First Steps Packets Ha Per

7/31/2019 First Steps Packets Ha Per

1/14

First Steps to Using a PacketShaper

May, 2008


2/14

Disclaimer

THIS DOCUMENT IS PROVIDED AS IS WITHOUT ANY EXPRESS OR IMPLIED WARRANTY OF ANY KIND, INCLUDING WARRANTIES OF MERCHANTABILITY, NONINFRINGEMENT OF

INTELLECTUAL PROPERTY, OR FITNESS FOR ANY PARTICULAR PURPOSE. IN NO EVENT SHALL PACKETEER OR ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES WHATSOEVER (IN-

CLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF PROFITS, BUSINESS INTERRUPTION, OR LOSS OF INFORMATION) ARISING OUT OF THE USE OF OR INABILITY TO USE THIS

DOCUMENT, OR THE PRODUCTS DESCRIBED HEREIN, EVEN IF PACKETEER HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. BECAUSE SOME JURISDICTIONS PROHIBIT

THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES, THE ABOVE LIMITATION MAY NOT APPLY TO YOU. Packeteer and its suppliers fur-

ther do not warrant the accuracy or completeness of the information, text, graphics, links or other items contained within this document, or assume liability for any inciden-

tal, indirect, special or consequential damages in connection with the furnishing, performance, or use of this document. Packeteer may make changes to this document, or

to the products described herein, at any time without notice. Packeteer makes no commitment to update this document.

Copyright/Trademarks/Patents

Copyright 1996-2008 Packeteer, Inc. All rights reserved.

Copyright Packeteer, Inc. 2001 2008 and its licensors. All rights reserved.

PacketShaper, PacketShaper Xpress; PacketSeeker, and iShared appliances, and PolicyCenter, PacketWise iShared, iShaper and IntelligenceCenter software protect-

ed by, or for use under, one or more of the following U.S. Patents: 5,802,106; 6,018,516; 6,038,216; 6,046,980; 6,115,357; 6,205,120; 6,285,658; 6,298,041; 6,412,000;

6,456,630; 6,457,051; 6,460,085; 6,529,477; 6,584,083; 6,591,299; 6,654,344; 6,741,563; 6,847,983; 6,850,650; 6,854,009; 6,928,052; 6,934,255; 6,934,745; 6,970,432;

6,985,915; 7,003,572; 7,012,900; 7,013,342; 7,032,072; 7,035,474; 7,051,053; 7,054,902; 7,103,617; 7,154,416; 7,155,502; 7,203,169; 7,236,459; 7,283,468; 7,292,531;

7,324,447 and 7,324,553. Other U.S. and international patents pending.

Packeteer, the Packeteer logo, PacketWise, PacketShaper, PacketShaper Xpress, PacketSeeker, PolicyCenter, ReportCenter, SkyX, iShared, Mobiliti, iShaper, IntelligenceCenter,

Falcon, Raptor, and Talon are trademarks or registered trademarks of Packeteer, Inc. in the United States and other countries. All other products and services are the trade-

marks of their respective owners. All trademarks and registered trademarks mentioned herein are the property of their respective owners. Other product and company names

used in this document are used for identification purposes only, may be trademarks of other companies, and are the property of their respective owners. All rights reserved.

No part of this document may be reproduced, photocopied, stored on a retrieval system, transmitted, or translated into another language without the express written consent

of Packeteer, Inc. Copyright 1996-2008 Packeteer, Inc. All rights reserved.

SNMP Research SNMP Agent Resident Module Version 14.2.1.7. Copyright 1989-1997 SNMP Research, Inc.

This product includes software developed by the University of California, Berkeley and its contributors. Portions Copyright 1982, 1983, 1986, 1989, 1990, 1993 by The Re-

gents of the University of California. All rights reserved.

Portions Copyright 1996 by Internet Software Consortium. Portions Copyright 1993 by Di gital Equipment Corporation. Portions Copyright 1990 by Regents of the

University of Michigan. All rights reserved. This product includes software developed by the University of California, Berkeley and its contributors. Portions Copyright 2001

Mike Barcroft. Portions Copyright 1990, 1993 by The Regents of the University of California. All rights reserved.

This product incorporates software for zipping and unzipping files.

UnZip 5.42 of 14 January 2001, by Info-ZIP.

Zip 2.3 (November 29th 1999).Copyright 1990-1999 Info-ZIP

Portions copyright 1994, 1995, 1996, 1997, 1998, by Cold Spring Harbor Laboratory. Funded under Grant P41-RR02188 by the National Institutes of Health. Portions copyright

1996, 1997, 1998, by Boutell.Com, Inc. GIF decompression code copyright 1990, 1991, 1993, by David Koblas ([email protected]). Non-LZW-based GIF compression code

copyright 1998, by Hutchison Avenue Software Corporation (http://www.hasc.com/, [email protected]).

Portions Copyright 2006 Narciso Jaramillo.

TACACS+ software Copyright 2000,2001 by Roman Volkov.

* Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials

provided with the distribution.

* The names of its contributors may not be used to endorse or promote products derived from this soft ware without specific prior written permission.

U.S. Government Restricted Rights

Packeteer software comprises commercial computer software and commercial computer software documentation as s uch terms are used in 48 C.F.R. 12.212 (SEPT 1995)

and is provided to the United States Government (i) for acquisition by or on behalf of civilian agencies, consistent with the policy set forth in 48 C.F.R. 12.212; or (ii) for ac-quisition by or on behalf of units of the Department of Defense, consistent with the policies se t forth in 48 C.F.R. 227-7202-1 (JUN 1995) and 227.7202-3 (JUN 1995). Pack-

eteer software is provided with RESTRICTED RIGHTS. Use, duplication, or disclosure by the U.S. Government is subject to restrictions as set forth i n FAR 52.227-14 and DFAR

252.227-7013 et seq. or their successors. Use of Packeteer products or software by the U.S. Government constitutes acknowledgment of Packeteers proprietary rights in them

and to the maximum extent possible under federal law, the U.S. Government shall be bound by the terms and conditions set forth i n Packeteers end user agreement.

Packeteer, Inc.

10201 North De Anza Boulevard

Cupertino, CA 95014

http://www.packeteer.com


3/14

Table of Contents

Overview ......................... ....................... ........................ ....................... ......................... ....................... ......................... ..................... 1

Classifying Traffic on the Network............................................................................................................................................. 2

Discovering Traffic .................................................................................................................................................................... 2

Viewing the Traffic Tree.......................................................................................................................................................... 2

Problems?..................................................................................................................................................................................... 3

Analyzing Network Traffic............................................................................................................................................................. 4

Analyzing Data........................................................................................................................................................................... 4

Analyzing Network Performance ........................................................................................................................................ 4

Looking at Top Ten Reports .................................................................................................................................................. 6

Solving Performance Problems................................................................................................................................................... 7

Set Policies ................................................................................................................................................................................... 7

Create Partitions ........................................................................................................................................................................ 8Turn Shaping On........................................................................................................................................................................ 8

Verify that the Policies are Working ................................................................................................................................... 8

Problems?..................................................................................................................................................................................... 8
http://-/?-http://-/?-http://-/?-http://-/?-http://-/?-http://-/?-http://-/?-http://-/?-http://-/?-http://-/?-


4/14

Table of Contents

ii First Steps to Using a PacketShaper


5/14

First Steps to Using a PacketShaper 1

Overview

This first steps guide will show you how to use a PacketShaper to:

Classify network traffic

Analyze network and application performance Solve performance problems

Note for PacketShaper 900, 1200, and 1400 users: Because PacketShaper 900, 1200, and 1400 models are

often used in wide-spread distributed deployments, we recommend that you configure these units with

PolicyCenter, Packeteers central management product. Using PolicyCenter, you can configure a traffic tree

with appropriate policies and partitions and then distribute this configuration to all the PacketShapers

installed at your branch offices. Refer to the PolicyCenter Getting Started Guide for details. For generating

graphs and reports use Packeteers centralized reporting product, IntelligenceCenter. See the

IntelligenceCenter Getting Started Guide for details.


6/14

2 First Steps to Using a PacketShaper

Classifying Traffic on the Network

PacketShapers traffic discovery feature detects and identifies the traffic running on a network andautomatically creates traffic classes for each application, service, or protocol that it discovers. These classesare organized into a hierarchical traffic tree. Classification is a prerequisite for other PacketShaper

functions. To analyze a particular applications performance, you must first identify that applications traffic.Likewise, to control an applications performance, you isolate its traffic to adequately ration and assignresources.

Note that traffic discovery is not appropriate for all situations. If PacketShaper units are at branch officedeployments where you are monitoring and controlling application performance, you can use the trafficdiscovery feature to create application-based traffic trees. In deployments where the PacketShaper islocated at the main sites WAN or Internet link, you will want a location-based traffic tree that has trafficclasses for each branch office; in this situation, you would not want to use automatic traffic discovery. Fora detailed explanation of these traffic tree strategies, see the Deployment Topologies section of PacketGuide.

Note: Because PacketShaper 900 Lite, PacketShaper 1200 Lite, and PacketShaper 1400 Lite models are limited

to 64 classes, you will probably not want to enable the automatic traffic discovery feature.

Discovering Traffic

Automatic traffic discovery may already be enabled. To check the status of the Traffic Discovery setting:

1. Access the PacketWise software by entering PacketShapers URL or IP address in your browser.

2. Check the status line underneath the tabs. If it saysDiscovery: On, you can skip the following steps.

3. Click the setup tab in the PacketWise navigation bar.

4. To enable automatic traffic discovery, select on for Traffic Discovery.

5. Click apply changes.

Traffic needs to run through the PacketShaper over time before you can see trends and decide on a courseof action. We suggest you collect data for at least three days.

Note: Make sure the mission-critical applications are being accessed during this time so that the protocols,

services, and/or applications will be auto-discovered.

Viewing the Traffic Tree

The traffic discovery process creates traffic classes automatically, based on the traffic types it detects. Forexample, web surfing is categorized in the HTTP traffic class.

To see what classes the PacketShaper has auto-discovered, display the traffic tree:

1. Access the PacketWise software by entering PacketShapers URL or IP address in your browser.

2. Click the monitor or manage tab in the PacketWise navigation bar. The discovered classes appear in ahierarchical tree under the Inbound and Outbound folders.

PacketWise displays applications in a hierarchical tree representing application traffic traveling inboundand outbound, with respect to the PacketShaper. Applications listed in the Outbound folder represent a

request for data from external servers or responses of data from internal servers to outside requests.Applications shown in the Inbound folder represent the data being transmitted from outside servers to theLAN or requests for data from internal servers. When managing an applications performance, you mustconsider the characteristics and significance of an application flows direction.

For example, suppose a user is running Oracle as a published application over Citrix Metaframe. Assumethe Oracle user is on the LAN side of PacketShaper, and the server is on the outside. In the traffic tree, the/Outbound/Citrix/Oracle class tracks the data entry activity. The /Inbound/Citrix/Oracle class tracksthe data downloads.


7/14


Problems?

*The number of flows required to trigger class discovery can be adjusted using the Autodiscovery variableson the System Variables setup page.

Whats wrong? What might fix it:

The traffic tree is empty. Is traffic discovery turned on? Look at the status line underneath the tabs to make sure it says Discovery: On.

The traffic tree doesnt have

classes for some of the

applications I know are on

the network.

Have users initiated new sessions after connecting the unit to the network and configuring the PacketShaper? A

PacketShaper cant discover traffic classes until it sees the traffic. Make sure users are accessing the critical

applications and establishing new sessions on the network.

To avoid creating classes needlessly, the PacketShaper must see at least three* distinct flows of an application before

it deems the flows significant enough to warrant auto-discovery. The flows must begin within the same time-out

interval, typically one minute, and should have different source/destination address pairs. If youre performing tests

and want a specific application to be auto-discovered, it may be necessary to open a session, quit, and then re-open

the application so that PacketWise sees another session.

Is the PacketShaper installed on an Internet link between the VPN gateway and the router? If so, the unit sees

encrypted traffic, not individual applications; consequently, the applications will not appear in the traffic tree. In

order to differentiate between encrypted applications, the unit must be positioned between the LAN and the VPN

gateway. Although PacketWise classifies hundreds of applications, there could be custom or unique applications that do not

get auto-classified. To accommodate these situations, PacketWise provides the ability to create classes manually.

Are you using PacketShaper 900 Lite, 1200 Lite or 1400 Lite? If you have enabled automatic traffic discovery on these

models, the traffic tree will likely reach its maximum capacity (64 classes) quickly, and perhaps notwith the

applications you need to classify. For these models, Packeteer recommends that you not enable traffic discovery;

instead, manually create classes for the applications, or us e PolicyCenter.


8/14


Analyzing Network Traffic

Analyzing Data

After the PacketShaper has a chance to collect data, you can look at some of the statistics that have been

generated. Here are some analytical questions you can start with:

Note: Detailed reporting is also available via Packeteer IntelligenceCenter. Because PacketShaper 900 Lite,

PacketShaper 1200 Lite and PacketShaper 1400 Lite models have limited reporting capabilities, it is

recommended that you use IntelligenceCenter to generate your reports.

Analyzing Network Performance

The Network Performance Summary shows you where most traffic occurs on the network. To view thesummary:

1. Click the report tab on the navigation bar. The Network Performance Summary report appears. Thisreport contains six graphs Utilization, Network Efficiency, and Top 10 Classes, for both the Inboundand Outbound directions.

The default report graphs data from the last hour, but you can select a different time interval (such asthree days), if you like.

2. To choose a different time interval, enter the number of minutes, hours, days, weeks, or months in theShow field, and then select the unit of time.

For example, by entering 3 in the Show field and selecting day for the unit of time, you create a reportwith the data the PacketShaper collected over the last three days.

3. Click update to apply the new time interval settings. The new report appears.

4. Scroll down to see the Top 10 Classes graph for inbound traffic.

5. Scroll down further to see the Top 10 Classes graph for outbound traffic.

Note: As you are viewing the Top 10 Classes pie chart in the Network Performance Summary, you may want

more detail on a particular class. A quick way to get this detailed information is to click the class name on the

Question: How to find the answer:

What type of traffic is consuming the most

bandwidth right now?

Click the top ten tab to display the Top Ten - Average Rate report. Which inbound traffic class has

consumed the most bandwidth in the last hour? Which outbound traffic class?

How many times has FTP been used? Click the monitor tab. Find FTP in the traffic cl ass tree on the left and then look at the value in the Class

Hits column.

Who is generating the most Citrix traffic? (If

you dont have Citrix, use any other class of

interest.)

First, you need to enable host analysis. Click the manage tab and select Citrix in the traffic tree. Enable

Top Talkers and Top Listeners, then click apply changes.

Later, go back to this page and click the Top Talkers or Top Listeners links to see the hosts that have

generated the most Citrix traffic.

Note that this feature shows top hosts since the feature was last reset. You can use the reset button on

the Top Talkers or Top Listeners page to c lear the list and restart the host-tracking process.

What was the peak bps rate for web traffic? Click the monitor tab. Find HTTP in the traffic tree and look at the value in the Peak column.

What is the link utilization? Click the report tab, and look at the first chart, Utilization. The red line is average inbound link

utilization and the blue line is peak inbound link utilization. Scroll down and look at the outbound char t.


9/14


pie chart legend. When you click a class name, the Statistics:Reports screen appears, where you can change the

period or select additional graphs to include in the report.

6. To print the report, click print.


10/14


Looking at Top Ten Reports

The Top Ten tab offers several reports that allow you to quickly see which classes have the highest averagerate, peak rate, total bytes, or network efficiency. For example:

Note:The top ten tab is not available on the PacketShaper 900 Lite, PacketShaper 1200 Lite and PacketShaper

1400 Lite models.

To view the Top Ten reports:

1. Click the top ten tab on the navigation bar.

2. In the View top field, enter the number of classes you want to view in the report (default is 10). To viewall classes, clear this field so that its blank.

Note: If you dont want to change the view (the next step), you must clickupdate to see the revised list.

3. Select the desired view:

View Description

Average Rate The classes with the highest average bandwidth rate in the designated time interval; measured in bits per second (the

default report type)

Peak Rate The classes with the highest peak bandwidth rate in the designated t ime interval; measured in bits per second

Total Bytes The classes with the highest total bandwidth consumed in the designated t ime interval; measured in bytes

Network Efficiency The classes with the most retransmissions (that is, the lowest network efficiency)


11/14


Solving Performance Problems

PacketShapers configured with the shaping module offer two ways to solve application and networkperformance problems:

Setting policies. Apolicy determines how an applications individual flows are treated in the contextof competing applications and allows you to manage bandwidth on a flow-by-flow basis. With pol-icies, you can give each flow of mission-critical traffic the bandwidth it needs for optimum perfor-mance, as well as protect it from demanding, less important traffic. In addition, policies can keepnon-urgent traffic flows (such as FTP) from consuming more than an appropriate share of bandwidthor can block flows completely.

Creating partitions. Apartition manages bandwidth for a traffic class aggregate flows, so that all ofthe flows for the class are controlled together as one. You can use partitions to protect mission-criticaltraffic by guaranteeing that a traffic class always gets a defined amount of bandwidth. In addition,you can use partitions to limit aggressive, non-critical traffic by allowing that traffic class to consumeonly a defined amount of bandwidth.

Set PoliciesA policy controls traffic on a flow-by-flow basis. When you apply a policy to a traffic class, you define howeach flow will be treated when competing with other applications. While there are several different typesof policies you can create in PacketWise, the rate policy is the most common. With this type of policy, you can:

Guarantee each flow a minimum bits-per-second rate

Give each flow prioritized access to excess bandwidth

Limit each flow to a maximum amount of bandwidth

Take advantage of Packeteers TCP Rate Control technology that prevents traffic from being sent ata rate that is higher than it can be transferred and received, thereby greatly reducing queuing in rout-er buffers and controlling inbound traffic

Smooth bursty traffic (such as HTTP)

Priority policies, another type of PacketWise policy, establish a priority for traffic without specifying aparticular rate. Use priority policies for non-IP traffic types, or traffic that does not burst (for example,Telnet).

In addition to creating policies for mission-critical applications, you may also want to place controls onsome of the most active services and applications on the network (such as HTTP or FTP).

PacketShapers supply a set of suggested policies for many supported protocols and services. You can applya suggested policy to a traffic class, whether it was manually created or automatically created by the trafficdiscovery process.

Note: Most suggested rate policies set the guaranteed rate to zero with bursting enabled. If you have a specific

minimum rate requirement for an application, such as Voice over IP, you will need to modify the suggested

policy.

To create a policy using PacketShapers suggested settings:

1. Click the manage tab on the navigation bar. The Traffic Class window appears.

2. Select a class in the tree in the left window pane.

3. In the Traffic Class window pane, click policy and select add from the menu.

4. Click suggest policy in the NewPolicy window.

A pop-up window appears, notifying you whether a default policy was found for this service type.

5. Click OK in the pop-up window.


12/14


6. To fine-tune the policy, overwrite the displayed values or select a new policy type.

7. To create the policy, click add policy in the NewPolicy window.

Create Partitions

A partition is a virtual pipe that you can create for a given traffic class. This virtual pipe reserves bandwidthfor all flows of a given type the traffic class aggregate. Partitions can protect traffic by guaranteeing adefined amount of bandwidth for the mission-critical traffic classes. For example, you could set a 128 Kbpspartition for SNA traffic. This partition ensures that SNA will always have at least 128 Kbps of bandwidth.

Partitions can also limit less important traffic by putting a cap on the amount of bandwidth a traffic classcan use. For example, you can assign a 64 Kbps partition to FTP traffic. This prevents FTP traffic fromconsuming your entire link and blocking more important traffic.

To create a partition:

1. Click the manage tab on the navigation bar. The Traffic Class window displays.

2. Select the class in the traffic tree.

3. Click partition in the Traffic Class window and click add. The NewPartition window appears.

4. In the Size field, enter the minimum partition size in bits per second (bps). Alternatively, you can select% and enter a percentage of the parent partition size.

5. To allow the partition to use available excess bandwidth, select the Burstable checkbox.

6. Optional: In the Limit field, set a maximum bandwidth limit to be used when the partition bursts. Thislimit must be greater than the partition minimum.

7. Click add partition to create the partition.

Turn Shaping On

Policies and partitions have no effect unless traffic shaping is turned on. To do this:

1. Click the setup tab.

2. Turn Shaping on.

3. Click apply changes.

Verify that the Policies are Working

To verify that a traffic class and policy are working as expected, you can:

Observe the number of Class Hits and Policy Hits for that class in theMonitor Traffic window. ClassHits are the number of times flows match the class and Policy Hits are the number of times the policyhas been enforced. Generate more traffic for that traffic class to see if the number of hits increases.

Compare the statistics (such as the peak rate) before and after the policy was set.

Make a Class Utilization graph. Be sure to specify a time period that includes before and after thecreation of the policy.

Problems?


My graphs look strange:

the data cant be correct.

Do you have the date set correctly? Check the date & time page under the setup tab.


13/14


The LCD readout shows

traffic but the traffic tree

is empty.

Is traffic discovery turned on? Look at the status line underneath the tabs to make sure it says Discovery: On.

Is your browser set to reread the HTML page source every time? This is a PacketShaper requirement.

Performance hasnt

improved since I set

policies and created

partitions.

Is shaping turned on? Policies are only applied if shaping is on. Look at the status line underneath the tabs to make sure

it says Shaping: On.

Did you set too many policies? Try just setting policies for your most critical and most bandwidth-greedy classes.

Statistics on theMonitor

Trafficscreen dont seem

to be consistent with the

policies I set.

Is shaping turned on? Policies are only applied if shaping is on. Look at the status line underneath the tabs to make sure

it says Shaping: On.

Are you looking at cur rent data? Use the update button to refresh the screen or the clear stats button to zero out the

values and begin displaying new (post-policy) data.



14/14


First Steps Packets Ha Per

Documents

Transcript of First Steps Packets Ha Per