Follow

Limit Bandwidth by Leveraging Application Control Rulesets

Is your network bandwidth being saturated by 'non-essential' or 'non-business-critical' traffic? Are your users spending too much time and resources on applications like Pandora or YouTube while legitimate traffic suffers because of it? Lock it down with Bandwidth Control rules that leverage Application Control signatures. Here's how to start:

First, you need to get a snapshot of who the heavy users and applications are on your network. This is best accomplished by navigating to the Reports section, selecting bandwidth control, and viewing some of the Top traffic reports such as Top Hostnames, Clients, and Usernames for heavy bandwidth users and Top Application for the most prevalent application traffic.

(Right Click and select 'open image in new tab' (Chrome) to view a larger version of any images)

In the screenshot above, all of the applications listed in the pie graph legend (HTTP, YAHOO, GOOGLE, APPLE, RTP, SSL, POP3, CNET, PANDORA) are available signatures in Application Control > Settings > Applications tab. You can outright block or tarpit that traffic in Application Control or you can create Bandwidth Control rules that limit the bandwidth priority for that traffic.

If you haven't already, run the Bandwidth Control wizard and enable the Bandwidth Control application. You will prompted to enter the upload and download values of your internet bandwidth. You can change these values at any time by navigating to Config > Network > Advanced tab > QoS (lower tab). Accuracy is very important for setting the priority percentages and we recommend entering 90-95% of what your actual bandwidth is. For example on a network with a 50 mbps up and down connection you would enter a value in the range of 45-47 mbps.

With Bandwidth Control installed, configured (via the wizard), and QoS enabled let's view some rules. Navigate to Bandwidth Control > Settings > Rules tab. Here are some examples of rules. As you can see, each rule has an action and many of those actions are to set a priority. Priorities can be viewed and edited in QoS:

The 7 priorities in the default configuration can be thought of as two sets - the top four priorities: Very High, High, Medium and Low can all consume all available bandwidth if no higher priority class wishes to use it. Use these to prioritize traffic above normal, such as VoIP or important business traffic. The bottom three priorities Limited, Limited More, and Limited Severely are always limited regardless of other priorities' bandwidth consumption, because their download and upload limits are set to less than 100%. These should be used in situation where the goal is to restrict traffic regardless of if there is more bandwidth available. You can edit these priority values in Config > Network > Advanced > QoS.

 https://wiki.untangle.com/index.php/QoS#The_7_Priorities

 Now, let's create a rule. Pandora was listed on the Top Application by size report that we looked at earlier in the first screenshot. Let's assign a 'Limited' bandwidth to the application Pandora for traffic passing through the default rack. Navigate to Apps > Bandwidth Control > Rules tab and click 'add' to add a new custom rule. 

 As you can see in the screenshot above, I used the conditional 'Application Control: Application' and we procured the application name from the reporting/application control rules. The action type is 'Set Priority' and that unlocks the 'Priority' drop-down menu where you can select one of the 7 priorities to assign to this application traffic.

Confirm that the priority you assigned is being enacted on this traffic by reviewing the reporting (Reports > Bandwidth Control > Prioritized Sessions (in Select Events). 

 

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments

Powered by Zendesk