Log in

Sangfor Support Center

Table of Contents
< All Topics
Print

[IAG] Bandwidth restriction for a single user does not take effect — caused by dual external network lines

Posted
Updated
Byadmin
Views1

Problem Description

Check the user configuration flow control policy and enable the limit on the maximum bandwidth of a single user to 512Kb/s for both upstream and downstream. However, in the user traffic ranking, it can be seen that the user's downstream traffic exceeds 512Kb/s.

Process——

  1. Check the flow control policy matched by the user and find that the maximum bandwidth limit for a single user is enabled, with both upstream and downstream bandwidths at 512 Kb/s. The policy is placed in the first item and the policy applies to all users.

    879765d6e4bdc0d796.png (5.93 KB)

  2. Check the user traffic usage in the user traffic and find that the downlink traffic of some users is indeed always at 1Mb/s

    774085d6e4d3eea5f7.png (63.97 KB)

  3. Check that there is no global exclusion, and that neither the direct pass nor the flow control exclusion policy is configured.

  4. Check that the device is deployed in routing mode, the external network is dual-line, and the link load strategy is to evenly distribute the bandwidth of the two lines. Check the flow control policy again and find that the copy channel to all lines option is checked in the policy.

    760635d6e4e28ad825.png (6.69 KB)

  5. Because the two lines are evenly distributed, the following users will run traffic on both channels. If you check the option to copy the channel to all lines, the maximum bandwidth of the user on both channels will reach 512Kb/s, which adds up to 1024Kb/s.

  6. Communicate the requirements with the customer, and the customer confirms that no matter which WAN port the user uses, the traffic of a single IP passing through the IAG needs to be limited to 512Kb/s.

  7. Modify the flow control channel configuration and change the single user limit to 256Kb/s to solve the problem

Root cause

The external network has two lines, and the traffic is evenly distributed. The replication channel is checked to copy the channel to other lines, resulting in the user's traffic on both lines reaching 512Kb/s, and the total is 1024Kb/s

solution

Change the single user limit to 256Kb/s to solve the problem

Original Link

https://support.sangfor.com.cn/cases/list?product_id=22&type=1&category_id=7160&isOpen=true