D-Link DFL-1600 User Manual page 274

254
section. Each rule can pass traffic through one or more pipes, in a
precedence(priority) of the administrator's choice.
Network traffic is first filtered within the firewall's normal IP ruleset; if
allowed, it is then compared with the Pipe Rules section and passed to the
pipe(s) specified in the matching pipe rule. In the pipe, traffic is limited
with respect to the configuration and is then forwarded to its destination,
or to the next pipe in a chain.
To summarize, the following steps are necessary for setting up traffic
shaping:
1. Traffic shaping requirements planning
If requirements to the current network, such as how traffic should be
limited, prioritized, guaranteed, or distributed are unclear, the
configuration work will be more confusing than helpful.
2. Pipes setup
Set up pipes that describe limits for different precedences, and define
grouping criterion.
3. Pipe rules setting
Assign, in Pipe Rules, specific type of service, address filter,
precedence, and different pipes/chains to use for both forward &
return directions.
4. Verification
Verify that the configured traffic shaping works in the desired manner.
Example:
In this example, two pipes for controlling both inbound and outbound
traffics are created, named "std-in" and "std-out" respectively, and a total
pipe limit of 1000 kilobits per second is set to each of them. This pair of
pipes simply limits all traffic that gets passed through each direction to
1000 kbps, regardless of what traffic it is.
After setting the total limits in the two pipes, two pipe rules need to be
specified to assign pipes onto proper directions, interfaces, and networks.
Since these two primary rules are applied to all possible services, the fixed
precedence "Low" is defined on them.
Applying a basic two-way bandwidth limits
D-Link Firewalls User's Guide
Chapter 23. Traffic Shaping