ZyXEL Communications 4.04 Manuel D’Utilisation

 Chapter 6 Bandwidth Management Commands

ZyWALL (ZyNOS) CLI Reference Guide

By default the ZyWALL uses the outer source and destination IP addresses of encrypted VPN 
packets in managing the bandwidth of the VPN traffic (when using "on" with this command). 
These are the IP addresses of the ZyWALL and the remote IPSec router. The following figure 
shows an example of this. The ZyWALL uses the IP addresses of the ZyWALL (X in the 
figure) and the remote IPSec router (Y) to manage the bandwidth of the VPN traffic.

Figure 1   Managing the Bandwidth of an IPSec tunnel 

Use on with this command to be able to create a single bandwidth management group that 
includes all of the phase 2 IPSec SAs that are connecting through the same remote IPSec 
router. With this setting the bandwidth management applies to ESP or AH packets so you can 
only specify IP addresses in the BWM filter settings. 

bm filter <interface> del <class-

number>

Deletes a filter for the specified class.

R+B

bm show 

<interface|class|filter|statistics> 

<interface>

Displays interface setting, class, filter setting, or statistics 
for the specified interface.

R+B

bm moveFilter <interface> <from> <to>

Changes the BWM filter order. 

, to: A filter index number.

R+B

bm config [load|save|clear]

Loads, saves, clears BWM configuration from/to the non-
volatile memory. 

R+B

bm vpnTraffic <on|off>

Sets the BWM classifier to use the outer IP header of 
encrypted VPN traffic (when sets on) or the IP header of 
unencrypted VPN traffic (when sets off).

R+B

bm packetBased <on|off>

Sets the BWM classifier operation to be session based or 
packet based. By default, it is session based.

R+B

Table 20   Bm Interface Commands (continued)

Syntax:

bm vpnTraffic [on|off]