After learning about the available bandwidth management tools, the network management system must analyze and diagnose the problems it faces, and then properly combine different tools to limit or manage them. Although different network administrators face different problems and the degree of solution they are seeking is also different, the overall approach is to manage bandwidth through routers. The following is a brief introduction to this program and uses several examples to illustrate how to solve the problem.
Generally, the following steps can be taken for bandwidth management or control:
Define a problem: first, the network administrator must first understand where the problem is located before seeking a solution to the problem. Some problems are caused by insufficient bandwidth, some problems are caused by poor ISP service quality, and some are caused by a large number of file downloads by specific users. To define the problem, the network administrator must view the software from the router or other networks to understand the bandwidth usage. Defining the problem provides a good reference for finding a solution.
Determine the solution strategy: After understanding the problem, the next step is to determine the solution strategy. In fact, bandwidth management is not necessarily implemented through the configuration of the router. Are applications or users to be managed restricted or prohibited? When is the limit? Whether it is applicable to all users or special users. The network administrator must consider the actual situation and decide the overall solution policy.
Learn about the network operations of applications: Next, you need to learn about the network operations of the applications, such as the application name, communication port, service host IP address, and transmission file extension. Common applications can easily find detailed working principles and corresponding control methods on the Internet or in forums. For uncommon applications, you must use the monitoring function or network monitoring software of the vro to learn relevant information.
Determine the control mode: When you understand the operating principles of the objects to be controlled, you can easily determine the control mode. Common methods such as IP address, communication port, content, file name, time, and WAN end can be applied or mixed. Relevant information can also be found in online forums. Some management methods are simpler and more effective than other methods, so it is best to do some research before processing.
Find the relevant configurations on the vro: Finally, implement the configurations on the vro. The network management system must carefully read the vro product manual and find out the actual settings on the configuration screen.
Test: After completing the configuration, remember to perform the actual test and check whether the related settings take effect. In many cases, the storage or application IP address or communication port may be changed, resulting in the expected control or management effect being ineffective. Therefore, after completing the configuration, make sure to perform tests to determine the expected results. Otherwise, you still need to find other solutions.
Next, we will use two cases to illustrate several common bandwidth management and control settings:
Case 1 limited time for Internet access
In one school, students are not expected to be distracted by surfing the Internet during their computer courses. Therefore, they do not want to be banned from accessing the Internet during the course time, but they do not have to go online after class or other times. Because the main limitation is time, and we want to block all Internet access behaviors, we can do this by forbidding all communication port services. Therefore, the focus is:
Control Action: forbidden
Service port: all ports [TCP & UDP/1 ~ 65535]
Source interface: Lan
Source Port: Any
Destination IP Address: Any
Time Control: six o'clock P.M. to from Monday to Friday.
After setting, you can control students' internet access during the course hours by storage.
Case 2 services other than webpages are prohibited
A company only allows employees to access webpages during work hours due to work needs, and other online operations are not allowed. Because the webpage is transmitted through TCP/80 port, we can achieve this function by only allowing TCP/80 port transfer. The setting method is as follows:
First, compare with the rule, add a rule to prohibit all packets from going through the firewall. That is to say, disabling Internet access is a control action: prohibiting
Service port: all ports [TCP & UDP/1 ~ 65535]
Source interface: Lan
Source Port: Any
Destination IP Address: Any
Time Control: six o'clock P.M. to from Monday to Friday
Then, add another one: Allow TCP/80 port packets to pass through. That is to say:
Control Action: Allow
Service port: HTTP [TCP/80]
Source interface: Any
Source IP Address: Any
Destination IP Address: Any
Control time: from six o'clock P.M.
Click OK to complete the setting.
In this way, you can only access the Web page. After setting, you should note on the "Rules" page that: because the rules are executed from top to bottom, you should place the rules that prohibit network connection, put the TCP/80 port opening rule below to achieve the expected results. Of course, we can also allow the email service to pass through the same settings by opening the port related to email sending and receiving.
Summary
Due to the different situations, it is relatively difficult to manage bandwidth. Therefore, you must have a deep understanding of network technology and experience in network management. Experienced network administrators can simply use one configuration to achieve an inexperienced network administrator with multiple configurations. Vrouters have been simplifying configurations and achieving powerful results, accumulating various bandwidth management functions; xiaonuo's discussion board and technical support are also happy to provide users with suggestions for different problems. Bandwidth management is an important topic for modern network management!
Related Articles]
- Security router configuration and management for SMEs
- Log Management for security routers of Small and Medium Enterprises
- Vro Remote Management Configuration for Small and Medium-sized Enterprises