Traffic Management; Traffic Shaping; Introduction - D-Link NetDefend DFL-210 User Manual

Chapter 10. Traffic Management
This chapter describes how NetDefendOS can manage network traffic.
• Traffic Shaping, page 267
• Threshold Rules, page 279
• Server Load Balancing, page 281

10.1. Traffic Shaping

10.1.1. Introduction

QoS with TCP/IP
A weakness of TCP/IP is the lack of true Quality of Service (QoS) functionality. QoS is the ability
to guarantee and limit network bandwidth for certain services and users. Solutions such as the
Differentiated Services (Diffserv) architecture have been designed to try and deal with the QoS issue
in large networks by using information in packet headers to provide network devices with QoS
information.
NetDefendOS Diffserv Support
NetDefendOS supports the Diffserv architecture in two ways: firstly NetDefendOS forwarding the 6
bits which make up the Diffserv Differentiated Services Code Point (DSCP) as well as copying
these bits from the data traffic inside VPN tunnels to the encapsulating packets. Secondly, and as
described later in this chapter, DSCP bits can be used by the NetDefendOS traffic shaping
subsystem as a basis for prioritizing traffic passing through a D-Link Firewall.
The Traffic Shaping Solution
Architectures like Diffserv however, fall short if applications themselves supply the network with
QoS information. In most networks it is rarely appropriate to let the applications, the users of the
network, decide the priority of their own traffic. If the users cannot be relied upon then the network
equipment must make the decisions concerning priorities and bandwidth allocation.
NetDefendOS provides QoS control by allowing the administrator to apply limits and guarantees to
the network traffic passing through a D-Link Firewall. This approach is often referred to as traffic
shaping and is well suited to managing bandwidth for LANs as well as to managing the bottlenecks
that might be found in larger WANs. It can be applied to any traffic including that passing through
VPN tunnels.
Traffic Shaping Objectives
Traffic shaping operates by measuring and queuing IP packets with respect to a number of
configurable parameters. The objectives are:
• Applying bandwidth limits and queuing packets that exceed configured limits, then sending
them later when bandwidth demands are lower.
• Dropping packets if packet buffers are full. The packets to be dropped should be chosen from
those that are responsible for the "jam".
• Prioritizing traffic according to administrator decisions. If traffic with a high priority increases
while a communications line is full, traffic with a low priority can be temporarily limited to
make room for the higher priority traffic.
267