[unisog] Packeteer PacketShaper

Steve Bernard sbernard at gmu.edu
Thu Oct 10 13:52:18 GMT 2002

I got our first PacketShaper in '99, a 4500, for our dorms because we were
experiencing the same problems that you describe. What took you so long,
Napster is already a dinosaur? ;) The box paid for itself in under 6 months
and the positive effects were immediate. We've subsequently upgraded to a
6500 ISP, but I'd go with the 8500 if you have the money. An important thing
to keep in mind is that Packeteer rates their boxes for total throughput,
non-duplex. So when they say "the 6500 is a 100Mb box", that means, for
example, 50Mb inbound and 50Mb outbound. The 8500 will allow you to carry
100Mb in both directions, if needed. This could be worked around by using
"Ignore" policies on local traffic, i.e. don't shape it, but that's not
always desirable.

As you say, BW Mgmt. is part art, part science. I strongly recommend
creating an open communication channel with your students and the computer
support group. The students will be an invaluable asset in determining the
best mix of usability and business priorities. Determining the business
needs is pretty easy, it's balancing those with the needs of the students
that gets tricky. It's also very educational. The scheduler is useful for
altering rules for peak and off-peak hours.

I've got some issues with the PacketShapers but, nothing major. The
web-interface is a pain when the box is under high load and reports can take
awhile to generate, but so are most other web-interfaces. Navigating around
with the web-interface can be time consuming because it's having to transfer
and layout big HTML tables. At the same time, the web GUI provides the most
information and is the easiest medium for certain tasks, kind of a Catch-22.
There really isn't a scripting environment, per se. There are, of course, a
wealth of CLI commands but, you'll need to use something like Perl, Windows
Scripting Host, shell scripts, etc. on another computer to do anything
intricate. FTP, Telnet, or SNMP can be used to interact with the box. There
should be a SSH2 server. The diagnostic commands for the box are limited but
slowly improving. I haven't tested the VLAN, MPLS, or DiffServ functionality
enough to say much on those. Now that I think about it, the CLI is a bit of
a pain. For example, command history doesn't work. Pressing any of the arrow
keys (up, down, left, right) on your keyboard, because I forget that command
history doesn't work, will move the cursor on the screen and then cause an
error to be returned the next time that you press "Enter" because, "Command
contains invalid character(s)".

Let me know if there are other questions,

Steve Bernard
Systems Engineer, NET
George Mason University

-----Original Message-----
From: Chris Gundersen [mailto:gunny at utk.edu]
Sent: Wednesday, October 09, 2002 2:34 PM
To: Unisog at sans.org
Subject: [unisog] Packeteer PacketShaper


We are currently evaluating the PacketShaper product from Packeteer for
use on our dorm network. We've had problems with incredible amounts of
saturation of our VERY substantial pipes, so much so that Kazaa traffic
chokes out simple HTTP requests for people trying to fire up web
browsers. Even with a limit of 100K on each port, we're still chewing up
100MB of bandwidth.

I wanted to solicit some comment about this product from anybody who may
have some helpful info. A few of our most common questions are:

1. Pros and cons? Has it been your saving grace? Have you encountered
any problems with it? If so, what where they and have they been

2. We are currently evaluating the 100MB model, but have considered the
Gig version even though it can only handle around 200MB throughput. Has
anybody found that PacketShaper can't keep up with a big pipe (as we
have here)?

3. What procedures have been implemented to determine how bandwidth
should be shaped? It is our consensus that bandwidth shaping is as much
of an art as it is a science - we need to utilize the bandwidth we pay
for now as efficiently as possible without hindering our students trying
to do worthwile things on the internet.

4. If you feel that PacketShaper isn't the best way to go, could you
propose some alternatives?

If anybody has any input it would be greatly appreciated. Also, and this
is completely voluntary and please feel free to say no, is anybody out
there willing to offer advice as to how they've configured classes and
policies for their institutions?

Please feel free to contact me either by the list or privately as well.

Much thanks,
-Chris Gundersen
University of Tennessee

| Chris Gundersen, MCP, A+ |
| gunny at utk.edu            |
|                          |
|  "I'll probably never    |
|   get the props I feel I |
|   ever deserve."         |
|            -Eminem       |

More information about the unisog mailing list