The Broadband Guide
search advanced

Quality of Service - ToS DSCP WMM

2014-06-01 (updated: 2020-06-15) by

This article explains in detail the different commonly used network QoS packet prioritization methods. It should be noted that QoS and ToS/DSCP across the internet is not a 100% reliable means.  Internet Service Providers (ISPs) do not have to honor client DSCP markups, they can, and many do reclassify traffic by remarking ToS/DSCP bits in packets.

Quality of Service (QoS)

In general, QoS defines standard ways to prioritize traffic in a network where different types of packets should be assigned different priorities, based on their type. It is often used to classify VoIP, SIP, Video Streaming, gaming, and other types of priority traffic to improve user experience. By implementing QoS policies, network administrators can use existing resources more efficiently to ensure the required level of service for critical applications without over-provisioning networks.

Traditionally, when there is no set QoS policy, all network traffic is treated equally using the network's "best effort", with no guarantees for reliability, delay, throughput, or any other performance characteristics. With this type of best-effort delivery, any bandwidth-intensive application can use the majority of the network capacity, causing unacceptable or poor performance for all other time-critical applications. The QoS model, on the other hand allows for prioritizing some type of traffic (VoIP, gaming, etc.), or some users, to be treated with higher priority. There are also mechanisms that allow for prioritizing and shaping different types of traffic in a different way (high throughput vs. low delay, for example).

The goal of QoS is to provide preferential delivery to mission-critical and time-sensitive applications by controlling four main network characteristics:

bandwidth - throughput
latency - delay, rtt, ping
jitter - variation in latency
reliability - the percentage of packets discarded by the router

Latency and jitter are important for voice communications, and gaming for example, while bandwidth and reliability are important for bulk transfers.

QoS depends on support throughout the network - all devices from the sender network adapter, routers, and all the way to the receiving end must support QoS mechanisms. It is sometimes helpful to use QoS policies on a local network, however, to be able to pass QoS tagged packets through an ISP is not always possible, as it may conflict with their QoS policies. Many residential ISPs can ignore (or zero out) QoS/ToS/DSCP tagging in packets.

The SG TCP Analyzer can detect and display ToS/DSCP tagged packets, it can be used to determine whether the desired tagging is able to pass all the way to our server.

The sections below explain the different standard ways of marking packets with different priorities. The ToS/DSCP field is a part of IP packet headers used to classify and prioritize different types of traffic.

IP Type of Service (ToS)

The Type of Service (TOS) field in IP packet headers defines how packets should be routed, e.g. delay, precedence, reliability, etc. This ToS field is now redefined and more commonly used by Differentiated Services, a.k.a. the Diffserv Code Point (DSCP).

The TOS field consists of 8 bits that mark packets as follows:

Precedence (3 bits) Delay (1 bit) Throughput (1 bit) Reliability (1 bit) Cost (1 bit) MBZ check bit (1 bit)
000 (0) - Routine (best effort, default)
001 (1) - Priority
010 (2) - Immediate
011 (3) - Flash
100 (4) - Flash Override
101 (5) - Critical
110 (6) - Internetwork Control
111 (7) - Network Control
0 - normal
1 - low delay

0 - normal
1 - high throughput

0 - normal
1 - high reliability

0 - normal
1 - low cost

should be zero

Type of Service is described in RFC 791 and RFC 1583. The newer Differentiated Services Code Point (DSCP) variant consists of the first 6 bits, and the last two are left unused (or used for explicit congestion notification - ECN).

Notes:  The TOS Precedence field is also detailed in 802.1p/802.1q, Layer 2 Class of Service (CoS). Layer 2 switches can use the Class of Service (CoS) values of packets to classify them and put them into appropriate queues.

The IEEE 802.1q broad recommendation for the 8 possible precedence traffic classes are as follows:

0 (BK) - Background traffic
1 (BE) - Best Effort
2 (EE) - Excellent Effort
3 (CA) - Critical Applications
4 (VI) - Video, 5 (VO) - Voice, 6 (IC) - Internetwork Control
7 (NC) - Network Control

Differentiated Services Code Point (DSCP)

DiffServ/DSCP uses the first 6 bits of the above ToS field, giving 2^6 = 64 different possible values. It leaves the remaining two bits available for use by Explicit Congestion Notification (ECN). In practice, not all 64 different traffic classes are used. Most networks use the following commonly defined per-hop behaviors (PHBs):

Default PHB (per hop behavior) - typically best effort traffic, the default behavior for all traffic that does not fit any other defined class. DSCP is 000000 (0).

Expedited Forwarding (EF) [RFC 3246] - low-loss, low-latency, low-jitter traffic, suitable for voice, video and other real time services. EF is often given strict priority queuing above all other traffic classes. Typical networks will limit EF traffic to no more than 20-30% of the capacity of a link. The recommended DSCP for EF is 101110 (46).

Voice Admit (VA) [RFC 5865] - low loss, low-latency, low-jitter traffic. Newer standard with identical characteristics to Expedited Forwarding (EF), with added Call Admission Control (CAC) by the network to prevent congestion. Recommended DHCP for VA is 101100 (44).

Assured Forwarding (AF) [RFC 2597, RFC 3260] - gives assurance of delivery under prescribed conditions. AF allows the operator to provide assurance of delivery as long as the traffic does not exceed some subscribed rate. Traffic that exceeds the subscription rate faces a higher probability of being dropped if congestion occurs. The AF behavior group defines four separate AF classes, where higher classes often (but not always) have higher priority. Within each class, packets are given a "drop precedence" of high, medium or low (where higher precedence means more dropped packets). The combination of classes and drop precedence allows for twelve separate DSCP encodings from AF11 through AF43 as follows:

Class 1 Class 2 Class 3 Class 4
low dropAF11 (DSCP 10)AF21 (DSCP 18)AF31 (DSCP 26)AF41 (DSCP 34)
medium dropAF12 (DSCP 12)AF22 (DSCP 20)AF32 (DSCP 28)AF42 (DSCP 36)
high dropAF13 (DSCP 14)AF23 (DSCP 22)AF33 (DSCP 30)AF43 (DSCP 38)

Note from the above table that within the same class, higher DSCP numbers may have lower priority (higher packet drops). For example, DSCP 34 will take precedence with less packet loss over DSCP 38.

Class Slectors (CS) - maintains backward compatibility with the IP precedence field (the IP TOS value, as described above). The CS code points are of the form "nnn 000" where the first three bits are the IP precedence bits, and the remaining three are zeroes. Each IP precedence value can be mapped into a DiffServ class. If a packet is received from a non-DiffServ router that used IP TOS markings, the DiffServ router can still understand the encoding as a Class Selector code point.  CS codepoint values are as follows:

CS0000 0000
CS1001 0008
CS2010 00016
CS3011 00024
CS4100 00032
CS5101 00040
CS6110 00048
CS7111 00056

The table below combines all the above PHB methods in a single table that lists all common DSCP field values. The DSCP value in the IP header is used to select appropriate QoS treatment for packets.

DSCP, DiffServ and ToS values
DSCP NameDSCP BinaryDSCP DecimalIP PrecedenceToS HexToS DecimalNotes
CS0000 0000000 (0) - best effort0x000
CS1001 0008001 (1) - priority0x2032CS1 has lower wireless priority than zero with WMM
AF11001 01010001 (1) - priority0x2840
AF12001 10012001 (1) - priority0x3048
AF13001 11014001 (1) - priority0x3856
CS2010 00016010 (2) - immediate0x4064
AF21010 01018010 (2) - immediate0x4872
AF22010 10020010 (2) - immediate0x5080
AF23010 11022010 (2) - immediate0x5888
CS3011 00024011 (3) - flash0x6096
AF31011 01026011 (3) - flash0x68104call signalling RFC 2597
AF32011 10028011 (3) - flash0x70112
AF33011 11030011 (3) - flash0x78120
CS4100 00032100 (4) - flash override0x80128
AF41100 01034100 (4) - flash override0x88136Video RFC 4594
AF42100 10036100 (4) - flash override0x90144
AF43100 11038100 (4) - flash override0x98152
CS5101 00040101 (5) - critical0xa0160call signaling RFC 4594
VA101 10044101 (5) - critical0xb0176Voice Admit (VA) RFC 5865
EF101 11046101 (5) - critical0xb8184Expedited Forwarding (EF)
Audio RFC 3246, RFC 4594
CS6110 00048110 (6) - internetwork control0xc0192
CS7111 00056111 (7) - network control0xe0


CS = Class Selector
AF = Assured Forwarding
EF = Expedited Forwarding

The IP Precedence fields in the above table are listed in decimal notation, refer to the ToS section for the corresponding binary values.
The DiffServ Code Point (DSCP) is described in RFC 2474
With Assured Forwarding (AF), higher DSCP is not always better (higher class with lower drop precedence is better).

How to Apply DSCP under Windows 7/8/10

QoS Policy

QoS Policy settings under Windows 7/8/10 can be edited using Powershell cmdlets, or the Group Policy Editor (gpedit.msc): Computer Configuration -> Windows Settings -> Policy-based QoS

In order to define DiffServ (DSCP) values, according to Microsoft the machine needs to have joined a domain, and interfaces have to see the domain controller. To overcome this limitation, so that you can tag DSCP values even for adapters that do not have access to a domain, use the following hidden registry key:

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\QoS (you may have to create the QoS key)
"Do not use NLA"="1" (REG_SZ string value, not DWORD, not present by default, recommended: 1 if you plan to edit DSCP values via gpedit.msc)

Note: This registry key may also be needed in systems with multiple network adapters present. Rebooting after setting the value is required.

PowerShell Cmdlet to change DSCP values

In Windows 10, 8, and Server 2012 it is possible to use PowerShell to configure the DSCP values with the NetQosPolicy Cmdlet. Below are a few examples of setting the DSCP value for an app called "MyApp":

New-NetQosPolicy -Name "MyApp HTTP" -DSCPAction 26 -NetworkProfile All -AppPathNameMatchCondition "%programfiles(x86)%\MyAppFolder\MyApp.exe" -IPProtocolMatchCondition TCP -IPDstPortMatchCondition 80
New-NetQosPolicy -Name "MyApp Audio RTP" -DSCPAction 46 -NetworkProfile All -AppPathNameMatchCondition "%programfiles(x86)%\MyAppFolder\MyApp.exe" -IPProtocolMatchCondition UDP -IPSrcPortStartMatchCondition 2050 -IPSrcPortEndMatchCondition 3000
New-NetQosPolicy -Name "MyApp Video RTP" -DSCPAction 34 -NetworkProfile All -AppPathNameMatchCondition "%programfiles(x86)%\MyAppFolder\MyApp.exe" -IPProtocolMatchCondition UDP -IPSrcPortStartMatchCondition 50000 -IPSrcPortEndMatchCondition 50100
New-NetQosPolicy -Name "MyApp Signalling H323/TLS" -DSCPAction 26 -NetworkProfile All -AppPathNameMatchCondition "%programfiles(x86)%\MyAppFolder\MyApp.exe" -IPProtocolMatchCondition TCP -IPDstPortMatchCondition 1300

In the above examples, the "-DSCPAction ..." parameter determines the DSCP value, and the "IPProtocolMatchCondition" defines the protocol and port number. Note that for a range of ports, you'd have to use "IPSrcPortStartMatchCondition" and "IPSrcPortEndMatchCondition".

Notes: QoS policies added via PowerShell are not visible in the Group Policies Editor.

Group Policies Editor (gpedit.msc)

To enter a DSCP value using local group policy:

1. Click the start button, type: gpedit.msc

2. In the left pane, navigate to: Computer Configuration -> Windows Settings -> Policy-based QoS

3. Right-click on Policy-based Qos and choose "Create a new Policy" -> add name -> enter appropriate decimal number between 0-56 for DSCP, use the above tables for reference -> click Next -> All applications / All source IPs / All destination IPs -> Select both TCP and UDP, From any source port / To any destination port -> Finish

gpedit.msc is only available in the professional/ultimate Windows variants, not in Home editions.
To apply changes without rebooting, you can run the following in command prompt:  gpupdate /force

To manually edit an existing policy in the registry, see:
ServiceTypeGuaranteed HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Policies\Microsoft\Windows\Psched\

See Also:
IEEE 802.1p (802.1q) value - QoS at the MAC level allowing values of 0 through 7.
gpedit.msc -> Administrative Templates -> Network -> QoS Packet Scheduler -> DSCP value of conforming packets / DSCP value of non-conforming packets.

For MS Communicator 2007, OSC, see also:

Hierarchical Token Bucket (HTB)

Some linux-based NAT routers use HTB to schedule packets. The HTB is a traffic shaping QoS packet scheduling algorithm included in stock Linux kernels since 2.4.20.  It allows for traffic shaping in linux-based NAT routers as well, here is an example of DSCP based QoS with HTB in MikroTik devices:

Traffic Type Precedence DSCP Range HTB Priority
Routine (default) 000 (0) 000000(0) – 000111 (7) 8
Priority 001 (1) 001000 (8) – 001111 (15) 7
Immediate 010 (2) 010000 (16) – 010111 (23) 6
Flash 011 (3) 011000 (24) – 011111 (31) 5
Flash Override 100 (4) 100000 (32) – 100111 (39) 4
Critical 101 (5) 101000 (40) – 101111 (47) 3
Internetwork Control 110 (6) 111000 (48) – 110111 (55) 2
Network Control 111 (7) 111000 (56) – 111111 (63)


Wi-Fi Multimedia (WMM)

Boost Network Performance: Windows 7 QOS — BizTech

Wi-Fi Multimedia (WMM), formerly known as Wireless Multimedia Extensions (WME), is part of the 802.11e WLAN specification that enhances quality of service (QoS) on a network by prioritizing data packets.

WMM has four access categories: background, best effort, video and voice. These are used to assign priority to traffic on wireless networks. WMM access categories are mapped to DSCP values as shown in the table. Windows automatically adds packets with DSCP values to the appropriate WMM access category; packets not assigned to a specific category are automatically tagged as "best effort."

Mapping WMM Access Categories to DSCP Marks

WMM Access CategoriesDSCP Value
Background (BG) 8-23
Best Effort (BE) 0-7 and 24-31
Video (VI) 32-47
Voice (VO) 48-63

Background: file downloads, print jobs, and other traffic that does not suffer from increased latency.
Best Effort: traffic from devices that lack QoS tagging, default for all legacy devices/applications.
Video: priority over all other data traffic.
Voice: highest priority allows for Voice over IP (VoIP) with minimal latency/jitter and the highest possible quality.

Note: The Wi-Fi Alliance has also added a Power Save Certification to WMM. PowerSave is designed to fine-tune power consumption, and to save power for battery-powered devices.

See Also

SpeedGuide TCP Optimizer
Windows 10 Registry Tweaks

  Post your review/comments
News Glossary of Terms FAQs Polls Cool Links SpeedGuide Teams SG Premium Services SG Gear Store
Registry Tweaks Broadband Tools Downloads/Patches Broadband Hardware SG Ports Database Security Default Passwords User Stories
Broadband Routers Wireless Firewalls / VPNs Software Hardware User Reviews
Broadband Security Editorials General User Articles Quick Reference
Broadband Forums General Discussions
Advertising Awards Link to us Server Statistics Helping SG About