When Internet Service Providers (ISP) have a new internet link provisioned, very often they have shaping rules on their NTU to regulate internet traffic at promised rate. If your firewall/router/switch is sending excessive traffic than promised rate, the packet will be dropped, then ends up with suboptimal performance and slow internet speed. This post is to list out the basic bandwidth shaping or policing rule on Cisco or Fortigate devices.
Telstra Internet Direct – Optimising Network Performance
The below example notice is given by Telstra when they provide the public IP information:
For your Telstra Internet Direct Adapt service to operate at the maximum rate, you are advised to shape your outbound traffic. Within our network we police the rate of your service at your purchased speed. For example, on a 50 Mbps service you should rate limit your outbound traffic to 50 Mbps or below. Due to the differences between routers from different vendors you may need to adjust the burst rate of this feature to find a value that does not exceed our policer. Failure to apply shaping outbound may result in below par speeds being achieved. Bandwidth Limiting / Shaping on Cisco Switch or Router
The below example is to rate-limit outbound traffic at 400Mbps
conf t
policy-map Shaping
class class-default
shape average 398000000
interface te2/1/4
description **ISP_link**
switchport mode access
switchport access vlan 4
service-policy output Shaping
end
wrCheck Shaping interface status
ICTFellaSW01#show policy-map interface
TenGigabitEthernet2/1/4
Service-policy output: Shaping
Class-map: class-default (match-any)
0 packets
Match: any
Queueing
(total drops) 11664895
(bytes output) 1314982020
shape (average) cir 398000000, bc 1592000, be 1592000
target shape rate 398000000
Fortinet Fortigate Firewall WAN port
Estimated bandwidth on WAN port is mostly used for calculation of traffic control in SD-WAN rules, such as spillover
Traffic Shaping using Outbound shaping profile
