Skip to main content
AnthonyH
Staff
AnthonyH
Staff
October 17, 2024

Technical Tip: FortiView Traffic Shaping 'No Results' for per-ip shaper

  • October 17, 2024
  • 0 replies
  • 808 views
Description

This article describes when adding the FortiView Traffic Shaping dashboard widget why there is no result displayed.
Scope FortiGate.
Solution

Under Dashboard -> Status the following widget, FortiView Traffic Shaping by bytes has been added, however there are no results.

 

fortiview_no_results.png

 

Navigate to Policy & Objects -> Traffic Shaping -> Traffic Shapers. In this example, the per-ip shaper, 'test_shaper' was created.

 

per-ip-shaper.png

 

The per-ip shaper has been applied to the Traffic Shaping Policy:

 

traffic_shaping_policy_per-ip.png

 

In the Traffic Shapers, it is actively being used and applied to the LAN network, however, the FortiView Traffic Shaping dashboard widget still displays 'No results'.

 

traffic_shapers_stats.png

 

The FortiView Traffic Shaping widget by design only displays information for forward shapers (shared shapers). By changing the Traffic Shaping Policy to use a shared shaper, the widget now displays information about the shared shaper.

 

shared_shaper_policy.png

 high_priority.png

 

To find information about the per-ip shaper use the following commands in the CLI:

 

diagnose firewall shaper per-ip-shaper list

name test_shaper

maximum-bandwidth 1250 KB/sec

maximum-concurrent-session 0

maximum-concurrent-tcp-session 0

maximum-concurrent-udp-session 0

tos ff/ff

packets dropped 200487

bytes dropped 271172875

        addr=192.168.0.3 status: bps=7528576 ses=229 (tcp-ses=166 udp-ses=63)

 

diagnose sys session list | grep -A 15 <shapers_name>

diagnose sys session list | grep -A 15 test_shaper

per_ip_shaper=test_shaper

class_id=0 shaping_policy_id=1 ha_id=0 policy_dir=0 tunnel=/ vlan_cos=0/255

state=log may_dirty per_ip ndr f00 app_valid log-start

statistic(bytes/packets/allow_err): org=3858/18/1 reply=2160/19/1 tuples=3

tx speed(Bps/kbps): 58/0 rx speed(Bps/kbps): 32/0

orgin->sink: org pre->post, reply pre->post dev=4->11/11->4 gwy=10.9.15.254/0.0.0.0

hook=post dir=org act=snat 192.168.0.3:51920->34.160.236.64:443(10.9.10.119:51920)

hook=pre dir=reply act=dnat 34.160.236.64:443->10.9.10.119:51920(192.168.0.3:51920)

hook=post dir=reply act=noop 34.160.236.64:443->192.168.0.3:51920(0.0.0.0:0)

pos/(before,after) 0/(0,0), 0/(0,0)

src_mac=00:45:6e:64:71:02

misc=0 policy_id=1 pol_uuid_idx=15755 auth_info=0 chk_client_info=0 vd=0

serial=00165655 tos=ff/ff app_list=2000 app=40568 url_cat=0

rpdb_link_id=00000000 ngfwid=n/a

npu_state=0x001101 no_offload

no_ofld_reason:  disabled-by-policy redir-to-ips denied-by-nturbo
      Terms & ConditionsAccessibility statement