Minimum And Maximum Pipe Precedence - D-Link DFL-1660 User Manual
Network security firewall
Hide thumbs
Also See for DFL-1660:
- User manual (595 pages) ,
- Installation manual (45 pages) ,
- Reference manual (948 pages)
Table of Contents
Advertisement
10.1.6. Precedences
Chapter 10. Traffic Management
The minimum and maximum precedences define the precedence range that the pipe will handle. If a
packet arrives with an already allocated precedence below the minimum then its precedence is
changed to the minimum. Similarly, if a packet arrives with an already allocated precedence above
the maximum, its precedence is changed to the maximum.
For each pipe, separate bandwidth limits may be optionally specified for each precedence level.
These limits can be specified in kilobits per second and/or packets per second (if both are specified
then the first limit reached will be the limit used). If precedences are used then the total limit for the
pipe as a whole must be specified so the pipe knows when what its capacity is and therefore when
precedences are used.
The Best Effort Precedence
The precedence defined as the minimum pipe precedence has a special meaning: it acts as the Best
Effort Precedence. All packets arriving at this precedence will always be processed on a "first come,
first forwarded" basis and cannot be sent to another precedence.
Packets with a higher precedence and that exceed the limits of that precedence will automatically be
transferred down into this Best Effort precedence and they will no longer be treated differently from
packets with lower priorities. This approach is used since a precedence limit is also a guarantee for
that precedence.
Figure 10.4. Minimum and Maximum Pipe Precedence
Precedences have no effect until the total bandwidth allocated for a pipe is reached. In other words
when the pipe is "full". At that point traffic is prioritized by NetDefendOS with higher precedence
packets being sent before lower precedence packets. The lower precedence packets are buffered. If
buffer space becomes exhausted then they are dropped.
Applying Precedences
Continuing from the previous example, we add the requirement that SSH and Telnet traffic is to
have a higher priority than all other traffic. To do this we add a Pipe Rule specifically for SSH and
Telnet and set the priority in the rule to be a higher priority, say 2. We specify the same pipes in this
new rule as are used for other traffic.
The effect of doing this is that the SSH and Telnet rule sets the higher priority on packets related to
these services and these packets are sent through the same pipe as other traffic. The pipe then makes
sure that these higher priority packets are sent first when the total bandwidth limit specified in the
397
Advertisement
Table of Contents
Troubleshooting
