Manual Chapter : Shaping Traffic on the Network Access Client

Applies To:

Show Versions Show Versions

BIG-IP APM

  • 16.0.1, 16.0.0
Manual Chapter

Shaping Traffic on the Network Access Client

About Windows client traffic shaping

Used together, client traffic classifiers and client rate classes provide client-side traffic shaping features on Windows network access client connections. You configure a
client traffic classifier
, which defines source and destination IP addresses or networks, and can also specify a protocol. The client traffic classifier is then associated with a
client rate class
, which defines base and peak rates for traffic to which it applies, and other traffic shaping features. A client traffic classifier is assigned in a network access resource.
Client traffic classifiers support IPv4 addresses only.

Configuring client traffic shaping

Client rate shaping allows you to shape client-side traffic from Windows client systems, based on traffic parameters.
Client traffic classifiers works on UPLOAD TRAFFIC ONLY.
  1. Create a client rate class.
  2. Create a client traffic classifier.
    When you create the client traffic classifier, you select the previously created client rate class.
Together, the client rate class and client traffic classifier work to provide client-side traffic control to Windows clients to which the traffic control is applied.
Select the client traffic classifier in the
Network Settings
configuration of a network access resource. The client traffic classifier is then applied to Windows clients, for client-side traffic on the VPN tunnels defined by that network access resource.

Creating a client rate class

Create a client rate class to define the traffic shaping rules that you can apply to virtual and physical interfaces on a network access tunnel.
  1. On the Main tab, click
    Access Policy
    Network Access
    Client Traffic Control
    Client Rate Classes
    .
  2. Click
    Create
    .
    The New Client Rate Class screen opens.
  3. In the
    Name
    field, type the name for the new client rate class.
  4. Select
    Basic
    or
    Advanced
    .
    The Advanced configuration allows you to configure the burst size, the rate class mode, and override the DSCP code.
  5. In the
    Base Rate
    field, type the base rate for the client rate class. Select the units for the peak rate from the list (
    bps
    ,
    Kbps
    ,
    Mbps
    , or
    Gbps
    ).
  6. In the
    Ceiling Rate
    field, type the peak rate for the client rate class. Select the units for the ceiling rate from the list (
    bps
    ,
    Kbps
    ,
    Mbps
    , or
    Gbps
    ).
  7. In the
    Burst Size
    field, type the amount of traffic that is allowed to reach the ceiling rate defined for the traffic rate class. You can select the units for this number from the list (
    bytes
    ,
    Kilobytes
    ,
    Megabytes
    , or
    Gigabytes
    ).
  8. From the
    Service Type
    list, select the service type.
  9. From the
    Mode
    list, select the traffic shaping mode.
  10. (Optional) If you are using a differential services network, you can specify the DSCP value with which to mark this traffic by selecting the DSCP
    Override
    check box.
    In the field, type the number of the DSCP code with which to mark traffic.
  11. Click
    Finished
    .
The client rate class is created.
Select this client rate class in a client traffic classifier to apply it to Windows client-side traffic.

Client rate class properties

Client rate class properties specify settings for client traffic control rates.
Setting
Value
Description
Base Rate
Integer in
bps
,
Kbps
,
Mbps
, or
Gbps
Specifies the base data rate defined for the client rate class.
Ceiling Rate
Integer in
bps
,
Kbps
,
Mbps
, or
Gbps
Specifies the ceiling data rate defined for the client rate class.
Burst Size
Integer in
bytes
,
Kilobytes
,
Megabytes
, or
Gigabytes
Specifies the amount of traffic that is allowed to reach the ceiling data rate defined for the client rate class.
Service Type
Best Effort
,
Controlled Load
, or
Guaranteed
  • Best Effort
    - Specifies that Windows traffic control creates a flow for this client traffic class, and traffic on the flow is handled with the same priority as other Best Effort traffic.
  • Controlled Load
    - Specifies that traffic control transmits a very high percentage of packets for this client rate class to its intended receivers. Packet loss for this service type closely approximates the basic packet error rate of the transmission medium. Transmission delay for a very high percentage of the delivered packets does not greatly exceed the minimum transit delay experienced by any successfully delivered packet.
  • Guaranteed
    - Guarantees that datagrams arrive within the guaranteed delivery time and are not discarded due to queue overflows, provided the flow's traffic stays within its specified traffic parameters. This service type is intended for applications that require guaranteed packet delivery.
Mode
Shape
,
Discard
, or
Borrow
  • Shape
    - Delays packets submitted for transmission until they conform to the specified traffic profile.
  • Discard
    - Discards packets that do not conform to the specified traffic control profile.
  • Borrow
    - Allows traffic on the client rate class to borrow resources from other flows that are temporarily idle. Traffic that borrows resources is marked as nonconforming, and receives a lower priority.
DSCP
Enable/disable, integer for DSCP code
If you select
Override
, you can specify an optional DSCP code for the client rate class. DSCP is a way of classifying traffic for Quality of Service (QoS). Traffic is classified using six-bit values, and then routers on the network interpret the traffic priority based on their configurations and prioritize traffic for QoS accordingly.

Creating a client traffic classifier

You must create at least one client rate class before you create a client traffic classifier. You select client rate classes to define rules in the client traffic classifier.
Create a client traffic classifier to define traffic control rules for the virtual and physical network interfaces on a network access tunnel.
  1. On the
    Main
    tab, click
    Access Policy
    Network Access
    Client Traffic Control
    Client Traffic Classifiers
    .
  2. Click
    Create
    .
    The New client rate class screen opens.
  3. In the
    Name
    box, type a name for the client traffic classifier, and click
    Create
    .
    The Client Traffic Classifiers list screen opens.
  4. Click the name of the client traffic classifier you just created.
  5. Add rules for the appropriate interface.
    Rule type
    Description
    Rules for Virtual Network Access Interface
    Add a rule to this section to apply the traffic shaping control only to traffic on the virtual network access interface.
    Rules for Local Physical Interfaces
    Add a rule to this section to apply the traffic shaping control only to traffic on the client computer's local physical interfaces.
    Rules for Virtual Network Access and Local Physical Interfaces
    Add a rule to this section to apply the traffic shaping control to traffic on both the virtual Network Access interface and the client's local physical interfaces.

Adding a client traffic classifier entry

You add entries to an existing client traffic classifier. You must first create a client traffic classifier, and at least one client rate class.
Client traffic classifiers define client traffic control for virtual and physical network interfaces on the client systems.
  1. On the Main tab, click
    Access Policy
    Network Access
    Client Traffic Control
    Client Traffic Classifiers
    .
  2. Click the name of a client traffic classifier.
  3. Under the appropriate interface
    Rules
    area, click
    Add
    .
    The New Client Traffic Classifier Entry screen opens.
  4. Select
    Basic
    or
    Advanced
    .
    Advanced
    mode allows you to configure a source address and source ports for the client traffic control entry.
  5. Select a
    Client Rate Class
    entry.
  6. Specify any settings you require for the client traffic classifier entry.
    Note that currently you can only specify an IPv4 address for a client traffic classifier host entry.
  7. When you have finished configuring the client traffic classifier entry, click
    Finished
    .
    The configuration screen for the client traffic classifier appears again.
The client traffic classifier is updated with the client traffic classifier entry in the
Rules
area you specified.

Client traffic classifier entry properties

Configure properties for the client traffic classifier to determine how traffic is classified for traffic shaping on Windows clients.
Property
Values
Description
Basic/Advanced
Basic or Advanced (list item)
Advanced
allows you to configure a source address and source ports.
Client Rate Class
List item
A client rate class defines the client traffic shaping rates and properties for a client traffic control configuration. Because client traffic classifier entries define address pairs and protocols on which client rate classes operate, a client rate class must be created before you can use a client traffic classifier entry.
Protocol
UDP, TCP, or All Protocols.
The protocol to which this client traffic classifier entry applies.
Destination Address
Selection and manual entries
The destination address to which the client traffic classifier entry applies.
  • Any
    applies the client traffic classifier entry to any destination address.
  • Host
    applies the client traffic classifier entry to a specific host IP address. Type the IP address in the box that appears.
  • Network
    applies the client traffic classifier entry to a network address. Type the network address and the network mask in the boxes that appear.
Destination Port
Number or list item
The destination port to which the client traffic classifier entry applies. You can type the port number, or select from the list of predefined application ports.
Source Address
Selection and manual entries
The source address to which the client traffic classifier entry applies.
  • Any
    applies the client traffic classifier entry to any source address.
  • Host
    applies the client traffic classifier entry to a specific host IP address. Type the IP address in the box that appears.
  • Network
    applies the client traffic classifier entry to a network address. Type the network address and the network mask in the boxes that appear.
Source Port
Number or list item
The source port to which the client traffic classifier entry applies. You can type the port number, or select from the list of predefined application ports.