策略。In Windows Server 2016, Policy-based QoS includes the feature URL-based Policies. 使用 URL 策略可以管理 HTTP 服务器的带宽。URL Policies enable you to manage bandwidth for HTTP servers.

许多企业应用程序是针对 Internet Information Services IIS web 服务器开发和托管的 ( ) ,而 web 应用则从客户端计算机上的浏览器进行访问。Many Enterprise applications are developed for and hosted on Internet Information Services (IIS) web servers, and the Web apps are accessed from browsers on client computers.

在此方案中,假设你要管理一组 IIS 服务器,这些服务器为组织的所有员工托管培训视频。In this scenario, assume that you manage a set of IIS servers that host training videos for all your organization's employees. 您的目标是确保来自这些视频服务器的流量不会严重影响您的网络,并确保视频流量与网络上的语音和数据流量区分开来。Your objective is to ensure that the traffic from these video servers won't overwhelm your network, and ensure that video traffic is differentiated from voice and data traffic on the network.

该任务类似于方案1中的任务。The task is similar to the task in Scenario 1. 你将设计和配置流量管理设置(如视频流量的 DSCP 值)以及与业务线应用程序相同的限制速率。You will design and configure the traffic management settings, such as the DSCP value for the video traffic, and the throttling rate the same as you would for the line-of-business applications. 但在指定流量时,你只需输入 HTTP 服务器应用程序将响应的 URL (例如,),而不是提供应用程序名称 https://hrweb/training 。But when specifying the traffic, instead of providing the application name, you only enter the URL to which your HTTP server application will respond: for example, https://hrweb/training.

备注

对于运行 windows 7 和 Windows Server 2008 R2 之前发布的 Windows 操作系统的计算机,不能使用基于 URL 的 QoS 策略来确定网络流量的优先级。You cannot use URL-based QoS policies to prioritize network traffic for computers running Windows operating systems that were released prior to Windows 7 and Windows Server 2008 R2.

基于 URL 的策略的优先规则Precedence rules for URL-based policies

以下所有 Url 都是有效的,可以在 QoS 策略中指定并同时应用于计算机或用户:All the following URLs are valid and can be specified in QoS Policy and applied simultaneously to a computer or a user:

但哪一个将获得优先级?But which one will receive precedence? 规则非常简单。The rules are simple. 基于 URL 的策略按从左到右的读取顺序排列。URL-based policies are prioritized in a left-to-right reading order. 因此,从最高优先级到最低优先级,URL 字段是:So, from the highest priority to the lowest priority, the URL fields are:

1. URL 方案1. URL scheme

2. URL 主机2. URL host

3. URL 端口3. URL port

4. URL 路径4. URL path

详细信息如下:Details are as follows:

1. URL 方案1. URL scheme

https://的优先级高于 https://https:// has a higher priority than https://.

2. URL 主机2. URL host

从最高优先级到最低优先级,它们是:From the highest priority to the lowest, they are:

  1. 主机名Hostname

  2. IPv6 地址IPv6 address

  3. IPv4 地址IPv4 address

  4. 通配符Wildcard

对于主机名,具有较大的点式元素的主机名 (更深层) 的优先级高于具有较少点元素的主机名。In the case of hostname, a hostname with more dotted elements (more depth) has a higher priority than a hostname with fewer dotted elements. 例如,在以下主机名中:For example, among the following hostnames:

  • video.internal.training.hr.mycompany.com (深度 = 6) video.internal.training.hr.mycompany.com (depth = 6)

  • selfguide.training.mycompany.com (深度 = 4) selfguide.training.mycompany.com (depth = 4)

  • 定型 (深度 = 1) training (depth = 1)

  • 库 (深度 = 1) library (depth = 1)

    video.internal.training.hr.mycompany.com具有最高优先级, selfguide.training.mycompany.com具有下一个最高优先级。video.internal.training.hr.mycompany.com has the highest priority, and selfguide.training.mycompany.com has the next highest priority. 定型共享的优先级相同。Training and library share the same lowest priority.

3. URL 端口3. URL port

特定或隐式端口号的优先级高于通配符端口。A specific or an implicit port number has a higher priority than a wildcard port.

4. URL 路径4. URL path

与主机名一样,URL 路径可能包含多个元素。Like a hostname, a URL path may consist of multiple elements. 具有多个元素的元素的优先级始终高于较小的一个。The one with more elements always has a higher priority than the one with less. 例如,以下路径按优先级列出:For example, the following paths are listed by priority:

  1. /ebooks/tech/windows/networking/qos/ebooks/tech/windows/networking/qos

  2. /ebooks/tech/windows//ebooks/tech/windows/

  3. /ebooks/ebooks

  4. /

如果用户选择包含 URL 路径后面的所有子目录和文件,则此 URL 路径的优先级要低于所选内容。If a user chooses to include all subdirectories and files following a URL path, this URL path will have a lower priority than it would have if the choice were not made.

用户还可以选择在基于 URL 的策略中指定目标 IP 地址。A user may also choose to specify a destination IP address in a URL-based policy. 目标 IP 地址的优先级低于前面所述的四个 URL 字段中的任何一个。The destination IP address has a lower priority than any of the four URL fields described previously.

五元组策略Quintuple policy

五元组策略由协议 ID、源 IP 地址、源端口、目标 IP 地址和目标端口指定。A Quintuple policy is specified by protocol ID, source IP address, source port, destination IP address, and destination port. 五元组策略的优先级始终高于基于 URL 的任何策略。A Quintuple policy always has a higher precedence than any URL-based policy.

如果已为用户应用了五元组策略,则基于 URL 的新策略将不会导致该用户的任何客户端计算机冲突。If a Quintuple policy is already applied for a user, a new URL-based policy will not cause conflicts on any of that user's client computers.

有关本指南的下一个主题,请参阅管理 QoS 策略For the next topic in this guide, see Manage QoS Policy.

有关本指南的第一个主题,请参阅Service Quality (QoS) 策略For the first topic in this guide, see Quality of Service (QoS) Policy.