en
.svg)
Several common examples of policies follow.
The objective is to apply the speed limits in each subscriber’s data plan.
The BQN applies these limits better than a conventional shaping element because, for TCP traffic (the most common),it does not need to discard packets. Furthermore, it uses independent queues per flow and that makes application latencies independent of each other, which greatly improves the experience of interactive applications. The following picture shows the queue structure, with a queue per flow and policy control at flow and subscriber levels.
The easiest way to implement Rate Plans is to use the RADIUS (see Radius section) or REST (see REST API section) interfaces. Rate policies will then be assigned by an external system for every subscriber. The external system can directly create those policies, or it can assign rate policies configured from the BQN GUI.
If an external system cannot be used, you can simply create one rate policy for each plan, an access policy with all the subscriber IP addresses (or ranges) assigned to every plan, and then one rule for each plan, linking the corresponding access profiles and rate policies.
The goal could be to reduce the network peak throughput to mitigate the congestion at the peak hour. To that end, a DPI profile is defined (video in the example) to identify the applications to limit. This example makes use of video streaming predefined signatures. To include them, in Add DPI profile, select Add Predefined Signatures and choose the Video Streaming predefined signature.
Also, a throughput profile is created with the traffic load from which to start limiting (above-5Gbps in this example). Then, a subscriber flow policy (flow-8Mbps in the example) is created with a downlink limit (Downlink shaping) set at 8 Mbps. Finally, the DPI profile, the throughput profile and the subscriber flow policy are tied together in a subscriber flow rule.
The goal is to preserve the quality of experience of some services by granting throughput to them even when the subscriber rate plan is fully used. An example could be a Voice over IP(VoIP) service hosted by the ISP. The policy is limited to subscribers with gold plans. It is created with an Internet profile (voip) with the IP address and port of the ISP-hosted VoIP service, a policy-rate profile and a flow policy (with Skip subscriber rate limitation selected to On). Next, the Internet profile and the policy-rate profiles are linked to the policy by a subscriber flow rule..
In this scenario, some applications need blocking, for example, servers that are sources of attacks. To do this, an Internet profile is created (malicious-apps in the example) to identify the IP addresses to block. Next, a subscriber flow policy is defined with block action (with name flow-block in this example) and, finally, the Internet profile and the subscriber flow policy are combined in a subscriber flow rule.
The objective is that the BQN will not optimize certain traffic. For example, some subscribers. To that end, an access profile is defined (subs-no-tcpo in the example), with the subscriber IP addresses to exclude. Next, a subscriber flow policy is defined with optimization set to off (flow-no-tcpo in the example) and, then the access profile and the subscriber flow policy are combined in a subscriber flow rule.
This setup is equivalent to the IP address blacklist in BQN Release 3 software.
Another example would be to use an Internet profile to exclude some applications per TCP port.