Description
This article provides troubleshooting commands for possible traffic shaper issues.
Scope
FortiGate 6.0, 6.2, 6.4, 7.0
Solution
Check ethernet statistics
To optimize traffic shaping performance, run the following command:
diagnose hardware deviceinfo nic <interface_name>
This command will provide information about Ethernet statistics for the network interfaces. It will show possible errors, collisions, or buffer overruns.
Check traffic shaper information
To see information about ToS lists and traffic run the following command:
diagnose sys tos-based-priority
The output will show the priority value that's currently associated with each possible ToS bit value. The values range from 0 to 15.
Check information about Shared and per IP traffic shapers
For shared policy:
Run the following command to check information about shared policy traffic, such as max, guaranteed, and current bandwidth, including priorities and packets and bytes, dropped.
diagnose firewall shaper traffic-shaper list
For per-IP policy:
Run the equivalent command for per-IP shared policy:
diagnose firewall shaper per-ip-shaper list
This provides information about shared policy traffic, as well as max, guaranteed, and current bandwidth, including priorities and packet and bytes, dropped
Additionally to see traffic shaper statistics (combined) from CLI
diagnose firewall shaper traffic-shaper stats
Note:
Shared Shapers affect upload speed, but all users share the set bandwidth. For example, if a shared shaper of 100Mbps is set for YouTube, everyone uploading to YouTube shares that 100Mbps. (To limit the download speed from YouTube, apply the shared shaper as a Reverse Shaper.)
Per-IP Shapers affect the speed of the nominated users (via ip). So if the entire network is set to a per-IP shaper of 1Mbps, every user will be allocated 1Mbps of bandwidth (assuming there is enough bandwidth on the outgoing link). Even if there's only one user on the network, they will only be able to use 1Mbps. If there are ten users, each can use 1Mbps for a total of 10Mbps.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.