Bandwidth Control FAQs
From Edge Threat Management Wiki - Arista
Why are the rules evaluated on the first ten packets of a session?
Often rules involve session "meta-data" conditions such as HTTP: Hostname or Application Control: Application. These meta-data tags are usually completed fairly quickly (first few packets) but they are usually not known until the first few packets. As such the session is evaluated initially and the next 9 packets. This is to ensure that all rules that involve meta-data have a chance to fire. After the first ten packets the meta-data typically does not change and the rules are no longer consulted.
Dropping a Quota does not seem to work. Why?
If you have a rule set to give quotas automatically if a host doesn't have a quota it is probably being given a new quota again very quickly which gives the appearance that you can't delete the quota.