Traffic Shaping Web Traffic

Top  Previous  Next

Configuring the Gibraltar Firewall to ensure a minimal bandwidth for web traffic (http, https). Additional a minimal bandwidth for fetching the emails via pop3 is configured. These services will get a minimal bandwidth of 1024 kbit. The whole bandwidth of the line is 2048 kbit (up- and download). As those services are not latency critical it is not necessary to limit the rest traffic to 75% of the maximum bandwidth.

 

System Requirements

A computer with two compatible network interface cards or a Gibraltar Security Gateway.

 

Installation of Gibraltar

 

Please install Gibraltar as described in chapter Installation.

 

System configuration

 

System configuration as described in Scenario 1.

 

Network settings - Network interface cards

 

Network and routing configuration as described in Scenario 2.

 

ATTENTION: By changing the IP address on the network card which you use for access to Gibraltar, the connection is interrupted. Please adapt the IP address on your work station computer as well.

 

Firewall rules

 

Firewall rules as described in Scenario 2.

 

Traffic shaping

 

1.Choose Traffic shaping in the main menu.
2.Choose the tab General Settings.
3.Bandwidths: Define the value "2048" for the interface "ext0" for the upload and the download
4.Save: Confirm your changes with clicking the button Save.
5.Choose the tab Classification.
6.Add classification: Click this button for adding a new classification for the web traffic.
7.Name: Enter a name for the new classification (e.g. "web").
8.Source address: Select the value "ANY".
9.Destination address: Select the value "ANY".
10.Service: Select the value "web".
11.Save: Confirm your changes with clicking the button Save.
12.Add classification: Click this button for adding a new classification for the pop3 traffic.
13.Name: Enter a name for the new classification (e.g. "pop3").
14.Source address: Select the value "ANY".
15.Destination address: Select the value "ANY".
16.Service: Select the value "pop3".
17.Save: Confirm your changes with clicking the button Save.

 

Now we have to create a group to put the services together.

 

1.Choose the tab Classification Group.
2.Add group: Click this button to add a new classification group.
3.Name: Enter a name for the group (e.g. "groupWeb").
4.Add member: Choose the members "web" and "pop3".
5.Save: Confirm your changes with clicking the button Save.

 

Now you must create the shaping rules for the minimum bandwidth:

 

1.Choose the tab Traffic shaping rules.
2.Track: Choose "incoming ext0" to manage incoming traffic to the internal network.
3.Add rule: Click this button to add a new rule.
4.Name: Enter a name for the new rule (e.g. "groupWeb").
5.Add member: Click this button to add classifications or classification groups.
6.Choose the classification group "groupWeb" and set the values "1024" for Min and "2048" for Max.
7.Save: Confirm your changes with clicking the button Save.

 

Now you have defined a minimum bandwidth for the services HTTP, POP3 and HTTPS.

 

Save config

 

1.Save your configuration on an USB-stick or on a harddisc.