Shaping policies can be created from scratch or by converting an existing monitoring policy to shape traffic. A shaping setting is required for each traffic classes’ SLA Name option. SLA stands for Service Level Agreement (for a background understanding of this term see Quality Of Service -An Overview). The built-in shaping settings include a range of percentages from ‘0% min – 100% max’ through to ‘90% min -100%’ max as shown below. In this image one can see the traffic class ‘sub22’ has its SLA Name option being set to one of the shaping settings.
To change an existing monitoring policy to a shaping policy depends on whether you have Netscope 2.0.x or 2.1.x. In 2.0.x ALL the traffic classes SLA Name options must be changed from the default ‘–monitor–‘ to a shaping setting. ‘–monitor–‘ is used in classifying traffic but does not actively shape or apply QoS in any way. In 2.1.x one specifies whether the policy is monitoring or shaping by selecting the ‘Mode’ in the Policy Summary screen (see picture below). In monitoring mode the SLA Name option for each class is not displayed. Whereas switch back to shaping mode and the shaper settings for each class will reappear. When creating a new class in 2.1.x All the SLA Name options will have a shaping setting. The default is ‘0%min – 100%max’.
One of the ways to learn to create a shaping policy is to start with a simple example and see it working. But first a bit of understanding.
Shaping only ever really happens when the link, that the Netscope in-line hardware device is on, is congested. If the link is not congested, packets arrive in Netscope’s shaping queues, go to the front of the shaping queues, and are immediately sent with no shaping. Furthermore, Netscope must be the slowest point on the link for shaping to work. If packets arrive at Netscope at a rate slower than Netscope’s maximum rate, there will be no congestion at Netscope and therefore no shaping.
However, trying to maintain congestion enough to see the effect of shaping in a real world situation is not easy nor desirable. Within a controlled test environment, though, congestion is maintained very easily. By configuring the Netscope in-line hardware device’s speed to be slightly less than what the link will carry shaping occurs. The following is an example of the effect of shaping in a testing environment. This was performed on an IBM x3250 M5 on a 1 Gbps link. The Activity was averaging 975.3 Mbps without shaping. Therefore the policy was configured to a little less than this at a maximum 970 Mbps.
The shaping settings in this example policy are:
By viewing the ‘Top Usage” graphs and their subsequent tables located beneath them one can see the effect of this activated shaping policy on this congested link:
The following shows the distribution of the same traffic without shaping:
You can also set up a test environment to maintain congestion constantly so that you can test Netscope’s shaping capability. You’ll need a computer connected either side of Netscope’s bridge and run software to saturate Netscope with traffic.
I suggest an easier way, a tutorial example to get you started with shaping in your own current network environment.
Creating a Shaping Policy – Tutorial example 1
All that is required is to create a shaping policy with only one traffic class. Shaping can be forced by setting a maximum for just one traffic class. Shaping will occur for this class if the throughput remains mostly over this maximum. The whole link need not be congested to see shaping at work. Find some type of traffic that will continue to mostly remain over a certain throughput (bps) for when you activate the shaping policy. To do this you may need to get familiar interacting with the graphs and data. Follow the User Guide beginning with Monitoring Your Network Traffic With Interactive Reports- Overview to get up to speed with Netscope in order to do this. Determine a value on the Activity graph above which the throughput remains most of the time.
If there is no traffic that is remaining mostly over a certain throughput you can download a large file from AtLeast1HourUpto5MbpsA.junk. There is another two available as well- AtLeast1HourUpto5MbpsB.junk and AtLeast1HourUpto5MbpsC.junk. Use a browser, file transfer program, or wget on a computer on the internal side of Netscope to download one or all of these files. The downloading of these files generate fairly constant network traffic. This will enable you to determine that value on the Activity graph which you can make the maximum for the one traffic class.
The following picture is typical network traffic. It looks like there were a couple of short downloads but the rest is normal sporadic internet usage.
There is no consistent network traffic that remains over a certain throughput (bps) so we decide to download one of those large files.
By downloading a large file we have generated constant network traffic, though not smooth, that remains over a certain throughput (bps).
At this point we should note that one should be careful about activating a shaping policy on a live network. If there is critical network traffic of importance to the business or organisation you need to ensure this traffic is not interfered with. If the link is congested and the Activity graph is showing that the overall throughput is constantly at the maximum bandwidth then introducing a download will compete with any critical network traffic. If this is the case and there is critical network traffic I’d recommend doing this tutorial at another time.
Whether you’ve found your own network traffic type or you are downloading one or more of those large files you need to create a policy (see Create, Duplicate or Import a Policy). Then create just the one traffic class in this policy (see Creating and Editing Traffic Classes). Define a traffic filter for your network traffic type. If you’re using the large downloadable files you need to find some specifics about the network packets first.
Start by looking at Top HTTP Domains.
The large downloadable files are from a web-site called mirror.netscope.net.au. As you can see this is taking up most of the overall throughput. If mirror.netscope.net.au is not showing you will need to restart the download.
Drill down on to mirror.netscope.net.au by clicking on that pie segment. On the drill down view you will see the Activity just for the network packets with the HTTP address ‘mirror.netscope.net.au’. This would be the large-downloadable-file’s packets. Select ‘Top Destination Addresses’ to attain the destination address. Do the same for the destination port. The source port will be 80.
Add a filter to the one class you’ve added to your policy. Enter in these parameters. Include TCP as the protocol. An example is shown here:
Specify the SLA setting. I recommend a value that demonstrates shaping occurring. A value too high won’t do. Remember we are showing how this class’ network traffic is being limited to a maximum value. Setting a low value for the class’s maximum compared to the maximum bandwidth will lessen the using up of throughput used by the other traffic on a maxed-out link.
Set the default class to ‘0%min-100%max’. The Link Maximum does NOT need to be lowered below your licensed maximum or the link speed for this tutorial example.
The shaping settings should look similar to:
In this case we’ve created the SLA/shaper setting ‘MaxLimitedOnly’ with a maximum and minimum set to 800 Kbps using the SLA Manager (shown below). The link inbound and outbound maximum and minimums were kept at the link speed of 1 Gbps. We chose Units of kbits/s. Percentage units are also available.
Now its time to ‘Check’ and ‘Activate’ the policy.
- Take note of the policy that is currently activated and activate it once finished with this tutorial example’s policy.
- Ensure you have a license with ‘Shaping Enabled’ set to true
Click on ‘Check’. Correct any mistakes displayed.
Once ‘Check’ is Ok then Click Activate. Click ‘Activate Now’ checkbox and click ‘Ok’.
The result is that one class’ network traffic limited to that maximum value. That class’ Activity graph is shown here:
The effect on the whole link is as follows:
At the time this shaping policy was activated the rest of the traffic was not busy so one can see the major source of the traffic being capped at that maximum limit.
Congratulations! You’ve demonstrated shaping on your live network.