Traffic Sentinel : Help
Help Index Top > Controller > Quotas

The Quotas page is used to specify the actions to apply when usage quotas are exceeded.

Topics:


What is a quota?

Quotas are limits on the amount of traffic that an IP address is allowed to generate over a given interval. For example, a quota might be set to trigger if an IP address averages over 10Mb/s of traffic for 15 minutes.

Quotas are not the same as hardware rate limits. If you were to set a 10Mb/s rate limit on an IP address, it would never be able to generate more than 10Mb/s of traffic. Limiting each IP address' traffic to avoid oversubscribing the network is an extremely conservative policy that is expensive to implement and provides users with poor (but predictable) network performance. In most networks, a small group of addresses is responsible for generating most of the traffic. The quota controller is used to identify addresses that are generating excessive traffic so that bandwidth limits are only applied to those addresses, ensuring fair access to the network for everyone.

Back to Top

How do I specify a quota?

Click on the New button to create a new quota.

The quota form has the following parameters:

A basic filter expression consists of the name of an attribute, an operator and a set of comma separated values. The allowed operators are:

  • = equals
  • != not equals
  • ~ matches a reqular expression
  • !~ does not match a regular expression

Expressions can be combined using brackets and the boolean operators:

  • & boolean AND
  • | boolean OR

The following examples illustrate typical where filters:

  • ipsource = 10.1.1.23
  • ipdestination != 10.0.0.0/24,10.0.1.0/24
  • serverport = TCP:80,TCP:81,TCP:8080-8088
  • sourcezone ~ research.*
  • ipsource = 10.0.0.1 & ipdestination = 10.0.0.2
  • ipsource = 10.0.0.1 & (sourceport = TCP:80 | destinationport = TCP:80)
  • sourcezone = EXTERNAL | destinationzone = EXTERNAL

Note: The special zone EXTERNAL refers to addresses that aren't contained in any of the CIDRs specified using File > Configure.

WARNING Care should be taken if a value in a filter expression contains any of the following special characters: (, ), &, |, !, =, ~, ",', \, comma or space. If the value contains any of these characters then the whole value string can be enclosed in single or double quotes, or the special characters can be individually escaped with a \. The following examples show different ways of using the value "Research & Development" in filters:

  • serverzone = "Research & Development", Sales
  • clientzone = 'Research & Development'
  • sourcezone = Research\ \&\ Development
  • serverpath = ">>Research & Development>Data Center"

Note: Special characters typically occur because they are used in Zone or Group names when configuring Traffic Sentinel (see File>Configure). Care should be taken when filtering on zone, group or path attributes.


How do I modify an existing quota?

Click on the Edit button next to the quota that you want to modify to edit the quota settings.


How do I delete a quota?

Click on the Remove button next to the quota you want to delete.