Fortinet black logo

Cookbook

Interface bandwidth limit

Copy Link
Copy Doc ID 9bd2f947-ece6-11ec-bb32-fa163e15d75b:648294
Download PDF

Interface bandwidth limit

You can limit interface bandwidth for arriving and departing traffic. In some cases, the traffic received on an interfaces could exceed the maximum bandwidth limit defined in the security policy. Rather than waste processing power on packets that will get dropped later in the process, you can configure FortiGate to preemptively drop excess packets when they're received at the source interface. A similar command is available to the outgoing interface.

The following diagram shows how excess packets going from LAN to WAN1 can be intercepted and dropped at the source interface.

To configure an interface bandwidth limit in the GUI:
  1. Go to Network > Interfaces.
  2. Edit port1.
  3. In the Traffic Shaping section set the following options:
    1. Enable Inbound Bandwidth and enter 200.

      The default bandwidth unit is kbps.

    2. Enable Outbound Bandwidth and enter 400.

      The default bandwidth unit is kbps.

  4. Click OK.
To configure an interface bandwidth limit in the CLI:
  1. On the FortiGate, configure the interface bandwidth limit:
    config system interface
        edit "port1"
            .....
            set inbandwidth 200
            set outbandwidth 400
            .....
        next
    end

More Links

Interface bandwidth limit

You can limit interface bandwidth for arriving and departing traffic. In some cases, the traffic received on an interfaces could exceed the maximum bandwidth limit defined in the security policy. Rather than waste processing power on packets that will get dropped later in the process, you can configure FortiGate to preemptively drop excess packets when they're received at the source interface. A similar command is available to the outgoing interface.

The following diagram shows how excess packets going from LAN to WAN1 can be intercepted and dropped at the source interface.

To configure an interface bandwidth limit in the GUI:
  1. Go to Network > Interfaces.
  2. Edit port1.
  3. In the Traffic Shaping section set the following options:
    1. Enable Inbound Bandwidth and enter 200.

      The default bandwidth unit is kbps.

    2. Enable Outbound Bandwidth and enter 400.

      The default bandwidth unit is kbps.

  4. Click OK.
To configure an interface bandwidth limit in the CLI:
  1. On the FortiGate, configure the interface bandwidth limit:
    config system interface
        edit "port1"
            .....
            set inbandwidth 200
            set outbandwidth 400
            .....
        next
    end