pipes, the CLI command is:
gw-world:/> pipes -show
The IDP Traffic Shaping pipes can be recognized by their distinctive naming convention which is
explained next.
Pipe Naming
NetDefendOS names the pipes it automatically creates in IDP Traffic Shaping using the pattern
IDPPipe_<bandwidth>
for
pipes
with
upstream
(forward)
flowing
traffic
and
IDPPipe_<bandwidth>R
for pipes with downstream (return) flowing traffic. A number suffix is
appended if name duplication occurs.
For example, the first pipes created with a limit of 1000 Kbps will be called
IDPPipe_1000
for
upstream traffic and
IDPPipe_1000R
for downstream traffic. Duplicates with the same limit would
get the names
IDPPipe_1000_(2)
and
IDPPipe_1000R_(2)
. If another set of duplicates occur, the
suffix
(3)
is used.
Pipes are Shared
There is not a 1 to 1 relationship between a configured IDP action and the pipes created. Two
pipes are created per configured bandwidth value, one for upstream (forward) traffic and one for
downstream (return) traffic. Multiple hosts use the same pipe for each direction with traffic in the
upstream pipe grouped using the "Per Source IP" feature and traffic in the downstream pipe
grouped using the "Per Destination IP" feature.
10.2.7. Guaranteeing Instead of Limiting Bandwidth
If desired, IDP Traffic Shaping can be used to do the opposite of limiting bandwidth for certain
applications.
If the administrator wants to guarantee a bandwidth level, say 10 Megabits, for an application
then an IDP rule can be set up to trigger for that application with the
Pipe
action specifying the
bandwidth required. The traffic shaping pipes that are then automatically created get the
highest priority by default and are therefore guaranteed that bandwidth.
10.2.8. Logging
IDP Traffic Shaping generates log messages on the following events:
•
When an IDP rule with the
Pipe
option has triggered and either host or client is present in the
Network
range.
•
When the subsystem adds a host that will have future connections blocked.
•
When a timer for piping news connections expires, a log message is generated indicating
that new connections to or from the host are no longer piped.
There are also some other log messages which indicate less common conditions. All log
messages are documented in the
Log Reference Guide
.
Chapter 10: Traffic Management
802
Summary of Contents for NetDefendOS
Page 30: ...Figure 1 3 Packet Flow Schematic Part III Chapter 1 NetDefendOS Overview 30 ...
Page 32: ...Chapter 1 NetDefendOS Overview 32 ...
Page 144: ...Chapter 2 Management and Maintenance 144 ...
Page 284: ...Chapter 3 Fundamentals 284 ...
Page 392: ...Chapter 4 Routing 392 ...
Page 419: ... Host 2001 DB8 1 MAC 00 90 12 13 14 15 5 Click OK Chapter 5 DHCP Services 419 ...
Page 420: ...Chapter 5 DHCP Services 420 ...
Page 573: ...Chapter 6 Security Mechanisms 573 ...
Page 607: ...Chapter 7 Address Translation 607 ...
Page 666: ...Chapter 8 User Authentication 666 ...
Page 775: ...Chapter 9 VPN 775 ...
Page 819: ...Chapter 10 Traffic Management 819 ...
Page 842: ...Chapter 11 High Availability 842 ...
Page 866: ...Default Enabled Chapter 13 Advanced Settings 866 ...
Page 879: ...Chapter 13 Advanced Settings 879 ...