First Steps to Using a PacketShaper

Table of Contents

Table of Contents

Overview................................................................................................................ 1
Classifying Traffic on the Network ........................................................................ 2
Discover Traffic............................................................................................................................................................................. 2
View the Class Tree ..................................................................................................................................................................... 3
Problems?....................................................................................................................................................................................... 4

Analyzing Network Traffic..................................................................................... 5

Look at the Dashboard.............................................................................................................................................................. 5
Display Historical Graphs.......................................................................................................................................................... 5

Solving Performance Problems ............................................................................. 7

Policies ............................................................................................................................................................................................ 7
DSCP................................................................................................................................................................................................. 7
Partitions ........................................................................................................................................................................................ 7
Control Traffic ............................................................................................................................................................................... 8
Turn Shaping On.......................................................................................................................................................................... 8
Verify that the Policies are Working ..................................................................................................................................... 8
Problems?....................................................................................................................................................................................... 9

Table of Contents

Overview
ThisfirststepsguidewillshowyouhowtouseaPacketShaperto:
Classifynetworktraffic
Analyzenetworkandapplicationperformance
Solveperformanceproblems

 Note for PacketShaper 900 and 1400 users: Because PacketShaper 900 and 1400 models are often used in
wide-spread distributed deployments, we recommend that you configure these units with PolicyCenter, Blue
Coat Systems central management product. Using PolicyCenter, you can configure a traffic tree with
appropriate policies and partitions and then distribute this configuration to all the PacketShapers installed at
your branch offices. Refer to the PolicyCenter Getting Started Guide for details. For generating graphs and
reports, use Blue Coats centralized reporting product, IntelligenceCenter. See the IntelligenceCenter Getting
Started Guide for more information.

First Steps to Using a PacketShaper

Classifying Traffic on the Network

PacketShaperstrafficdiscoveryfeaturedetectsandidentifiesthetrafficrunningonanetworkand
automaticallycreatestrafficclassesforeachapplication,service,orprotocolthatitdiscovers.Theseclasses
areorganizedintoaclasstree.ClassificationisaprerequisiteforotherPacketShaperfunctions.Toanalyzea
particularapplicationsperformance,youmustfirstidentifythatapplicationstraffic.Likewise,tocontrolan
applicationsperformance,youisolateitstraffictoadequatelyrationandassignresources.
Notethattrafficdiscoveryisnotappropriateforallsituations.IfPacketShaperunitsareatbranchoffice
deploymentswhereyouaremonitoringandcontrollingapplicationperformance,youcanusethetraffic
discoveryfeaturetocreateapplicationbasedtraffictrees.IndeploymentswherethePacketShaperis
locatedatthemainsitesWANorInternetlink,youwillwantalocationbasedtraffictreethathastraffic
classesforeachbranchoffice;inthissituation,youwouldnotwanttouseautomatictrafficdiscovery.For
adetailedexplanationofthesetraffictreestrategies,seeEnterpriseDeploymentTopologiesinPacketGuide.

 Note: Because PacketShaper 900 and 1400 Lite models are limited to 64 classes, you will probably not want to
enable the automatic traffic discovery feature.

Discover Traffic
Automatictrafficdiscoverymayalreadybeenabled.TocheckthestatusoftheTrafficDiscoverysetting:
1.

LogintoyourPacketShaperbyenteringitsIPaddressinyourbrowser,andenteringthepasswordat
theLoginprompt.TheBlueCoatSkydashboardappears.

2.

Checkthestatuslineatthetop.IfitsaysDiscoveryon,youcanskipthefollowingsteps.

3.

ClicktheLegacyUIlink.(TheLegacyUIisusedforallsetupandconfiguration.)

4.

ClicktheSetuptab.TheBasicSettingsscreenappears.

5.

Toenableautomatictrafficdiscovery,selectonforTrafficDiscovery.

6.

Clickapplychanges.

First Steps to Using a PacketShaper

TrafficneedstorunthroughthePacketShaperovertimebeforeyoucanseetrendsanddecideonacourse
ofaction.Wesuggestyoucollectdataforatleastthreedays.

 Note: Make sure the mission-critical applications are being accessed during this time so that the protocols,
services, and/or applications will be auto-discovered.

View the Class Tree

Thetrafficdiscoveryprocesscreatestrafficclassesautomatically,basedonthetraffictypesitdetects.For
example,websurfingiscategorizedintheHTTPtrafficclass.
ToseewhatclassesthePacketShaperhasautodiscovered,displaythetraffictree:
1.

IfyouarentalreadyintheBlueCoatSkyuserinterface,clicktheBlueCoatSkylinkatthetopofthe
screen.

2.

ClicktheTrafficManagementtab.Thediscoveredclassesappearinanalphabeticallist.

3.

Toseethetypeoftrafficonyournetwork,usethescrollbartolookthroughthediscoveredclasses.

4.

Bylookingattheclasstree,youcananswerthefollowingtypesofquestions:
HowmanytimeshasFTPbeenused?(LookattheHitscolumnfortheFTPclass.)
Whatwasthepeakrateforwebtraffic?(LookatthePeakbpscolumnfortheHTTPclass.)
Whattypeoftrafficiscurrentlyusingthemostbandwidth?(ClicktheCurrentbpscolumnheading
tosortbyrate.Theclasswiththehighestrateappearsatthetopofthelist.)

First Steps to Using a PacketShaper

Problems?
Whats wrong?

What might fix it:

The class tree is empty.

Is traffic discovery turned on? Look at the status line to make sure it says Discovery on.

The class tree doesnt have

classes for some of the
applications I know are on
the network.

Have users initiated new sessions after connecting the unit to the network and configuring the PacketShaper? A
PacketShaper cant discover traffic classes until it sees the traffic. Make sure users are accessing the critical
applications and establishing new sessions on the network.
To avoid creating classes needlessly, the PacketShaper must see at least three* distinct flows of an application before
it deems the flows significant enough to warrant auto-discovery. The flows must begin within the same time-out
interval, typically one minute, and should have different source/destination address pairs. If youre performing tests
and want a specific application to be auto-discovered, it may be necessary to open a session, quit, and then re-open
the application so that PacketWise sees another session.
Is the PacketShaper installed on an Internet link between the VPN gateway and the router? If so, the unit sees
encrypted traffic, not individual applications; consequently, the applications will not appear in the traffic tree. In
order to differentiate between encrypted applications, the unit must be positioned between the LAN and the VPN
gateway.
Although PacketWise classifies hundreds of applications, there could be custom or unique applications that do not
get auto-classified. To accommodate these situations, PacketWise provides the ability to create classes manually.
Are you using PacketShaper 900 Lite or 1400 Lite? If you have enabled automatic traffic discovery on these models,
the class tree will likely reach its maximum capacity (64 classes) quickly, and perhaps not with the applications you
need to classify. For these models, Blue Coat recommends that you not enable traffic discovery; instead, manually
create classes for the applications, or use PolicyCenter.

*ThenumberofflowsrequiredtotriggerclassdiscoverycanbeadjustedusingtheAutodiscoveryvariables
ontheSystemVariablessetuppage.

First Steps to Using a PacketShaper

Analyzing Network Traffic

Look at the Dashboard
TheBlueCoatSkyDashboarddisplaysseveralrealtimegraphsthatallowyoutogetapictureofthetype
oftrafficrunningonyournetworkaswellasthecurrentlinkutilization.
Top10piechartsShowstherelativeportionsofbandwidthallocatedtothetenmostactiveclasses
onthenetworkandaggregatestrafficfromallotherclassesintoaslicecalledAllOthers.Whenmous
ingoveraslice,atooltipdisplaystheclasssaveragebandwidthusageinbitspersecondanditsper
centageofthetotalbandwidthonthelink.Dataisrefreshedevery10seconds,showingrealtime
informationforthemostrecentoneminuteinterval.
LinkUtilizationlinegraphsShowsthelinksbandwidthusageinbitspersecond.Thegraphsare
updatedeverysecond.Thegraphinitiallyshowsutilizationdataforthelastthreeminutes;aftera
periodoftimethexaxisscaleconvertstodisplayingthelast15minutesofdata.

ClicktheDashboardtabtodisplaytherealtimeTop10piechartsandlinkutilizationgraphs.Youcanuse
theDashboardtoanswerthefollowingtypesofquestions:
Whichinboundtrafficclassiscurrentlyconsumingthemostbandwidth?Whichoutboundtraffic
class?
AreyousurprisedbyanyoftheclassesinyourTop10piecharts?
Whichclasses(forexample,recreationaltraffic)doyounotwanttoseeinyourTop10?Theseclasses
arecandidatesfortrafficcontrol.SeeSolvingPerformanceProblems.
Isyourlinkutilizationfairlysteadyoraretheretrafficspikes?

Display Historical Graphs

AfterthePacketShaperhasachancetocollectdata,youcancreatehistoricalgraphsofthelinkandany
trafficclass.Followthestepsbelowtolookatlinkutilizationovervarioustimeperiods.
1.

InBlueCoatSky,clicktheTrafficManagementtab.Theclasstreeappearsinthetoppane.

2.

Intheclasstree,selectRoot.ThisclassrepresentstheInboundandOutboundlinks.

3.

ClicktheReports

4.

SelecttheHistoricaltab.

5.

MakesureUtilizationwithPeaks(thedefaultgraphtype)isselectedintheGraphfield.

icontodisplaytheReportsmoduleinthebottompane.

InboundandOutboundlinegraphsdisplayintheReportspane,showingaverageandpeakutilization
forthelink.Howoftenisutilizationpeakingnearthelinksize?

First Steps to Using a PacketShaper

Thedefaulttimeperiodisonehour.

6.

Ifnecessary,dragthehorizontalslidertoallocatemorespacetotheReportspane.

7.

Tographlinkutilizationoverthelastday,clickDay.

8.

Tographlinkutilizationoverthelastthreedays,clickCustom,adjusttheFromdate,andclickApply.

Toseehowefficientthelinkisintermsofhowmuchtrafficisnotretransmittedpackets,youcanlookatthe
NetworkEfficiencygraph.
1.

MakesuretheRootclassisstillselectedintheclasstree.

2.

SelectNetworkEfficiencyfromtheGraphdropdownlist.
TheReportspanenowdisplaysNetworkEfficiencygraphs.Isyourlink100%efficientduringthe
graphedtimeperiod?Ifnot,howfrequentlyareretransmissionsoccurring?

3.

Tographnetworkefficiencyofaspecifictypeoftraffic(suchasCIFS),selectoneofyourclassesinthe
upperpane.
ThefollowinggraphshowsthatCIFSexperiencedahighnumberofretransmissions(lowefficiency)at
severalperiodsduringtheday.

TheReportsmoduleisquiteflexibleandhasanumberofotherfeaturesyoumightwanttoexperiment
with:
Selectupto10classespergraph.HolddownCtrlasyouclickeachclassyouwanttograph.
Displaydataaslinesorstackedareas.ClicktheSwitchtoStackedAreasbuttontodisplayastacked
areagraph,ortheSwitchtoLinesbuttontodisplayalinegraph.
Displayrealtimegraphs.ClicktheRealTimetabtoviewthecurrentrealtimebandwidthutiliza
tion(inbitspersecond)forupto10classes.Alinegraphdisplaystherateatthecurrenttime(now)
andtrackstheratesoverthelast15minutes.

 Note: Detailed reporting is also available via Blue Coat Systems IntelligenceCenter. Because PacketShaper 900
Lite and PacketShaper 1400 Lite models have limited reporting capabilities, it is recommended that you use
IntelligenceCenter to generate your reports for these models.

First Steps to Using a PacketShaper

Solving Performance Problems

PacketShapersofferthreewaystosolveapplicationandnetworkperformanceproblems:policies,DSCP,
andpartitions.

Policies
Apolicydetermineshowanapplicationsindividualflowsaretreatedinthecontextofcompeting
applicationsandallowsyoutomanagebandwidthonaflowbyflowbasis.Withpolicies,youcangiveeach
flowofmissioncriticaltrafficthebandwidthitneedsforoptimumperformance,aswellasprotectitfrom
demanding,lessimportanttraffic.Inaddition,policiescankeepnonurgenttrafficflows(suchasFTP)from
consumingmorethananappropriateshareofbandwidthorcanblockflowscompletely.
Whenyouapplyapolicytoatrafficclass,youdefinehoweachflowwillbetreatedwhencompetingwith
otherapplications.WhilethereareseveraldifferenttypesofpoliciesyoucancreateinPacketWise,therate
policyisthemostcommon.Withthistypeofpolicy,youcan:
Guaranteeeachflowaminimumbitspersecondrate
Giveeachflowprioritizedaccesstoexcessbandwidth
Limiteachflowtoamaximumamountofbandwidth
TakeadvantageofBlueCoatsTCPRateControltechnologythatpreventstrafficfrombeingsentat
aratethatishigherthanitcanbetransferredandreceived,therebygreatlyreducingqueuinginrout
erbuffersandcontrollinginboundtraffic
Smoothburstytraffic(suchasHTTP)
Prioritypolicies,anothertypeofPacketWisepolicy,establishapriorityfortrafficwithoutspecifyinga
particularrate.UseprioritypoliciesfornonIPtraffictypes,ortrafficthatdoesnotburst(forexample,
Telnet).
Inadditiontocreatingpoliciesformissioncriticalapplications,youmayalsowanttoplacecontrolson
someofthemostactiveservicesandapplicationsonthenetwork(suchasHTTPorFTP).

DSCP
NetworkrouterscanapplydifferentiatedgradesofservicetopacketstreamsbasedonaDiffservCode
Point(DSCP)markerinanIPpacketheader.PacketShaperisabletomarkapplicationswithaspecificDSCP
marker(063).

Partitions
Apartitionmanagesbandwidthforatrafficclassaggregateflows,sothatalloftheflowsfortheclassare
controlledtogetherasone.Youcanusepartitionstoprotectmissioncriticaltrafficbyguaranteeingthata
trafficclassalwaysgetsadefinedamountofbandwidth.Inaddition,youcanusepartitionstolimit
aggressive,noncriticaltrafficbyallowingthattrafficclasstoconsumeonlyadefinedamountof
bandwidth.
Apartitionisavirtualpipethatyoucancreateforagiventrafficclass.Thisvirtualpipereservesbandwidth
forallflowsofagiventypethetrafficclassaggregate.Partitionscanprotecttrafficbyguaranteeinga
definedamountofbandwidthforthemissioncriticaltrafficclasses.Forexample,youcouldseta128Kbps
partitionforSNAtraffic.ThispartitionensuresthatSNAwillalwayshaveatleast128Kbpsofbandwidth.
Partitionscanalsolimitlessimportanttrafficbyputtingacapontheamountofbandwidthatrafficclass
canuse.Forexample,youcanassigna64KbpspartitiontoFTPtraffic.ThispreventsFTPtrafficfrom
consumingyourentirelinkandblockingmoreimportanttraffic.

First Steps to Using a PacketShaper

Control Traffic
Basedonthetypeoftrafficonyournetworkandyourcompanyspriorities,youcanbegintosetcontrols
onyourtrafficclasses.Inthefollowingexample,youwilllimittheamountofGnutellapeertopeertraffic
onyournetworkbysettingasmallpartitionandalowpriorityratepolicy.
1.

ClicktheTrafficManagementtab.Theclasstreeappearsintheupperpane.

2.

SelecttheGnutellaclass.

3.

ClickthePolicyManager

4.

ClicktheClassOperationstab.

icon.

5.

ClickControlTraffic.

6.

Fillinthepolicyandpartitionsettingsasshownbelow.

7.

ClickApply.

Turn Shaping On
Trafficcontrolsettingshavenoeffectunlesstrafficshapingisturnedon.Todothis:
1.

SwitchtotheLegacyUI.

2.

Clickthesetuptab.

3.

TurnShapingon.

4.

Clickapplychanges.

ThestatuslinenowsaysShapingon.

Verify that the Policies are Working

Toverifythatatrafficclassanditscontrolsettingsareworkingasexpected,youcan:
1.

First,makesuretrafficisbeinggeneratedforthetypeoftrafficyoucreatedpolicyandpartitionsettings
for.

2.

InBlueCoatSky,lookattheclasstreeintheTrafficManagementtab.Locatetheclassandcomparethe
settingsinthePolicy/Partitioncolumntotheratestatistics(1MinbpsandPeakbps).Forexample,if
youcreatedanonburstable500kbpspartitionfortheclass,therateshouldnotexceed500kbps.(You
shouldresetthestatistics andthenrefresh themperiodically.)

3.

CreateahistoricalUtilizationwithPeaksgraphfortheclass.Besuretospecifyatimeperiodthat
includesbeforeandafterthecreationofthecontrolsettings.

First Steps to Using a PacketShaper

Problems?
Whats wrong?

What might fix it:

My graphs look strange:

the data cant be correct.

Do you have the date set correctly? Check the date & time page under the Setup tab in the Legacy UI.

The LCD readout shows

traffic but the traffic tree
is empty.

Performance hasnt
improved since I set
policies and created
partitions.

Statistics in the class tree

dont seem to be
consistent with the
policies I set.

Is traffic discovery turned on? Look at the status line to make sure it says Discovery on.
Is your browser set to reread the HTML page source every time? This is a PacketShaper requirement.
Is shaping turned on? Policies and partitions are only applied if shaping is on. Look at the status line to make sure it says
Shaping on.
Did you set too many policies? Try just setting policies for your most critical and most bandwidth-greedy classes.
Is shaping turned on? Policies and partitions are only applied if shaping is on. Look at the status line to make sure it says
Shaping on.
Are you looking at current data? Are you looking at current data? Use the Refresh button
to update the statistics or
the Reset button to zero out the values and begin displaying new (post-policy) data.

First Steps to Using a PacketShaper

10

First Steps to Using a PacketShaper