First Steps to Using a PacketShaper



Similar documents
First Steps to Using PacketShaper ISP

SonicOS 5.8.1: Configuring the Global Bandwidth Management Service

QoS (Quality of Service)

Barracuda Link Balancer Administrator s Guide

About Firewall Protection

CHAPTER. Monitoring and Diagnosing

Application Notes for Configuring a SonicWALL VPN with an Avaya IP Telephony Infrastructure - Issue 1.0

Applications. Network Application Performance Analysis. Laboratory. Objective. Overview

Web Application Classification Feature

Chapter 5 Configuring QoS

Setting Up Your FTP Server

SonicWALL Global Management System ViewPoint Guide. Version 2.1

Firewall VPN Router. Quick Installation Guide M73-APO09-380

VMWARE WHITE PAPER 1

Preparing for GO!Enterprise MDM On-Demand Service

Multi-Homing Dual WAN Firewall Router

Quality of Service (QoS) on Netgear switches

Lab Testing Summary Report

LotWan Appliance User Guide USER GUIDE

WHITE PAPER September CA Nimsoft For Network Monitoring

QoS Parameters. Quality of Service in the Internet. Traffic Shaping: Congestion Control. Keeping the QoS

Using Rsync for NAS-to-NAS Backups

SonicWALL Global Management System Reporting Guide Standard Edition

Avaya Network Configuration Manager User Guide

NetFlow Auditor Manual Getting Started

Blue Coat Security First Steps Solution for Deploying an Explicit Proxy

application note LAN Power: HP Web QoS with HP ProCurve Switches What is WebQoS? How WebQoS Classifies and Prioritizes Traffic

Pharos Control User Guide

DEPLOYMENT GUIDE Version 1.1. Configuring BIG-IP WOM with Oracle Database Data Guard, GoldenGate, Streams, and Recovery Manager

Is Your Network Ready for VoIP? > White Paper

CNM. Customer Network Management Portal (For Enterprise Data Customers)-User Manual

Monitoring Remote Access VPN Services

Network Probe User Guide

SonicWALL Global Management System Reporting User Guide. Version 2.5

Recommended QoS Configuration Settings for. Dell SonicWALL SOHO Router

VXOA AMI on Amazon Web Services

Applicant Tracking System Job Aids. Prepared by:

Blue Coat Security First Steps Transparent Proxy Deployments

Blue Coat Systems. PacketShaper Redundant Setup

2.0 Dual WAN Select Dual-WAN, you will see the following screen shot, Figure 0.1(Dual-WAN Screen Shot) Figure 0.1(Dual-WAN Screen Shot)

ERserver. iseries. Quality of service

Blue Coat Security First Steps Solution for Streaming Media

CHAPTER 5: CHECK POINT QOS...

DEPLOYMENT GUIDE Version 1.0. Deploying the BIG-IP Edge Gateway for Layered Security and Acceleration Services

Configuring an efficient QoS Map

Product Demonstration Guide

SPEAKEASY QUALITY OF SERVICE: VQ TECHNOLOGY

NMS300 Network Management System

Configuring Security for FTP Traffic

Smart Tips. Enabling WAN Load Balancing. Key Features. Network Diagram. Overview. Featured Products. WAN Failover. Enabling WAN Load Balancing Page 1

Dynamic DNS How-To Guide

Cloud UC Call Recording Interface in SAP dashboard

Next Generation Dashboard Guide

How To Industrial Networking

Barracuda Link Balancer

Firewall Defaults and Some Basic Rules

CCNA Discovery Networking for Homes and Small Businesses Student Packet Tracer Lab Manual

The Wingu guide to creating your first cloud server.

Edge Configuration Series Reporting Overview

ipad Installation and Setup

Dwebs IIS Log Archiver Installation and Configuration Guide for Helm 4

DDNS Management System User Manual V1.0

Configuring IPSec VPN Tunnel between NetScreen Remote Client and RN300


Lab 4.4.8a Configure a Cisco GRE over IPSec Tunnel using SDM

Hosting more than one FortiOS instance on. VLANs. 1. Network topology

SAS BI Dashboard 4.3. User's Guide. SAS Documentation

Overview of Inventory Management

Install MS SQL Server 2012 Express Edition

Grandstream Networks, Inc. UCM6100 Security Manual

Quality of Service Analysis of site to site for IPSec VPNs for realtime multimedia traffic.

Voice Over IP Performance Assurance

How To Provide Qos Based Routing In The Internet

WHITE PAPER OCTOBER CA Unified Infrastructure Management for Networks

LifeSize UVC Manager TM Deployment Guide

Presentation Reporting Quick Start

VPN Configuration Guide. Linksys (Belkin) LRT214 / LRT224 Gigabit VPN Router

Finance Reporting. Millennium FAST. User Guide Version 4.0. Memorial University of Newfoundland. September 2013

Managed Security Web Portal USER GUIDE

Packet Monitor in SonicOS 5.8

Campus VPN. Version 1.0 September 22, 2008

Application Note. IP8000 Conference Phone Configuration Guide. Table of Contents. Overview. Requirements. ST October 25, 2007

MINIMUM NETWORK REQUIREMENTS 1. REQUIREMENTS SUMMARY... 1

IP videoconferencing solution with ProCurve switches and Tandberg terminals

Frequently Asked Questions Mindful Schools Online Courses. Logging In Navigation s & Forums Tracking My Work Files...

Universal Simple Control, USC-1

Auto Attendant or IVR Setup Guide DigiCloud IP PBX Solution

How to Open HTTP or HTTPS traffic to a webserver behind the NetVanta 2000 Series unit (Enhanced OS)

SILVER PEAK ACCELERATION WITH EMC VSPEX PRIVATE CLOUD WITH RECOVERPOINT FOR VMWARE VSPHERE

Protecting the Home Network (Firewall)

NVMS User Manual

FaxFinder Fax Servers

Fonality. Optimum Business Trunking and the Fonality Trixbox Pro IP PBX Standard Edition V p13 Configuration Guide

Quality of Service. Traditional Nonconverged Network. Traditional data traffic characteristics:

NETFORT LANGUARDIAN MONITORING WAN CONNECTIONS. How to monitor WAN connections with NetFort LANGuardian Aisling Brennan

Transcription:

First Steps to Using a PacketShaper

Table of Contents Table of Contents Overview... 1 Classifying Traffic on the Network... 2 Discover Traffic... 2 View the Class Tree... 3 Problems?... 4 Analyzing Network Traffic... 5 Look at the Dashboard... 5 Display Historical Graphs... 5 Solving Performance Problems... 7 Policies... 7 DSCP... 7 Partitions... 7 Control Traffic... 8 Turn Shaping On... 8 Verify that the Policies are Working... 8 Problems?... 9 1

Table of Contents 2

Overview This first steps guide will show you how to use a PacketShaper to: Classify network traffic Analyze network and application performance Solve performance problems Note for PacketShaper 900 and 1400 users: Because PacketShaper 900 and 1400 models are often used in wide-spread distributed deployments, we recommend that you configure these units with PolicyCenter, Blue Coat System s central management product. Using PolicyCenter, you can configure a traffic tree with appropriate policies and partitions and then distribute this configuration to all the PacketShapers installed at your branch offices. Refer to the PolicyCenter Getting Started Guide for details. For generating graphs and reports, use Blue Coat s centralized reporting product, IntelligenceCenter. See the IntelligenceCenter Getting Started Guide for more information. First Steps to Using a PacketShaper 1

Classifying Traffic on the Network PacketShaper s traffic discovery feature detects and identifies the traffic running on a network and automatically creates traffic classes for each application, service, or protocol that it discovers. These classes are organized into a class tree. Classification is a prerequisite for other PacketShaper functions. To analyze a particular application s performance, you must first identify that application s traffic. Likewise, to control an application s performance, you isolate its traffic to adequately ration and assign resources. Note that traffic discovery is not appropriate for all situations. If PacketShaper units are at branch office deployments where you are monitoring and controlling application performance, you can use the traffic discovery feature to create application based traffic trees. In deployments where the PacketShaper is located at the main site s WAN or Internet link, you will want a location based traffic tree that has traffic classes for each branch office; in this situation, you would not want to use automatic traffic discovery. For a detailed explanation of these traffic tree strategies, see Enterprise Deployment Topologies in PacketGuide. Note: Because PacketShaper 900 and 1400 Lite models are limited to 64 classes, you will probably not want to enable the automatic traffic discovery feature. Discover Traffic Automatic traffic discovery may already be enabled. To check the status of the Traffic Discovery setting: 1. Log in to your PacketShaper by entering its IP address in your browser, and entering the password at the Login prompt. The Blue Coat Sky dashboard appears. 2. Check the status line at the top. If it says Discovery on, you can skip the following steps. 3. Click the Legacy UI link. (The Legacy UI is used for all setup and configuration.) 4. Click the Setup tab. The Basic Settings screen appears. 5. To enable automatic traffic discovery, select on for Traffic Discovery. 6. Click apply changes. 2 First Steps to Using a PacketShaper

Traffic needs to run through the PacketShaper over time before you can see trends and decide on a course of action. We suggest you collect data for at least three days. Note: Make sure the mission-critical applications are being accessed during this time so that the protocols, services, and/or applications will be auto-discovered. View the Class Tree The traffic discovery process creates traffic classes automatically, based on the traffic types it detects. For example, web surfing is categorized in the HTTP traffic class. To see what classes the PacketShaper has auto discovered, display the traffic tree: 1. If you aren t already in the Blue Coat Sky user interface, click the Blue Coat Sky link at the top of the screen. 2. Click the Traffic Management tab. The discovered classes appear in an alphabetical list. 3. To see the type of traffic on your network, use the scroll bar to look through the discovered classes. 4. By looking at the class tree, you can answer the following types of questions: How many times has FTP been used? (Look at the Hits column for the FTP class.) What was the peak rate for web traffic? (Look at the Peak bps column for the HTTP class.) What type of traffic is currently using the most bandwidth? (Click the Current bps column heading to sort by rate. The class with the highest rate appears at the top of the list.) First Steps to Using a PacketShaper 3

Problems? What s wrong? The class tree is empty. The class tree doesn t have classes for some of the applications I know are on the network. What might fix it: Is traffic discovery turned on? Look at the status line to make sure it says Discovery on. Have users initiated new sessions after connecting the unit to the network and configuring the PacketShaper? A PacketShaper can t discover traffic classes until it sees the traffic. Make sure users are accessing the critical applications and establishing new sessions on the network. To avoid creating classes needlessly, the PacketShaper must see at least three* distinct flows of an application before it deems the flows significant enough to warrant auto-discovery. The flows must begin within the same time-out interval, typically one minute, and should have different source/destination address pairs. If you re performing tests and want a specific application to be auto-discovered, it may be necessary to open a session, quit, and then re-open the application so that PacketWise sees another session. Is the PacketShaper installed on an Internet link between the VPN gateway and the router? If so, the unit sees encrypted traffic, not individual applications; consequently, the applications will not appear in the traffic tree. In order to differentiate between encrypted applications, the unit must be positioned between the LAN and the VPN gateway. Although PacketWise classifies hundreds of applications, there could be custom or unique applications that do not get auto-classified. To accommodate these situations, PacketWise provides the ability to create classes manually. Are you using PacketShaper 900 Lite or 1400 Lite? If you have enabled automatic traffic discovery on these models, the class tree will likely reach its maximum capacity (64 classes) quickly, and perhaps not with the applications you need to classify. For these models, Blue Coat recommends that you not enable traffic discovery; instead, manually create classes for the applications, or use PolicyCenter. *The number of flows required to trigger class discovery can be adjusted using the Autodiscovery variables on the System Variables setup page. 4 First Steps to Using a PacketShaper

Analyzing Network Traffic Look at the Dashboard The Blue Coat Sky Dashboard displays several real time graphs that allow you to get a picture of the type of traffic running on your network as well as the current link utilization. Top 10 pie charts Shows the relative portions of bandwidth allocated to the ten most active classes on the network and aggregates traffic from all other classes into a slice called All Others. When mousing over a slice, a tooltip displays the class s average bandwidth usage in bits per second and its percentage of the total bandwidth on the link. Data is refreshed every 10 seconds, showing real time information for the most recent one minute interval. Link Utilization line graphs Shows the link s bandwidth usage in bits per second. The graphs are updated every second. The graph initially shows utilization data for the last three minutes; after a period of time the x axis scale converts to displaying the last 15 minutes of data. Click the Dashboard tab to display the real time Top 10 pie charts and link utilization graphs. You can use the Dashboard to answer the following types of questions: Which inbound traffic class is currently consuming the most bandwidth? Which outbound traffic class? Are you surprised by any of the classes in your Top 10 pie charts? Which classes (for example, recreational traffic) do you not want to see in your Top 10? These classes are candidates for traffic control. See Solving Performance Problems. Is your link utilization fairly steady or are there traffic spikes? Display Historical Graphs After the PacketShaper has a chance to collect data, you can create historical graphs of the link and any traffic class. Follow the steps below to look at link utilization over various time periods. 1. In Blue Coat Sky, click the Traffic Management tab. The class tree appears in the top pane. 2. In the class tree, select Root. This class represents the Inbound and Outbound links. 3. Click the Reports icon to display the Reports module in the bottom pane. 4. Select the Historical tab. 5. Make sure Utilization with Peaks (the default graph type) is selected in the Graph field. Inbound and Outbound line graphs display in the Reports pane, showing average and peak utilization for the link. How often is utilization peaking near the link size? First Steps to Using a PacketShaper 5

The default time period is one hour. 6. If necessary, drag the horizontal slider to allocate more space to the Reports pane. 7. To graph link utilization over the last day, click Day. 8. To graph link utilization over the last three days, click Custom, adjust the From date, and click Apply. To see how efficient the link is in terms of how much traffic is not retransmitted packets, you can look at the Network Efficiency graph. 1. Make sure the Root class is still selected in the class tree. 2. Select Network Efficiency from the Graph drop down list. The Reports pane now displays Network Efficiency graphs. Is your link 100% efficient during the graphed time period? If not, how frequently are retransmissions occurring? 3. To graph network efficiency of a specific type of traffic (such as CIFS), select one of your classes in the upper pane. The following graph shows that CIFS experienced a high number of retransmissions (low efficiency) at several periods during the day. The Reports module is quite flexible and has a number of other features you might want to experiment with: Select up to 10 classes per graph. Hold down Ctrl as you click each class you want to graph. Display data as lines or stacked areas. Click the Switch to Stacked Areas button to display a stacked area graph, or the Switch to Lines button to display a line graph. Display real time graphs. Click the Real Time tab to view the current real time bandwidth utilization (in bits per second) for up to 10 classes. A line graph displays the rate at the current time (now) and tracks the rates over the last 15 minutes. Note: Detailed reporting is also available via Blue Coat System s IntelligenceCenter. Because PacketShaper 900 Lite and PacketShaper 1400 Lite models have limited reporting capabilities, it is recommended that you use IntelligenceCenter to generate your reports for these models. 6 First Steps to Using a PacketShaper

Solving Performance Problems PacketShapers offer three ways to solve application and network performance problems: policies, DSCP, and partitions. Policies A policy determines how an application s individual flows are treated in the context of competing applications and allows you to manage bandwidth on a flow by flow basis. With policies, you can give each flow of mission critical traffic the bandwidth it needs for optimum performance, as well as protect it from demanding, less important traffic. In addition, policies can keep non urgent traffic flows (such as FTP) from consuming more than an appropriate share of bandwidth or can block flows completely. When you apply a policy to a traffic class, you define how each flow will be treated when competing with other applications. While there are several different types of policies you can create in PacketWise, the rate policy is the most common. With this type of policy, you can: Guarantee each flow a minimum bits per second rate Give each flow prioritized access to excess bandwidth Limit each flow to a maximum amount of bandwidth Take advantage of Blue Coat s TCP Rate Control technology that prevents traffic from being sent at a rate that is higher than it can be transferred and received, thereby greatly reducing queuing in router buffers and controlling inbound traffic Smooth bursty traffic (such as HTTP) Priority policies, another type of PacketWise policy, establish a priority for traffic without specifying a particular rate. Use priority policies for non IP traffic types, or traffic that does not burst (for example, Telnet). In addition to creating policies for mission critical applications, you may also want to place controls on some of the most active services and applications on the network (such as HTTP or FTP). DSCP Network routers can apply differentiated grades of service to packet streams based on a Diffserv Code Point (DSCP) marker in an IP packet header. PacketShaper is able to mark applications with a specific DSCP marker (0 63). Partitions A partition manages bandwidth for a traffic class aggregate flows, so that all of the flows for the class are controlled together as one. You can use partitions to protect mission critical traffic by guaranteeing that a traffic class always gets a defined amount of bandwidth. In addition, you can use partitions to limit aggressive, non critical traffic by allowing that traffic class to consume only a defined amount of bandwidth. A partition is a virtual pipe that you can create for a given traffic class. This virtual pipe reserves bandwidth for all flows of a given type the traffic class aggregate. Partitions can protect traffic by guaranteeing a defined amount of bandwidth for the mission critical traffic classes. For example, you could set a 128 Kbps partition for SNA traffic. This partition ensures that SNA will always have at least 128 Kbps of bandwidth. Partitions can also limit less important traffic by putting a cap on the amount of bandwidth a traffic class can use. For example, you can assign a 64 Kbps partition to FTP traffic. This prevents FTP traffic from consuming your entire link and blocking more important traffic. First Steps to Using a PacketShaper 7

Control Traffic Based on the type of traffic on your network and your company s priorities, you can begin to set controls on your traffic classes. In the following example, you will limit the amount of Gnutella peer to peer traffic on your network by setting a small partition and a low priority rate policy. 1. Click the Traffic Management tab. The class tree appears in the upper pane. 2. Select the Gnutella class. 3. Click the Policy Manager icon. 4. Click the Class Operations tab. 5. Click Control Traffic. 6. Fill in the policy and partition settings as shown below. 7. Click Apply. Turn Shaping On Traffic control settings have no effect unless traffic shaping is turned on. To do this: 1. Switch to the Legacy UI. 2. Click the setup tab. 3. Turn Shaping on. 4. Click apply changes. The status line now says Shaping on. Verify that the Policies are Working To verify that a traffic class and its control settings are working as expected, you can: 1. First, make sure traffic is being generated for the type of traffic you created policy and partition settings for. 2. In Blue Coat Sky, look at the class tree in the Traffic Management tab. Locate the class and compare the settings in the Policy/Partition column to the rate statistics (1 Min bps and Peak bps). For example, if you created a non burstable 500 kbps partition for the class, the rate should not exceed 500 kbps. (You should reset the statistics and then refresh them periodically.) 3. Create a historical Utilization with Peaks graph for the class. Be sure to specify a time period that includes before and after the creation of the control settings. 8 First Steps to Using a PacketShaper

Problems? What s wrong? My graphs look strange: the data can t be correct. The LCD readout shows traffic but the traffic tree is empty. Performance hasn t improved since I set policies and created partitions. Statistics in the class tree don t seem to be consistent with the policies I set. What might fix it: Do you have the date set correctly? Check the date & time page under the Setup tab in the Legacy UI. Is traffic discovery turned on? Look at the status line to make sure it says Discovery on. Is your browser set to reread the HTML page source every time? This is a PacketShaper requirement. Is shaping turned on? Policies and partitions are only applied if shaping is on. Look at the status line to make sure it says Shaping on. Did you set too many policies? Try just setting policies for your most critical and most bandwidth-greedy classes. Is shaping turned on? Policies and partitions are only applied if shaping is on. Look at the status line to make sure it says Shaping on. Are you looking at current data? Are you looking at current data? Use the Refresh button to update the statistics or the Reset button to zero out the values and begin displaying new (post-policy) data. First Steps to Using a PacketShaper 9

10 First Steps to Using a PacketShaper

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information