Windows Server 2012 Policy-Based QoS

qosrate-limitingwindows-server-2012

I am trying to implement Policy-based QoS on a Windows Server 2012 VM (running on Hyper-V), but for some reason it's not kicking in. The way I added the policy was by going into the Local Group Policy Editor ==> Windows Settings ==> Policy-based QoS and added a new policy for a specific exe (didn't use the path, just the exe name), DSCP Value is 0 and a Throttle Rate of 40960 as a start.

When I ran the exe in question, it quickly started hitting outbound rates of 100mb/s and higher, which it shouldn't be doing. I tried doing a gpupdate /force to the server, but that didn't change anything either. Finally, I changed the QoS policy to be any application, TCP/UDP and the throttle rate of 40960, but that still didn't do any throttling for me – it's still running at north of 100mb/s which correlates to a rather large colocation bill.

Any ideas on how I can rate limit this exe? I can't use our router for this, as I don't know the destination IPs for this outbound traffic – it just uses DNS to Azure, and if they changed an IP, I'd be out of luck.

Edit: I found a SF post (here: How can I limit a users bandwidth in Windows Server 2008 R2) that mentioned a utility called NetLimiter 4 and gave it a shot, but it also didn't seem to limit either as my bandwidth was still spiking at well over 90mb/s.

Best Answer

I think you are misunderstanding how QoS works.

Lets say you have two applications running on a server (app A and app B) and either one is maxing the bandwidth. You decide you want to make sure App A gets more of the bandwidth.

In this case you would define two polices (lets say using exe name), you give App A a DSCP value of 10 and App B 5. You assign a throttle value of 10 MB/s to App A and 5 Mb/s to App B.

The important bit When App A is running on its own it won't be limited to 10MB/s and when App B is running on its own it won't be limited 5MB/s. Only when the two are running together and there is bandwidth contention will the throttle limit be effective.

This happens because it isn't a bandwidth limiting mechanism it is quality of service, the design implementation is to prioritise traffic rather then limit it when there is available bandwidth.

Take a look at the article here for more information but the part relating to above is this

When you assign a DSCP value to a QoS policy, you are essentially creating a queue for outbound network traffic. By default the traffic passing through the queue is not throttled. QoS only limits the traffic when bandwidth contention becomes an issue. In those types of situations lower priority queues yield to higher priority queues.

In some situations it is possible that a high priority queue could choke out a lower priority queue if a large amount of traffic passes through the higher priority queue. That being the case, the dialog box shown in the figure above gives you the opportunity to throttle the queue’s outbound traffic. Doing so implements a bandwidth cap that prevents the queue from consuming an excessive amount of bandwidth. The throttle rate can be specified in terms of either kilobits per second or megabits per second.

You may want to look at the bandwidth/qos settings on the vm configuration in hyper-v manager for true bandwidth control

Related Topic