Thread Info
  • State Suggested Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 13 replies
  • Answers 3 answers
  • Subscribers 31 subscribers
  • Views 32575 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Traffic Shaping

max max

 Hi, 

 

I assigned bandwidth restriction to a firewall rule which all the traffics from LAN Zone to WAN Zone with any service, source, and destination has 512KBbps bandwidth limitation. I tried both shared and individual Bandwidth Usage Type. But it does not work!

In general, I need to make a pool of bandwidth and assign it to a group which all users in the group can share the bandwidth and use it and no one can not exceed the limitation.

Could you help me to solve the problem and realizing the difference between SHARE and INDIVIDUAL Bandwidth Usage Type?



This thread was automatically locked due to age.
Parents
  • 0

    When you say doesn't work, what happens? In my case, the individual setting in a Traffic Shaping in a Firewall rule seems to limit the shared bandwidth, not the individual bandwidth. We have had to increase it several times and can see the effect it has straight away. Does the individual option only work when you have authenticated users?

     

    [edit]

    Just found this in the Administrators user guide:

    • Individual - Allocated bandwidth is for the particular User/Rule/Web Category/Application only.

    • Shared - Allocated bandwidth is shared among all the Users/Rules/Web Categories/Applications who have been

      assigned this policy

    So Individual means for a particular group or user, depending on where the Traffic Shaping setting is applied? Can anyone confirm this?

Reply
  • 0

    When you say doesn't work, what happens? In my case, the individual setting in a Traffic Shaping in a Firewall rule seems to limit the shared bandwidth, not the individual bandwidth. We have had to increase it several times and can see the effect it has straight away. Does the individual option only work when you have authenticated users?

     

    [edit]

    Just found this in the Administrators user guide:

    • Individual - Allocated bandwidth is for the particular User/Rule/Web Category/Application only.

    • Shared - Allocated bandwidth is shared among all the Users/Rules/Web Categories/Applications who have been

      assigned this policy

    So Individual means for a particular group or user, depending on where the Traffic Shaping setting is applied? Can anyone confirm this?

Children
  • 0 in reply to Malcolm Snelgrove

    Hi Malcolm , 

    Yes, but in an instance, if the Rule does not have Match users enabled then it will take per user as individual otherwise the group passes through the rule will be shared. 

    Calculation: 1mbps bandwidth provided by ISP =128KBPS -10%

    Value added is in KBPS added in QOS value. 

    128KBps = 1024Mbps/8

    Value in QOS = Bandwidth/8

     

  • 0 in reply to Aditya Patel

    So if I have a network rule that routes traffic based on a VLAN.  The VLAN is dedicated to VOIP devices.  And I want to apply a traffic shaping rule.  Should I use a rule that is defined as individual or shared?  If individual is used does each connection get the guaranteed bandwidth or do all connections in the rule share the guarantee?

  • 0 in reply to CameronSlade

    Hi CameronSlade ,

    It would be shared, the firewall rules will not apply QOS to each connection.

  • 0 in reply to Aditya Patel

    Aditya Patel said:

    Hi CameronSlade ,

    It would be shared, the firewall rules will not apply QOS to each connection.

     

    are you sure about that? QoS should be applied to each IP.

    Regards

  • 0 in reply to lferrara

    Thanks to both of you for weighing in on this topic.  Unfortunately your responses reflect the confusion around how traffic shaping that exists at Sophos.  I have received both answers from tech Sophos support.  I really don't understand why there is any ambiguity on this subject.  In my opinion, the scenario I have defined in the post is pretty standard.  All VOIP devices are on a dedicated VLAN and I want apply QOS to the traffic.  How should I define the Traffic Shaping/QOS rule and how will it be applied?  There should be a KB on this subject that provides explicit examples and think the scenario I have defined should be one of them.  FWIW the default QoS rule from Sophos would tend to support Iferrara's assertion.

    Regards,

    Cameron

     

  • 0 in reply to Aditya Patel

    Hi Aditya or anyone at Sophos,

     

    Can you please weigh in on this subject and provide a definitive answer to how traffic shaping works in the scenario I have defined?

     

    Thanks to both of you for weighing in on this topic.  Unfortunately your responses reflect the confusion around how traffic shaping that exists at Sophos.  I have received both answers from tech Sophos support.  I really don't understand why there is any ambiguity on this subject.  In my opinion, the scenario I have defined in the post is pretty standard.  All VOIP devices are on a dedicated VLAN and I want apply QOS to the traffic.  How should I define the Traffic Shaping/QOS rule and how will it be applied?  There should be a KB on this subject that provides explicit examples and think the scenario I have defined should be one of them.  FWIW the default QoS rule from Sophos would tend to support Iferrara's assertion.

    Regards,

    Cameron

     

  • 0 in reply to CameronSlade

    Hi 

    Here is the configuration behaviour you may be interested to set for your network.

    • Individual : Allocated bandwidth is for the particular User/Rule/Web Category/Application only
    • Shared : Allocated bandwidth is shared among all the Users/Rules/Web Categories/Applications who have been assigned this policy

    • Users Based : If admin wants to implement bandwidth restriction on any user then admin needs to use User Based traffic shaping policy
    • Rules Based : If admin wants to implement bandwidth restriction on traffic flowing from particular rule like admin wants to restrict bandwidth on particular network then admin needs to use Rule based traffic shaping policy
    • Web Category Based : If admin wants to implement bandwidth restriction on particular Web Category then admin needs to use Web Category based traffic shaping policy
    • Applications Based : If admin wants to implement bandwidth restriction on particular Application or Application Category then admin needs to use Application based traffic shaping policy

    • -----------------------------------------------------------------------------------------------------------------------

    • Total Available WAN Bandwidth
    • Optimization for real time traffic (VoIP ) [enable/disable]
    • Enforced guaranteed bandwidth [enable/disable]
    • Default policy
    • Note: In GUI, bandwidth configuration unit is KBps
    • 1 KBps = 1 Kilo  Bytes per sec = 1 * 1000 * 8 bits per sec

  • 0 in reply to Aditya Patel

    Aditya,

     

    Sorry to be difficult.  But all you have done is copy and paste the help file which I have read.  Why can't someone at Sophos take the scenario I have presented and provide a definitive answer on how to define the QOS traffic shaping policy?  I find it extremely frustrating that no one at Sophos can give me a good answer.  Please refer to my earlier post and provide a definitive answer how do configure QOS.

    Regards

    Cameron

  • 0 in reply to CameronSlade

    I just wanted to let you know that 1 year later I still feel your pain as I am facing the exact same issue :-(

  • 0 in reply to PreHCM-PK

    Same here.  It has been another year and the documentation is still confusing and we haven't received any clarification.