Shaping Rules

Speed limitation rules provide restriction of the maximum speed for connections from individual users, user groups or IP address sets based on the values provided in rule options. Rules are ordered, and you can easily change the order using the appropriate buttons on the toolbar or the commands in the context menu of rules. After a new connection has been detected, Bandwidth Splitter starts checking rules in the order of sequence for matching the connection details. If rule fully matches this connection, it is applied to limit the speed.

Since version 1.39, it is possible to configure several shaping rules to be applied to the same connection to allow more complex configurations. In this case the minimum of their speed limits is enforced for the connection. But even if connection is not limited by some of the applied shaping rules, it still can affect other connections which are limited by these rules because it takes its portion in their allowed bandwidth. You can see the examples of applying the multiple shaping rules on our forum.

Shaping Rules (click to enlarge figure)

To create a Shaping Rule, in the console tree of Forefront TMG Management, right click Shaping Rules, point to New, and then click Rule. Proceed with following the instructions of the wizard. Note that the rule elements necessary to create the rule should be set up before starting the wizard.

The below is a description of the Shaping Rules options and their effect.

On the General tab, supply the name for the rule and its description. You can also enable or disable the rule here by selecting or deselecting the Enable option.

Use the Applies To tab to specify objects for the rule to apply to. You can select IP address sets or user sets. Exclusions can also be set up here.

On the Destinations tab, specify destination IP address sets to which the rule applies.

Use the Schedule tab to set up the schedule for the current rule. The default setting is Always, but you can select any other scheduling option from those configured in Forefront TMG.

The Action tab is used to set the speed limits to be provided by the rule.

Action tab of Shaping Rule Properties (click to enlarge figure)

If the No shaping mode is selected, the transfer rate for clients under this rule will not be restricted.

You can select different shaping modes: shape sum of incoming and outgoing traffic, shape separately incoming and outgoing traffic, shape incoming traffic only, shape outgoing traffic only. Set the speed limits allowed by the rule in kilobits per second.

Forefront TMG cache content can be supplied on request both unrestricted in speed (in case the Don't shape cached web content option is selected) and with speed restrictions set up by the rule in the same way as for all other traffic (if the checkbox is not selected).

The HTTP Boost mode lets essentially accelerate web surfing. Viewing of web pages is often discontinuous: first the page is loaded, then a pause follows (as the user reads and analyses the content) when no requests are transmitted, then a link transfer follows and another page is opened. HTTP Boost mode temporarily enables a user who has been inactive for a certain minimum period of time to work at a speed higher than main speed limit value. Such short accelerations allow making surfing much more comfortable.

HTTP Boost options are configured individually for each Shaping Rule. HTTP Boost speed limit, HTTP Boost duration and the time of absence of user activity necessary to reactivate the HTTP Boost mode (Inactivity period to restart) are to be set up for each rule.

Note. The types of content for which the HTTP Boost mode is used are set on the Advanced tab of the general options of Bandwidth Splitter. HTTP Boost mode is turned off for all other content and firewall connections, i.e. the basic rules of speed limitation are applied all the time.

Select Limit number of connections to limit the number of simultaneous connections for the rule. If any web requests are sent after this limit is exceeded, the user can see a message that the allowed number of connections has been reached.

The Shaping Type option, defining the way the rule is applied, is very important. Depending on the value of this option, the effect of the rule may be very different.

Select Assign bandwidth individually to each applicable user/address to apply the speed and connection number limitations under the rule individually to each user or host that matches the rule, i.e. separately from each other.

Select Distribute bandwidth between all applicable users/addresses to apply the speed and connection number limitations under the rule to all users or hosts as a whole.

Parameter Static bandwidth distribution (available only when selected Distribute bandwidth between all applicable users/addresses) controls what happens when some users to whom this rule applies don't use all their allowed bandwidth.
For example, if rule has speed limit 100 kbits/s, and 2 users concurrently have active connections, then usually each of them will be limited to 100 / 2 = 50 kbits/s. But if one of these users use just 30 kbits/s, then it is possible to distribute unused bandwidth between other users, so they will have oportunity to use more bandwidth. Actually this means that their speed limit will be increased.
So, in this example, if Static bandwidth distribution is unchecked (default), speed limit of second user will become 100 - 30 = 70 kbits/s. This limit is dynamic, so when first user will use more bandwidth, speed limit of second user will be decreased.
If Static bandwidth distribution is checked, then regardless of how much bandwidth both users use, their speed limit will be 100 / 2 = 50 kbits/s.

Use the Extra tab to configure additional rule options.

Continue to evaluate subsequent rules to allow them to be applied too option allows to create configurations where multiple shaping rules are applied. If this option is checked, subsequent rules are also evaluated, even though current rule already matches the connection and thus will be applied. If this option is unchecked, further evaluation is stopped. Note that if rule does not match, this option is ignored and the next rule is evaluated anyway.

If the Apply this rule only when client's traffic quota has been exceeded option is checked, then this shaping rule is applied only when user's traffic quota counter reaches zero. In all other cases, Bandwidth Splitter will continue to search for a shaping rule that corresponds to client's connections.
When shaping rule with this option is applied, it also means that user's access will not be blocked even though traffic quota is exceeded.
Note that if you want to use this option, you should place the shaping rule where this option is selected above another rule which is used when quota is not exceeded. Otherwise the former rule will never be applied.
If multiple quota rules are applied, the quota is considered exceeded when access would be blocked as a result of combined applying of all those rules.

If the Don't count traffic on account of traffic quota checkbox is selected, the traffic to which this rule applies will not be taken into account when counting the allowed traffic quota. This is useful, for example, if there is a high-speed connection with some networks and there is no need to limit that traffic while limiting traffic to other destinations. Note, that this flag also implies that even if client's traffic quota is exceeded, his/her access will not be blocked (for connections to which this rule applies).

See also
Quota Rules
Group Restrictions
Distributed shaping rules

© BNTC Software. All rights reserved.