PacketWise's default settings are appropriate for most configurations.
However, you can adjust the system variables if your situation warrants
it. Use discretion when modifying these variables.
1. Click the setup tab.
3. Change one or more of the system variable settings
(see table below).
4. Click apply changes.
Variable/
Description |
Default Value |
Min.
Value |
Max.
Value |
| Packet Engine |
Header Overhead (bytes)
Number of bytes that are added to each packet to account for WAN
protocol header overhead
|
0 |
0 |
256 |
Link Overhead (ppt)
Number of parts per thousand* by which packet sizes are increased
to account for link overhead. This adjustment is useful for links
that do bit stuffing. (Bit stuffing is the practice of
adding bits to a stream of data. Bit stuffing is required by many
network and communications protocols, for example to prevent data
from being interpreted as control information.)
* to be more precise, it’s actually parts per 1024
|
35
(3.5%) |
0 |
1024 |
Small MSS Link Speed
Link speeds slower than this value will force the use of smaller
MSS (maximum segment size)
Prevents PacketWise from changing the MSS on large WAN links
|
384000
bps |
0 |
512000 |
Maximum Segment Size (Inbound)
Maximum segment size of TCP packets on Inbound flows. This setting
can help avoid packet fragmentation when using VPN and not being
able to support 1500-byte packets (the default size) through the
VPN tunnel.
|
1460 bytes |
0 |
65535 |
Maximum Segment Size (Outbound)
Maximum segment size of TCP packets on Outbound flows
|
1460 bytes |
0 |
65535 |
Clamp Early Retransmission (Inbound)
Number of milliseconds delay for clamping early retransmission
time-out on Inbound packets. Puts a maximum on retransmit time.
|
1600 |
0
(disable) |
3000
(3 sec) |
Clamp Early Retransmission (Outbound)
Number of milliseconds delay for clamping early retransmission
time-out on Outbound packets
|
1600 |
0
(disable) |
3000
(3 sec) |
Asymmetric Flows Only
By turning on this setting, PacketWise will automatically assume
all flows are asymmetric and stop TCP Rate Control. In topologies
where there are a large percentage of asymmetric flows, this may
be more efficient than attempting to apply regular rate control.
In addition to disabling rate control, turning on this setting
disables all layer 7 classification activities. (PacketWise must
see traffic in both directions in order to classify layer 7.)
|
off |
- |
- |
Bridge PassThru
With Bridge PassThru enabled, the PacketShaper forwards packets
that have a source and destination MAC address on the same side
of the unit. When Bridge PassThru is disabled and traffic shaping
is enabled, the PacketShaper drop packets that have source and
destination MAC addresses on the same side.
|
on |
- |
- |
Caching of IP address-based classes
Cache IP address-based classes on the inside or outside
of the PacketShaper. Change this setting to outside to
increase performance of classification if the majority of IP addresses
in manually created classes are on the outside, rather than the
inside.
|
inside |
- |
- |
Display "503 - Service unavailable" Messages
Control the display of the "503 - Service unavailable"
server error message when a connection is refused because of admission control (such as a
never-admit policy). When set to off, the "503 - Service
unavailable" message will be customized with the text "This
message is sent by Packeteer PacketShaper." When set to on,
PacketWise will perform a TCP reset and drop the HTTP request;
the error message will likely be "The attempt to load http://...
failed."
|
off |
- |
- |
Enable Support for LFN
When enabled, this setting improves performance on Long Fat Networks
(LFN) which require larger TCP window sizes. An LFN is a long
distance network with large bandwidth and long delay; for example,
high-capacity satellite channels are LFNs.
|
off |
- |
- |
Policy flow limits for all classes
Enables/disables the policy flow limit feature. When enabled,
PacketWise will enforce all policy flow limits that have been
set on traffic classes. When disabled, all policy flow limits
will be ignored. For additional information, see policy
flowlimits.
|
on |
- |
- |
| Auto-discovery |
Non-IP Flows
The number of new non-IP connections of a given type that must
be identified within a one-minute time frame before PacketWise
creates a class
|
2 |
1 |
1000000 |
Identifiable Services
The number of new connections of an identifiable service to a
port less than or equal to 1024 that must be identified within
a one-minute time frame before PacketWise creates a class
|
1 |
1 |
1000000 |
Dynamic Ports
The number of new connections of an identifiable service to a
port greater than 1024 that must be identified within a one-minute
time frame before PacketWise creates a class
|
2 |
1 |
1000000 |
Static Ports
The number of new connections to a static port within a one-minute
time frame before PacketWise creates a Port_#### class in the
DiscoveredPorts folder
It may be necessary to increase this value on Internet link deployments
to prevent excessive number of DiscoveredPorts classes being created.
If you don’t want any Port_#### classes discovered, set this
variable to its maximum value.
|
11 |
1 |
1000000 |
| Dynamic Partitions |
Active
The number of seconds a dynamic partition will be retained after
an established flow has sent packets
Note: If no other user needs a dynamic partition, the
partition will be retained indefinitely.
|
300
(5 min) |
10 |
7200
(2 hrs) |
Idle
The number of seconds a dynamic partition will be retained after
an established flow has not sent or received packets
Note: If no other user needs a dynamic partition, the
partition will be retained indefinitely.
|
30 |
10 |
7200
(2 hrs) |
Reserved for Static
The number of partitions reserved for static partitions; all other
partitions can be used for dynamic or static partitions (applicable
to PacketShaper 1200 and 1500 only)
|
3 |
0 |
99 |
| Xpress
Tunnels |
Host Entries
The maximum number of hosts and partners that can be defined to
use the Xpress tunneling facility
* 0 indicates that the default system limit will be used; the
system limit depends on the amount of memory installed in the
unit
|
0* |
0 |
99999 |
Tunnel shutdown threshold
The maximum consecutive retransmissions of a packet before an
Xpress tunnel is shut down
|
5 |
0 |
99 |
Allow/Exclude inside hosts on list
Tunnel hosts are designated with the tunnel discovery host command. By default, the specified hosts
are the ones allowed to use Xpress tunnels. If you want
the specified hosts to be the ones excluded from tunnels,
you can change the setting of the Allow/Exclude inside hosts
on list variable.
If allow is selected, only listed inside hosts are eligible
for Xpress tunnels. If exclude is selected, inbound traffic
destined to the listed hosts is not sent through the tunnel, but
all other inside hosts are eligible for tunneling.
|
allow |
- |
- |
Allow/Exclude outside hosts on list
Tunnel hosts are designated with the tunnel discovery host command. By default, the specified
hosts are the ones allowed to use Xpress tunnels. If you
want the specified hosts to be the ones excluded from tunnels,
you can change the setting of the Allow/Exclude ouside hosts
on list variable.
If allow is selected, only listed outside hosts are eligible
for Xpress tunnels. If exclude is selected, outbound
traffic destined to the listed hosts is not sent through the tunnel
but all other outside hosts are eligible for tunneling.
|
allow |
- |
- |
Allow/Exclude PacketShapers on partner list
Tunnel partners are designated with the tunnel discovery partner command. By default, the specified
partners are the ones allowed to use Xpress tunneling.
If you want the specified partners to be the ones excluded
from tunneling, you can use the Allow/Exclude PacketShapers
on partner list to do so.
If allow is selected, Xpress creates tunnels only with
the listed PacketShapers. If exclude is selected, Xpress
does not establish tunnels with the listed PacketShapers;
only PacketShapers not listed have tunnels established.
|
allow |
- |
- |
Reapply TOS header value
Reapply network-modified TOS IP header values to decompressed
packets. When this option is enabled, the decompressing Xpress
unit will compare the original TOS value of the compressed packets
to the TOS value in the IPComp packet’s IP header. If the
network modified the TOS value of the IPComp packet, Xpress will
apply this modified TOS value to the original packets as they
are decompressed.
Note: The Differentiated Services Interoperability variable must also be enabled.
|
off
|
-
|
-
|
Local ARP Discovery
One of three mechanisms for discovering local hosts for Xpress
tunnels. When Local ARP Discovery is enabled, Xpress extracts
the source IP address from a valid ARP request or response and
adds it as a local host for Xpress tunnels.
This mechanism is enabled by default but only operates when global
host discovery is enabled (see Configure
Global Xpress Settings). This variable can be disabled for
troubleshooting host discovery on different network topologies.
Note: This variable is available in enhanced mode only.
|
on |
- |
- |
Local IP Discovery
One of three mechanisms for discovering local hosts for Xpress
tunnels. When Local IP Discovery is enabled, Xpress extracts the
IP addresses of all inside hosts and adds them to the local host
list for Xpress tunnels.
This mechanism is enabled by default but only operates when global
host discovery is enabled (see Configure
Global Xpress Settings). This variable can be disabled for
troubleshooting host discovery on different network topologies.
Note: This variable is available in enhanced mode only.
|
on |
- |
- |
Local OSPF Discovery
One of three mechanisms for discovering local hosts (subnets)
for Xpress tunnels. When OSPF (Open Shortest Path First) routing
protocol is configured on a router, the router will broadcast
link-state advertisement (LSA) messages to its subnets. When Local
OSPF Discovery is enabled, Xpress will examine these LSA messages,
looking for any subnets that are local to the PacketShaper. These
hosts will then be added to the local host list.
This mechanism will not work in a redundant topology and is disabled by default. In a non-redundant topology, you have the option of enabling this variable if you so chose.
Note: This variable is available in enhanced mode only.
|
off |
- |
- |
Remote RSVP Discovery
A mechanism for discovering remote hosts for Xpress tunnels. When
Remote RSVP Discovery is enabled, Xpress sends RSVP Path request
messages and if another PacketShaper along the path recognizes
the host (host being probed for) as a local host, it will respond
with an RSVP Resv reply message. If an RSVP Resv reply message
is received for a host, the host will be added to the list of
remote hosts.
This mechanism is enabled by default but only operates when global
host discovery is enabled (see Configure
Global Xpress Settings). This variable can be disabled for
troubleshooting host discovery on different network topologies.
Note: This variable is available in enhanced mode only.
|
on |
- |
- |
Ingress gateway configuration
Allows the optional configuration of a second gateway for Xpress — an ingress gateway. When this variable is enabled, the ingress gateway will be used for inbound detunneled packets and the Xpress-IP gateway will be used for outbound tunneled traffic. When this variable is disabled, the ingress gateway — even if it's configured — will be ignored.
Note: The ingress gateway can be defined with the tunnel ip configure command.
|
off |
- |
- |
Do not span packets
When packets are being packed into super packets, this variable determines whether a packet's contents will be spanned across two super packets. By default, packets are not spanned.
|
yes |
- |
- |
TCP port used for tunneled intershaper traffic
The TCP port number that Xpress tunnels use for transport.
Notes:
- Traffic from any user machine sourcing from this port will not be accelerated.
- When you change the TCP port number, only new tunnels (those formed after the change) will use the new port. If there were any tunnels using the old port, be sure to delete them so that all tunnels use the same port.
|
64600 |
1 |
65535 |
Inherit inbound tunnel
Determines how Xpress selects an outbound tunnel when a destination host is reachable via multiple routes. When this variable is enabled, Xpress will choose the tunnel that first serviced the inbound flow. When this variable is disabled, Xpress will choose the tunnel it discovered first.
Note: This variable is not available via PolicyCenter.
|
off |
- |
- |
Strict Host Check for Acceleration
When this variable is enabled, outbound TCP flows will be accelerated only if the source host is configured (or discovered) on the local device and the destination host is configured/discovered as a remote host via the outbound tunnel. Likewise, inbound accelerated flows will not be intercepted unless the source host is configured/discovered as a remote host via the inbound tunnel and the destination host is configured/discovered on the local device.
Certain topologies require this variable to be enabled in order for acceleration to work properly:
- Multiple inline PacketShapers
- Hub-and-spoke topologies in which traffic accelerated at the edge PacketShaper will pass through an intermediate PacketShaper at the central site
Notes:
- Enabling this variable may result in a slight degradation of performance for XTP acceleration, since lookup and validation of local and remote hosts are done per packet. SCPS acceleration does not have this side effect.
- If packets pass through the same PacketShaper multiple times, it may be necessary to restrict hosts (using the tunnel discovery host command), to manually provision hosts on a particular side (using the hostdb side manual command), or to disable host discovery (using the tunnel discovery command).
|
off |
- |
- |
| Legacy
Compression |
Enable packing
When packing is enabled, multiple packets are combined into a
single "super packet," in order to save on overhead.
Packing increases compression rates because less data is being
sent out on the wire.
Note: On very busy links, packing doesn't cause much latency
because the packets are bundled and sent off quickly. On less
active links, Xpress may have to wait to get enough packets in
a bundle, possibly creating application performance problems.
If you are experiencing latency, try lowering the packing hold
time or disabling it altogether.
|
off |
- |
- |
Packing hold time
Maximum number of milliseconds packets will be held for packing.
When PacketShaper receives a packet, it is held up to the
maximum packing hold time (10ms by default), waiting to be combined
with additional packets. After that time expires, Xpress compresses
all the accumulated packets into a super packet and sends it out.
|
10 |
0 |
1024 |
Transparent trigger threshold
The number of consecutive retransmissions of a packet before Xpress
disables the compression tunnel and sends packets in the clear
(uncompressed). The tunnel will resume normal operation after
it gets an acknowledgment for the retransmitted packets; if acknowledgment
is not received before the Tunnel shutdown threshold is
reached, the tunnel will be shut down.
|
2 |
0 |
99 |
Firewall Support
Enables/disables firewall support for the Xpress compression feature.
If set to 0, Xpress firewall support is disabled; use this
setting when there is not a firewall between partner units.
When there is a firewall between partner units, you should enable
firewall support by selecting either 1 or 2:
- 1: Firewall support is enabled only when compression
is ON.
- 2: Firewall support stays enabled for persistent flows
even after disabling compression. When compression is turned
off, any TCP flows already hidden from the firewall continue
to be hidden (tunneled), but new TCP flows are not hidden.
|
0 |
0 |
2 |
Differentiated Services Interoperability
Preserve TOS (Type-of-Service) IP header values on compressed
packets. When this option is enabled, TOS values will be preserved
on IPComp packets. When it is disabled, TOS values will not be
preserved on compressed packets.
|
off
|
-
|
-
|
| Browser Interface |
Graph Timeout
The maximum number of seconds a graph can take to generate in
the browser interface; if the graph takes longer to generate than
this value, a system time-out error message will appear.
Note: Increasing this setting can make the browser interface
appear to "freeze" while PacketWise is generating some
of the more complex graphs. Sometimes the browser will not display
the page until all of the graphs are generated.
|
60 |
1 |
600
(10 min) |
Browser HTTP Acceleration
Enable/disable GZIP compression of HTTP content sent from PacketShaper to a web browser. Enabling this setting improves performance of
the PacketWise browser interface on slow links. Supported on Netscape
7.1 and above; Internet Explorer 6.0 and above; not supported
on IE 5.5.
|
on
|
-
|
-
|
| Events |
Registered Events
The maximum number of events that can be registered
|
32 |
32 |
128 |
User-Defined Events
The maximum number of events that can be user-defined |
32 |
32 |
128 |
Extended SNMP Version
Enable/disable the extended SNMP trap for user events. When this variable is turned on, there will be an additional field in the trap that indicates the type of situation that triggered the trap. The field indicates violated (when the threshold was exceeded) or rearm (when the re-arm value was crossed).
|
off |
- |
- |
| Flow Detail Records (FDR) |
Intermediate FDR
Enable/disable the intermediate flow detail records feature. When this variable is enabled, PacketWise emits intermediate FDRs at the interval specified by the flowRecordsIntermediateTimeout variable.
Note: Enable the intermediate flow detail records feature only when using a suitably-instrumented collector, such as Cisco-based Netflow-5 collectors. ReportCenter version 3.1 and earlier ignore intermediate FDRs.
|
0
(off) |
0
(off) |
1
(on) |
Intermediate FDR Timeout
Number of milliseconds between generation and sending of intermediate flow detail records when traffic is present
|
1500 |
1000 |
36000 |
Packeteer-P Packets
Enable/disable emission of Packeteer-P packets to Packeteer flow detail
record collectors. Packeteer-P packets contain statistics that are not related
to particular flows, but rather provide information about utilization on
the PacketShaper at the time flows are recorded. If this variable is enabled,
Packeteer-P records are sent after each UDP flow record packet is sent to
Packeteer-1 or Packeteer-2 collectors (not more than once per minute).
|
0
(off) |
0
(off) |
1
(on) |
Packeteer-P Timeout
Number of seconds between generation and sending of Packeteer-0 flow records.
|
3600 |
10 |
5000 |
Packeteer-0 Packets
Enable/disable emission of Packeteer-0 packets to Packeteer flow detail
record collectors. Packeteer-0 packets are mapping messages that allow collectors
to decipher Packeteer-related information in the FDRs they receive. For
example, in the FDR’s ClassID field, a value identifies the traffic
class. In order for the collector to understand what class is actually associated
with the ID, it uses the class map — a list that contains each traffic
class on the unit along with the identifying number assigned to each class.
If this variable is enabled, Packeteer-0 mappings are sent out approximately
once each hour. Note that this variable needs to be enabled only if the
collector does not know this information through other means.
|
0
(off) |
0
(off) |
1
(on) |
Packeteer-0 Timeout
Number of seconds between generation and sending of Packeteer-0 flow records.
|
3600 |
10 |
5000 |
Reset Packeteer 1/2 Counters
Controls whether or not the counter fields in FDR packets are reset with each intermediate FDR sent
Note: This variable only affects Packeteer-1 and Packeteer-2 format FDRs: counter fields are always reset in the NetFlow-5 format.
|
1
(on) |
0
(off) |
1
(on) |
| Miscellaneous |
Hot Standby Timeout
Number of milliseconds after which the standby unit becomes active
if it has not received a keep-alive message from the active unit
Note: The hot standby feature is no longer supported.
|
9700
(9.7 sec) |
2000
(2 sec) |
30000
(30 sec) |
Synthetic Transaction Timeout (Read)
Number of seconds after which a synthetic transaction will end
when the response received is incomplete
Note: This variable is not available on PacketShaper ISP
models.
|
5 |
1 |
1000 |
Synthetic Transaction Timeout (Write)
Number of seconds after which a synthetic transaction will be
canceled if the server fails to respond to a request
Note: This variable is not available on PacketShaper ISP
models.
|
60 |
10 |
5000 |
Maximum Frame Routes
The maximum number of route entries PacketWise can import from
a FRAD or ATM routing table
Note: This variable is not available on the PacketShaper 1200 or 1400 Lite models.
|
300 |
25 |
2000 |
Link State Mirroring
Enable/disable link state mirroring. With link state mirroring,
PacketWise will bring down the second port of a NIC pair if the
first goes down. This feature allows each PacketShaper to sit
between a WAN router and a switch without blocking detection of
switch outages by the router. Link state mirroring is automatically
enabled when direct standby is enabled and the redundant management
port is connected.
Notes:
- Link state mirroring is not active on the LEM being
used for the direct link; this allows you to disconnect the redundant
management port without impacting connectivity. However, link
state mirroring is disabled when the redundant management link
is disconnected.
- This variable is not available via PolicyCenter.
|
off |
- |
- |
Enable Latency Calculations
Enable/disable the calculation of latency for VoIP metrics. When this variable is enabled, PacketWise collects data that measure latency for VoIP flows.
Note: Latency can only be measured between PacketShapers with latency calculations enabled (on).
|
0
(off) |
0
(off) |
1
(on) |
Latency Probe Send Interval
Number of seconds between the issuance of VoIP latency probes that measure VoIP metrics, enabled by the enableLatency variable.
|
5 |
1 |
60 |
Estimate Packet Exchange Time
Enable/disable the calculation of packet exchange time. When this
variable is disabled, the Pkt Exch column on the Monitor Traffic
page will not appear, RTM will not be available, and the packet
exchange time and RTM measurement variables will always have a
value of 0.
After disabling the Estimate Packet Exchange Time variable, you
should reset the unit.
Note: This variable is not available on the PacketShaper 1200 model.
|
on |
- |
- |
Enable Winny Application Classification
Enable/disable classification of the Winny service. For optimal performance, enable only when management of Winny traffic is required.
Note: The Winny peer-to-peer application is used primarily in Japan.
|
off |
- |
- |
Enable Support for SSHv1
Enable/disable support for Secure Shell version 1 (SSHv1) for secure access to the PacketShaper. When this variable is enabled, the PacketShaper can be accessed with SSHv1 and SSHv2 clients. When this variable is disabled, only SSH clients using the SSHv2 protocol version are supported. (available starting in 8.1.1)
Note that this variable doesn’t take effect until the PacketShaper is reset.
|
on |
- |
- |
