I'm struggling to understand how advanced BWM works in sonicOS. I've search the document site but nothing more than brief explanations. Is there a more thorough document available?
The page contains something @Micah calls "federated search," which should bring up a HUGE selection of resources, including video tutorials, that should answer you questions.
If you can't find them in the resources, come on back here with specific questions.
Thanks for the link. I do have a specific question that might help me understand. I switched to advanced BWM. I set the up/down limits on the WAN interface. Created a BW object with low priority. Applied the object to guest>WAN rule. Since I don't have any other bandwidth objects applied, what am I prioritizing against? Is everything else assigned a default priority or is the priority of this object irrelevant in this instance?
A second question regarding this. Since I'm applying the bandwidth object to the access rule Guest>WAN. First applying a rule to limit download seems wrong here as quest>WAN implies upload. However applying the BW object to ingress does appear to limite download and applying to egress limits upload. Can someone break down the logic in how this works?
With regards to priority: There is no relevance to the 'priority' setting in your instance. From the linked article "When multiple traffic classes compete for shared bandwidth, classes with the highest priority are given precedence." 99% of the time I do not have overlapping of allocated bandwidth between priorities. There is so much bandwidth available on most connections these days that having any overlap is not really needed.
With Advanced BWM any traffic without a specifically defined BWM allocation the firewall will limit it to what the corresponding interface is configured to (e.g. the defined bandwidth of the WAN interface).
With regards to access rules: You are confusing things. First of all 'GUEST>WAN' simply is the logical zone flow. It is not necessarily the direction of flow of the traffic.
Think about how most IP traffic works - the client & server model. I will use your instance in the example. The client (GUEST zone) sends a request to a server (WAN zone) for a web page. The client uploads its request, and downloads the response. That is a single flow from GUEST to WAN.
Answers
let me search for you...
or do you have a specific question?
@djhurt1 as of today (November 5, 2021) you have a new SonicWall Support site to use as a resource. It is located at https://www.sonicwall.com/support/
The page contains something @Micah calls "federated search," which should bring up a HUGE selection of resources, including video tutorials, that should answer you questions.
If you can't find them in the resources, come on back here with specific questions.
@TKWITS
Thanks for the link. I do have a specific question that might help me understand. I switched to advanced BWM. I set the up/down limits on the WAN interface. Created a BW object with low priority. Applied the object to guest>WAN rule. Since I don't have any other bandwidth objects applied, what am I prioritizing against? Is everything else assigned a default priority or is the priority of this object irrelevant in this instance?
A second question regarding this. Since I'm applying the bandwidth object to the access rule Guest>WAN. First applying a rule to limit download seems wrong here as quest>WAN implies upload. However applying the BW object to ingress does appear to limite download and applying to egress limits upload. Can someone break down the logic in how this works?
With regards to priority: There is no relevance to the 'priority' setting in your instance. From the linked article "When multiple traffic classes compete for shared bandwidth, classes with the highest priority are given precedence." 99% of the time I do not have overlapping of allocated bandwidth between priorities. There is so much bandwidth available on most connections these days that having any overlap is not really needed.
With Advanced BWM any traffic without a specifically defined BWM allocation the firewall will limit it to what the corresponding interface is configured to (e.g. the defined bandwidth of the WAN interface).
With regards to access rules: You are confusing things. First of all 'GUEST>WAN' simply is the logical zone flow. It is not necessarily the direction of flow of the traffic.
Think about how most IP traffic works - the client & server model. I will use your instance in the example. The client (GUEST zone) sends a request to a server (WAN zone) for a web page. The client uploads its request, and downloads the response. That is a single flow from GUEST to WAN.
Hope that helps.