Documente Academic
Documente Profesional
Documente Cultură
Bandwidth Policies
Shaping using QoS Policies
Overview
Bandwidth Shaping is the process of manipulating, managing or controlling (shaping) portions of a
network connection and determining the allowed bandwidth consumption based on types of activities.
It is used to limit or direct bandwidth consumption by users. An administrator may use bandwidth
shaping to limit a users ability to take too much control over the Internet gateway. Bandwidth shaping
is also called bandwidth allocation or referred to as a bandwidth management tool.
Cyberoam allows administrators to manipulate the bandwidth consumption in their network by means
of various QoS policies, and other bandwidth monitoring and controlling features. This article
describes how an administrator can shape out the bandwidth consumption in a typical network setup.
Scenario
Consider a hypothetical network setup wherein the LAN consists of all users and DMZ consists of
servers. Cyberoam acts as the Internet Gateway. The total Bandwidth capacity of the ISP link
terminating on Cyberoam WAN, i.e., total traffic going out of Cyberoam WAN, is 10 Mbps. Bandwidth
Allocation is as follows:
5 Mbps of dedicated bandwidth to servers in the DMZ, which can expand upto 10 Mbps under
less or no traffic scenario.
3 Mbps of dedicated bandwidth to users surfing business-specific websites and applications,
which can expand upto 10 Mbps under less or no traffic scenario.
2 Mbps of bandwidth for rest of the traffic, which can expand upto 10 Mbps under less or no traffic
scenario.
Configuration
You must be logged on to the Web Admin Console as an administrator with Read-Write permission
for relevant feature(s).
Go to QoS > Policy > Policy and click Add to create a new policy according to parameters given
below.
Available Options:
Strict - User cannot exceed the defined
Policy Type Committed bandwidth limit.
Committed - User is allocated the
guaranteed amount of bandwidth and
can draw bandwidth up to the defined
burstable limit, if available.
Select any one option to specify
implementation strategy of policy.
Total(Upload + Download)
Implementation On
Available options:
- Total(Upload + Download)
- Individual(Upload/Download)
Set the bandwidth priority. Priority can
be set from 0 (highest) to 7 (lowest)
Priority 1 [Business Critical]
depending on the traffic required to be
shaped.
Set the guaranteed and burstable
bandwidth.
Guaranteed Burstable
640 - 1152 Note:
Upload and Download
Cyberoam calculates bandwidth in Kilo
Bytes per second. (I Kilo Byte per
second = 8 Kilo bits per second)
Select any one to specify the bandwidth
Bandwidth Usage Type Shared
usage: Individual or Shared.
Go to QoS > Policy > Policy and click Add to create a new policy according to parameters given
below.
Available Options:
Strict - User cannot exceed the defined
Policy Type Committed bandwidth limit.
Committed - User is allocated the
guaranteed amount of bandwidth and
can draw bandwidth up to the defined
burst-able limit, if available.
Select any one option to specify
implementation strategy of policy.
Total(Upload + Download)
Implementation On
Available options:
- Total(Upload + Download)
- Individual(Upload/Download)
Set the bandwidth priority. Priority can
be set from 0 (highest) to 7 (lowest)
Priority 1 [Business Critical]
depending on the traffic required to be
shaped.
Set the guaranteed and burstable
bandwidth.
Guaranteed Burstable
384 - 1152 Note:
Upload and Download
Cyberoam calculates bandwidth in Kilo
Bytes per second. (I Kilo Byte per
second = 8 Kilo bits per second)
Select any one to specify the bandwidth
Bandwidth Usage Type Shared
usage: Individual or Shared.
Bandwidth Shaping using QoS Policies
Create a DMZ-WAN Firewall Rule and apply the QoS Policy as shown below.
Bandwidth Shaping using QoS Policies
Apply the Policy BusinessRelated_3Mbps to one or more Web Categories that classify business
critical websites for your organization. Here, as an example, we have applied the policy
BusinessRelated_3Mbps to BusinessAndEconomy Web Category.
Bandwidth Shaping using QoS Policies
You can set the bandwidth cap, or maximum bandwidth limit, by following the steps below.
Here, we have set the max bandwidth as 1152 Kbps (10 Mbps = 10240 Kbps; 10240 10% =
9216 Kbps; 9216/8 = 1152 KBps or Kilo Bytes per second).
Note:
Cyberoam calculates bandwidth in Kilo Bytes per second. (I Kilo Byte per second = 8 Kilo bits per
second)
This ensures that the guaranteed bandwidth (as specified in QoS policies) is available to users to
which the policies are applied. To enforce bandwidth guarantee, execute the following command
If bandwidth guarantee is enforced (as shown above), you can define a Default Bandwidth Policy to
be applied on the traffic on which policies are not applied. You can set the default policy by executing
the following command.
In the default policy, you can set the guaranteed and burstable bandwidth and priority on this traffic.
Note:
This bandwidth is applicable on Internal (LAN and DMZ) to External zone (WAN and VPN) traffic and
External to Internal zone traffic. Default Guaranteed bandwidth = 0 kbps, Burstable bandwidth = max-
limit, priority = 7 (lowest).
The above configuration enables shaping and fair distribution of the total bandwidth available to a
network. You can view the summary of how bandwidth is distributed in your network using the
command: show bandwidth total-guaranteed-bw.