It is a common practice to test the speed of traffic shaping after they are applied to a Traffic shaping policy. The most common way of doing it is using free tools such as Speedtest.

Considering the complex nature of the network environment, using just a single machine to test speed is not recommended. It is always better to test them with multiple machines in the network. Also, the values in these speed tests are not 100% accurate, and most of them are close to the traffic shaper profile. This is acceptable considering the previously mentioned reason. 

When troubleshooting traffic shaper-related speed values, it is always advisable to test in multiple ways to verify the speeds. The interface bandwidth widget in FortiGate GUI is also a good way to get a better idea of the speeds that are achieved. IPerf is one good way of testing speeds. iPerf can be set up using this KB article: Troubleshooting Tip: iPerf speed test on a FortiGate.

IPerf can be used to test the speeds for UDP and TCP separately, which helps to isolate issues.

Below are different commands used to test speed:

To test with UDP traffic.:

iperf3 -c 10.3.2.34 -u -t 30 -i 3 -b 20M

• -c 10.3.2.34: Specifies the client mode and the IP address of the server being tested against. In this case, the server is at 10.3.2.34.
• -u: Tells iPerf3 to use UDP instead of the default TCP protocol.
• -t 30: Sets the duration of the test to 30 seconds.
• -i 3: Sets the interval for reporting results to every 3 seconds.
• -b 20M: Sets the bandwidth for the UDP test to 20 Megabits per second.
• -R: Reverse mode. This tells iPerf3 to run the test from the server to the client, instead of the default client-to-server direction.

To test with TCP with different window sizes:

iperf3 -c 10.3.2.34 -R -t 30 -i 3 -w 256k

• -c 10.3.2.34: Specifies the server IP address to connect to.
• -R: Reverse mode — the server sends data to the client.
• -t 30: Runs the test for 30 seconds.
• -i 3: Reports statistics every 3 seconds.
• -w 256k: Sets the TCP window size to 256 kilobytes.

It is also important to observe the server speed to get a better idea.

In traffic shaping, it is necessary to consider the following:

1. Interfaces used as the source and destination are the physical interfaces or virtual interfaces
2. These Virtual interfaces are built on Soft switches, hardware switches, Aggregate links, and other types of virtual interfaces (poor performance on traffic shapers can be due to issues in these parts of the device).
3. The NPU performance, especially drops and other issues. Refer to this KB article: Troubleshooting Tip: How to check packet drop by traffic shaper in NP6, NP6xlite and NP6lite unit
4. Test for multiple speeds of traffic shaping policies ranging from 2Mbps to 100Mbps