Manual Chapter : Shaping Traffic on the Network Access Client

Applies To:

Show Versions Show Versions

BIG-IP APM

  • 13.0.1, 13.0.0
Manual Chapter
 

About Windows client traffic shaping

Used together, client traffic classifiers and client rate classes provide client-side traffic shaping features on Windows® network access client connections. You configure a client traffic classifier, which defines source and destination IP addresses or networks, and can also specify a protocol. The client traffic classifier is then associated with a client rate class, which defines base and peak rates for traffic to which it applies, and other traffic shaping features. A client traffic classifier is assigned in a network access resource.

Important: Client traffic classifiers support IPv4 addresses only.

Configuring client traffic shaping

Client rate shaping allows you to shape client-side traffic from Windows® client systems, based on traffic parameters.
Important: Client traffic classifiers works on UPLOAD TRAFFIC ONLY.
  1. Create a client rate class.
  2. Create a client traffic classifier.
    When you create the client traffic classifier, you select the previously created client rate class.
Together, the client rate class and client traffic classifier work to provide client-side traffic control to Windows clients to which the traffic control is applied.
Select the client traffic classifier in the Network Settings configuration of a network access resource. The client traffic classifier is then applied to Windows clients, for client-side traffic on the VPN tunnels defined by that network access resource.

Creating a client rate class

Create a client rate class to define the traffic shaping rules that you can apply to virtual and physical interfaces on a network access tunnel.
  1. On the Main tab, click Access Policy > Network Access > Client Traffic Control > Client Rate Classes .
  2. Click Create.
    The New Client Rate Class screen opens.
  3. In the Name field, type the name for the new client rate class.
  4. Select Basic or Advanced.
    The Advanced configuration allows you to configure the burst size, the rate class mode, and override the DSCP code.
  5. In the Base Rate field, type the base rate for the client rate class. Select the units for the peak rate from the list (bps, Kbps, Mbps, or Gbps).
  6. In the Ceiling Rate field, type the peak rate for the client rate class. Select the units for the ceiling rate from the list (bps, Kbps, Mbps, or Gbps).
  7. In the Burst Size field, type the amount of traffic that is allowed to reach the ceiling rate defined for the traffic rate class. You can select the units for this number from the list (bytes, Kilobytes, Megabytes, or Gigabytes).
  8. From the Service Type list, select the service type.
  9. From the Mode list, select the traffic shaping mode.
  10. (Optional) If you are using a differential services network, you can specify the DSCP value with which to mark this traffic by selecting the DSCP Override check box.
    In the field, type the number of the DSCP code with which to mark traffic.
  11. Click Finished.
The client rate class is created.
Select this client rate class in a client traffic classifier to apply it to Windows® client-side traffic.

Client rate class properties

Client rate class properties specify settings for client traffic control rates.

Setting Value Description
Base Rate Integer in bps, Kbps, Mbps, or Gbps Specifies the base data rate defined for the client rate class.
Ceiling Rate Integer in bps, Kbps, Mbps, or Gbps Specifies the ceiling data rate defined for the client rate class.
Burst Size Integer in bytes, Kilobytes, Megabytes, or Gigabytes Specifies the amount of traffic that is allowed to reach the ceiling data rate defined for the client rate class.
Service Type Best Effort, Controlled Load, or Guaranteed
  • Best Effort - Specifies that Windows® traffic control creates a flow for this client traffic class, and traffic on the flow is handled with the same priority as other Best Effort traffic.
  • Controlled Load - Specifies that traffic control transmits a very high percentage of packets for this client rate class to its intended receivers. Packet loss for this service type closely approximates the basic packet error rate of the transmission medium. Transmission delay for a very high percentage of the delivered packets does not greatly exceed the minimum transit delay experienced by any successfully delivered packet.
  • Guaranteed - Guarantees that datagrams arrive within the guaranteed delivery time and are not discarded due to queue overflows, provided the flow's traffic stays within its specified traffic parameters. This service type is intended for applications that require guaranteed packet delivery.
Mode Shape, Discard, or Borrow
  • Shape - Delays packets submitted for transmission until they conform to the specified traffic profile.
  • Discard - Discards packets that do not conform to the specified traffic control profile.
  • Borrow - Allows traffic on the client rate class to borrow resources from other flows that are temporarily idle. Traffic that borrows resources is marked as nonconforming, and receives a lower priority.
DSCP Enable/disable, integer for DSCP code If you select Override, you can specify an optional DSCP code for the client rate class. DSCP is a way of classifying traffic for Quality of Service (QoS). Traffic is classified using six-bit values, and then routers on the network interpret the traffic priority based on their configurations and prioritize traffic for QoS accordingly.

Creating a client traffic classifier

You must create at least one client rate class before you create a client traffic classifier. You select client rate classes to define rules in the client traffic classifier.
Create a client traffic classifier to define traffic control rules for the virtual and physical network interfaces on a network access tunnel.
  1. On the Main tab, click Access Policy > Network Access > Client Traffic Control > Client Traffic Classifiers .
  2. Click Create.
    The New client rate class screen opens.
  3. In the Name box, type a name for the client traffic classifier, and click Create.
    The Client Traffic Classifiers list screen opens.
  4. Click the name of the client traffic classifier you just created.
  5. Add rules for the appropriate interface.
    Rule type Description
    Rules for Virtual Network Access Interface Add a rule to this section to apply the traffic shaping control only to traffic on the virtual network access interface.
    Rules for Local Physical Interfaces Add a rule to this section to apply the traffic shaping control only to traffic on the client computer's local physical interfaces.
    Rules for Virtual Network Access and Local Physical Interfaces Add a rule to this section to apply the traffic shaping control to traffic on both the virtual Network Access interface and the client's local physical interfaces.

Adding a client traffic classifier entry

You add entries to an existing client traffic classifier. You must first create a client traffic classifier, and at least one client rate class.
Client traffic classifiers define client traffic control for virtual and physical network interfaces on the client systems.
  1. On the Main tab, click Access Policy > Network Access > Client Traffic Control > Client Traffic Classifiers .
  2. Click the name of a client traffic classifier.
  3. Under the appropriate interface Rules area, click Add.
    The New Client Traffic Classifier Entry screen opens.
  4. Select Basic or Advanced.
    Advanced mode allows you to configure a source address and source ports for the client traffic control entry.
  5. Select a Client Rate Class entry.
  6. Specify any settings you require for the client traffic classifier entry.
    Note that currently you can only specify an IPv4 address for a client traffic classifier host entry.
  7. When you have finished configuring the client traffic classifier entry, click Finished.
    The configuration screen for the client traffic classifier appears again.
The client traffic classifier is updated with the client traffic classifier entry in the Rules area you specified.

Client traffic classifier entry properties

Configure properties for the client traffic classifier to determine how traffic is classified for traffic shaping on Windows® clients.

Property Values Description
Basic/Advanced Basic or Advanced (list item) Advanced allows you to configure a source address and source ports.
Client Rate Class List item A client rate class defines the client traffic shaping rates and properties for a client traffic control configuration. Because client traffic classifier entries define address pairs and protocols on which client rate classes operate, a client rate class must be created before you can use a client traffic classifier entry.
Protocol UDP, TCP, or All Protocols. The protocol to which this client traffic classifier entry applies.
Destination Address Selection and manual entries The destination address to which the client traffic classifier entry applies.
  • Any applies the client traffic classifier entry to any destination address.
  • Host applies the client traffic classifier entry to a specific host IP address. Type the IP address in the box that appears.
  • Network applies the client traffic classifier entry to a network address. Type the network address and the network mask in the boxes that appear.
Destination Port Number or list item The destination port to which the client traffic classifier entry applies. You can type the port number, or select from the list of predefined application ports.
Source Address Selection and manual entries The source address to which the client traffic classifier entry applies.
  • Any applies the client traffic classifier entry to any source address.
  • Host applies the client traffic classifier entry to a specific host IP address. Type the IP address in the box that appears.
  • Network applies the client traffic classifier entry to a network address. Type the network address and the network mask in the boxes that appear.
Source Port Number or list item The source port to which the client traffic classifier entry applies. You can type the port number, or select from the list of predefined application ports.