ZyXEL Communications 4.04 Manuel D’Utilisation
Chapter 6 Bandwidth Management Commands
ZyWALL (ZyNOS) CLI Reference Guide
45
6.2
Managing the Bandwidth of VPN Traffic
By default the ZyWALL uses the outer source and destination IP addresses of encrypted VPN
packets in managing the bandwidth of the VPN traffic (when using "on" with this command).
These are the IP addresses of the ZyWALL and the remote IPSec router. The following figure
shows an example of this. The ZyWALL uses the IP addresses of the ZyWALL (X in the
figure) and the remote IPSec router (Y) to manage the bandwidth of the VPN traffic.
packets in managing the bandwidth of the VPN traffic (when using "on" with this command).
These are the IP addresses of the ZyWALL and the remote IPSec router. The following figure
shows an example of this. The ZyWALL uses the IP addresses of the ZyWALL (X in the
figure) and the remote IPSec router (Y) to manage the bandwidth of the VPN traffic.
Figure 1 Managing the Bandwidth of an IPSec tunnel
Use on with this command to be able to create a single bandwidth management group that
includes all of the phase 2 IPSec SAs that are connecting through the same remote IPSec
router. With this setting the bandwidth management applies to ESP or AH packets so you can
only specify IP addresses in the BWM filter settings.
includes all of the phase 2 IPSec SAs that are connecting through the same remote IPSec
router. With this setting the bandwidth management applies to ESP or AH packets so you can
only specify IP addresses in the BWM filter settings.
bm filter <interface> del <class-
number>
Deletes a filter for the specified class.
R+B
bm show
<interface|class|filter|statistics>
<interface>
Displays interface setting, class, filter setting, or statistics
for the specified interface.
for the specified interface.
R+B
bm moveFilter <interface> <from> <to>
Changes the BWM filter order.
from
, to: A filter index number.
R+B
bm config [load|save|clear]
Loads, saves, clears BWM configuration from/to the non-
volatile memory.
volatile memory.
R+B
bm vpnTraffic <on|off>
Sets the BWM classifier to use the outer IP header of
encrypted VPN traffic (when sets on) or the IP header of
unencrypted VPN traffic (when sets off).
encrypted VPN traffic (when sets on) or the IP header of
unencrypted VPN traffic (when sets off).
R+B
bm packetBased <on|off>
Sets the BWM classifier operation to be session based or
packet based. By default, it is session based.
packet based. By default, it is session based.
R+B
Table 20 Bm Interface Commands (continued)
COMMAND
DESCRIPTION
M
Syntax:
bm vpnTraffic [on|off]