Creating Differentiated Limits With Chains; Limiting Bandwidth In Both Directions - D-Link NetDefend DFL-210 User Manual

10.1.5. Creating Differentiated Limits
with Chains
Example 10.2. Limiting Bandwidth in Both Directions
Create a second pipe for outbound traffic:
Command-Line Interface
gw-world:/> add Pipe std-out LimitKbpsTotal=2000
Web Interface
1. Go to Traffic Management > Traffic Shaping > Pipes > Add > Pipe
2. Specify a name for the pipe, for example std-out
3. Enter 2000 in Total textbox
4. Click OK
After creating a pipe for outbound bandwidth control, add it to the forward pipe chain of the rule created in the
previous example:
Command-Line Interface
gw-world:/> set PipeRule Outbound ForwardChain=std-out
Web Interface
1. Go to Traffic Management > Traffic Shaping > Pipe Rules
2. Right-click on the pipe rule you created in the previous example and choose Edit
3. Under the Traffic Shaping tab, select std-out in the Forward Chain list
4. Click OK
This results in all outbound connections being limited to 2 Mbps in each direction.

10.1.5. Creating Differentiated Limits with Chains

In the previous examples a static traffic limit for all outbound connections was applied. What if we
want to limit web surfing more than other traffic? We could set up two "surfing" pipes for inbound
and outbound traffic. However, we most likely will not need to limit outbound traffic because
surfing usually consists of short outbound requests followed by long inbound answers. Let's assume
the total bandwidth limit is 250 kbps and 125 kbps of that is to be allocated to web surfing inbound
traffic. A surf-in pipe is therefore setup for inbound traffic with a 125 kbps limit.
Next, a new Pipe Rule is set up for surfing that uses the surf-in pipe and it is placed before the rule
that directs "everything else" through the std-in pipe. That way surfing traffic goes through the
surf-in pipe and everything else is handled by the rule and pipe created earlier.
Unfortunately this will not achieve the desired effect, which is allocating a maximum of 125 kbps to
inbound surfing traffic as part of the 250 kbps total. Inbound traffic will pass through one of two
pipes: one that allows 250 kbps, and one that allows 125 kbps, giving a possible total of 375 kbps of
inbound traffic.
To solve this, we create a chain of the surf-in pipe followed by the std-in pipe in the surfing traffic
Pipe Rule. Inbound surf traffic will now first pass through surf-in and be limited to a maximum of
125 kbps. Then, it will pass through the std-in pipe along with other inbound traffic, which will
apply the 250 kbps total limit. If surfing uses the full limit of 125 kbps, those 125 kbps will occupy
half of the std-in pipe leaving 125 kbps for the rest of the traffic. If no surfing is taking place then
all of the 250 kbps allowed through std-in will be available for other traffic.
407
Chapter 10. Traffic Management