On the above screen shot, the total utilized bandwidth for all interfaces is 0 Kbps. You will see zero utilization unless you turn traffic shaping on You don't actually need to "shape" the network traffic by giving preference to some traffic over other traffic, but you need to enable traffic shaping to see the bandwidth being used through this report.
From a command line interface (CLI), which you can get from an SSH
connection to the firewall, you can use the get traffic-shaping
interface command to see the configured and real bandwidth for an
interface. The options for the command are shown below:
ns5gt-> get traffic-shaping ? > redirect output | match output *lt;return> dscp-class-selector dscp class selector behavior interface traffic shaping info for an interface ip_precedence priority to IP precedence (TOS) mapping mode traffic shaping mode
Example output from a Netscreen 5GT device is shown below:
ns5gt-> get traffic-shaping interface v1-trust: physical bw=0kbps, config bw=0kbps, real bw=0kbps total configured gbw=0kbps, total allocated gbw=0kbps v1-untrust: physical bw=0kbps, config bw=0kbps, real bw=0kbps total configured gbw=0kbps, total allocated gbw=0kbps trust: physical bw=100000kbps, config bw=100000kbps, real bw=0kbps total configured gbw=0kbps, total allocated gbw=0kbps untrust: physical bw=100000kbps, config bw=100000kbps, real bw=0kbps total configured gbw=0kbps, total allocated gbw=0kbps serial: physical bw=92kbps, config bw=0kbps, real bw=0kbps total configured gbw=0kbps, total allocated gbw=0kbps
In the above example, the interface on the firewall is 100,000 Kbs, i.e.,
100 Mbs for the trust and untrust interfaces, which are the Internet-facing and
LAN-facing interfaces respectively on the firewall. The above example shows
results when traffic shaping isn't enabled. You can use the set
traffic-shaping command to configure traffic shaping and thus be
able to use the Interface Bandwidth report to monitor traffic through
the firewall/router. To see available options for the command, you can use
set traffic-shaping ?.
ns5gt-> set traffic-shaping ? dscp-class-selector clear dscp class selector ip_precedence priority to IP precedence (TOS) mapping mode traffic shaping mode ns5gt-> set traffic-shaping mode ? auto automatically turn on/off traffic shaping off turn off traffic shaping
To enable traffic shaping and thus be able to monitor the bandwidth
through the Interface Bandwidth report available through the web-based
management interface or via the CLI using the get traffic-shaping
interface command, use the command set traffic-shaping mode on
.
ns5gt-> set traffic-shaping mode on
When traffic shaping is on, the Interface Bandwidth report will show the total utilized bandwidth on each interface as shown below.
And the command get traffic-shaping interface will also
display the bandwidth being used as shown below.
ns5gt-> get traffic-shaping interface v1-trust: physical bw=0kbps, config bw=0kbps, real bw=0kbps total configured gbw=0kbps, total allocated gbw=0kbps v1-untrust: physical bw=0kbps, config bw=0kbps, real bw=0kbps total configured gbw=0kbps, total allocated gbw=0kbps trust: physical bw=100000kbps, config bw=100000kbps, real bw=48kbps total configured gbw=0kbps, total allocated gbw=0kbps untrust: physical bw=100000kbps, config bw=100000kbps, real bw=3657kbps total configured gbw=0kbps, total allocated gbw=0kbps serial: physical bw=92kbps, config bw=0kbps, real bw=0kbps total configured gbw=0kbps, total allocated gbw=0kbps
If you wish to see only the bandwidth being used on a particular interface, e.g., the "untrust" interface, you can specify that interface at the end of the command as shown below where the traffic on that interface is about 4 Mbs.
ns5gt-> get traffic-shaping interface untrust untrust: physical bw=100000kbps, config bw=100000kbps, real bw=3755kbps total configured gbw=0kbps, total allocated gbw=0kbps
References:
Created: Wednesday May 13, 2015