I have traffic shaping set up on a rule to a citrix farm, and my monitoring seems to indicate it's not working. Since it's a 10Mb line, I have the egress on the WAN side set to 9950Kbps so it hits my shaper instead of the AT&T policer. That part appears to be working.
The part that doesn't work is prioritizing the traffic to the host I'm trying to monitor. I noticed that latency was mirroring usage, so I uploaded a large file to test. When I did that the latency to the citrix farm went wild, which is what I'm trying to avoid. I can tell the ICMP traffic is hitting the rule because I can see it in the rule log.
Here are screen shots of the settings and graphs. The shaper is enabled in "get envvars" or whatever that command is. Firewall is an SSG140 running 6.3.
I'm hoping there is something silly I'm forgetting here. It's under support so I can call it into JTAC on Monday if I have to.
No comments:
Post a Comment