Configuring bandwidth management
Kerio Control includes bandwidth management, which regulates network traffic to ensure the reliability of essential services, and avoid congestion.
The bandwidth management feature provides two basic functions:
- Limiting bandwidth for data transfers is designed to reduce congestion caused by non-essential traffic (for example, large data transfers, video streaming, and so on).
- Reserving bandwidth for specific services reserves bandwidth for services crucial for the company's basic operations (email, IP telephony, etc.). This bandwidth will be always available, regardless of the current traffic load.
Internet links speed
For correct bandwidth management, you need to assign a link speed to each Internet interface.
To ensure effective bandwidth management to be most effective, a conservative link speed estimate is best: approximately 80% of the actual speed.
Example: For an ADSL lineAsymmetric digital subscriber line - A technology for transmitting digital information at a high bandwidth on existing phone lines. with a declared 8192/512 Kbit/s, set the download speed to 6250 Kbit/s and the upload speed to 400 Kbit/s.
Configuring bandwidth management rules
Limiting bandwidth for Alex Smith
Suppose you want to restrict user Alex Smith to 50% of the link for download in all interfaces during his working hours:
- In the administration interface, go to Bandwidth Management and QoSQuality of service - Network's ability to obtain maximum bandwidth and manage other network performance elements like latency, error rate and uptime..
- To create a new rule, click Add.
- Type a name for the rule (Alex Smith).
- Double-click Traffic.
- In the Traffic dialog box, click Users and Groups, select users or groups, and click save.
- Double-click Download, check Do not exceed, and set the limit as shown here:
- Leave Upload as it is (No limit).
- Leave Interface as it is (All).
- Double-click Valid Time, and select a time range. You can create a new time range in Definitions > Time Ranges.
- Select Chart. The timeline for traffic matching the rule can be viewed under Status > Traffic Charts (for the previous 24 hours). The chart shows how much the particular traffic loads the link and helps you optimize bandwidth management rules. Local traffic is not counted.
- Click Apply to save the new rule.
NOTE
The order of rules is important. Rules are processed from the top.
Alex Smith can use max. 50% of the link in all interfaces during the work hours. Downloading is slower now for Alex.
NOTE
You can create a similar rule for the whole user group. Kerio Control applies the limit to all users added to the rule together. It doesn't matter if you add users to the rule separately or in user groups.
Reserving bandwidth for sales and support departments
Suppose you want to reserve 20 Mbit/s for sales and support departments in all interfaces because they need to communicate with customers with a company online portal:
- In the administration interface, go to Bandwidth Management and QoS.
- To create a new rule, click Add.
- Type a name for the rule (Sales and Support reservation).
- Double-click Traffic.
- In the Traffic dialog box, click Users and Groups.
- In the Select Items dialog box, select user groups for sales and support people.
- Click OK twice.
- In the Bandwidth Management rules tab, double-click Download in the Sales and Support reservation row.
- In the Download Bandwidth Policy dialog box, select Reserve at least and set 20 Mbit/s.
- Click OK.
- In the Bandwidth Management rules tab, double-click Upload in the Sales and Support reservation row.
- In the Upload Bandwidth Policy dialog box, select Reserve at least and set 20 Mbit/s.
- Click OK.
From now on, all users from the support and sales department have reserved 20 Mbit/s for communication with their customers. Kerio Control applies the limit to all users added to the rule together. It doesn't matter if you add users to the rule separately or in user groups.
Traffic types used in bandwidth management
You can apply limit or reserves on bandwidth to different types of traffic. You can select them in the Traffic column:
- The Applications and Web Categories section requires the Kerio Control Web Filter license. For more information, read Application awareness in Kerio Control and Using Kerio Control Web Filter.
- The Traffic Type section includes predefined traffic types such as web, email, multimedia.
- The Large Data Transfers section includes two parameters: volume of transferred data and duration of the longest idle interval. If the specified data volume is reached without the idleness interval having been thresholded, the connection is considered as a transfer of large data volume and corresponding limits.
- The User Groups section includes bandwidth usage control setting a minimum and maximum threshold of the bandwidth available to both download and upload for host, networks and address ranges.
- The Hosts section includes
- The Exceeded Quota is connected with user quota settings. For more information refer to Managing user quotas in Kerio Control.
- The QoS DSCP Value can be set by using traffic rules, but it can be set by other routers on the way, the client or/and the server.
Bandwidth management and VPN tunnels
When you are using bandwidth management and VPNVirtual private network - A network that enables users connect securely to a private network over the Internet. tunnels at the same time, select Use rules for VPN tunnels before encrypting. Otherwise, your VPN tunnelKerio Control includes a VPN tunnel which allows to distributed offices to interconnect their offices securely. encrypts the communication, and bandwidth management rules are not applied.
NOTE
In a new installation, the option Use rules for VPN tunnels before encrypting is selected by default. If you do not have a good reason to do so, do not change the settings. In an upgrade installation, the option is not selected and you can check it.