Bandwidth Allocations and Locations

When are new locations added automatically?

If any of the following statements are true, a location is automatically created:

  1. If the network is considered “Managed” by Windows

  2. If the client is a VPN client

  3. If the DomainType is "DomainAuthenticated"

  4. If the Category of the connection is "DomainAuthenticated"

  5. If the list of AcceptableNetworkNames contains the network (connection) name

  6. If the location is generated from iPXE

How long does it take before a location is created?

It can take up to several seconds before the new location is created. The process that handles this generates requests in parallel. Only one request is fired per network per time that the server is active. The tried list is stored in memory and is only active until the service restarts.

Any client (including the first one) that connected during the few seconds when there was no network will go into roaming until the internal location polling cycle runs. This runs at a 15 min interval on each client.

Special VPN handling

For VPNs, the same logic as regular networks applies to the most part. However, some VPN connections will report in the network as a 32 bit address mask. When this is the case, we apply a C mask to the IP to generate the network. If a machine with IP of with a mask of, the calculated network id of that is the same as the client address. In order to avoid having a large amounts of single VPN locations, we apply a 24 bit(C) class mask to the IP and recalculate it.


Client A reports in with with a mask of 32 bit, we then apply a 24 bit mask so that the network ID and generated subnet will be Any other machine that will connect in using an IP that falls within the 24bit range will be added to the subnet. If however a machine of calls in, it will be placed in the subnet.

Note: This logic is purely for grouping within StifleR itself and does not affect any routing or configuration. So even if the DHCP scope is generated with a 8 bit or 16 bit mask, the subnets will be grouped into 24bit mask segments.

How Bandwidth is Allocated

Non linked locations

The TargetBandwitdh is assigned to Red Leaders, other clients get the default non leader values.

Linked locations

When multiple locations are linked, the Parent bandwidth is split between the Red Leader per active subnet.

Latency throttling

Well Connected locations

<add key="WellConnectedSplitbandwidth" value="1" />on the server - determines the W/C behaviour.

If "WellConnectedSplitbandwidth" value="0" - All active clients get the same Bandwidth i.e the value assigned to WellConnectedBITSBandwidth / WellConnectedDOBandwidth (this value will be injected into the client config file)

If "WellConnectedSplitbandwidth" value="1" - the WellConnectedBITSBandwidth / WellConnectedDOBandwidth values will be split between all ACTIVE clients. If only the TargetBandwidth is set – the Red Leader will be allocated that bandwidth and all others will use the Befault Non-Red Leader bandwidth (as per a regular subnet)

Internet Breakout Locations

Internet traffic is then throttled differently, and is split per

VPN networks

For VPN networks the bandwidth is assigned the following way if both the client reports in as VPN as well as the location being set to VPN. If the client fails to detect itself as VPN it will not be getting the VPN settings but instead being considered managed, i.e. given very low bandwidth.

If the TargetBandwidth is set to zero, unlimited bandwidth is assigned to the clients, consider it reporting only mode.

VPN subnet is not linked with others

The bandwidth is assigned per number of number of active clients downloading with the logic of bandwidth / n + 1. So if a TargetBandwidth of 24Mbs is set, and we have 10 clients downloading the bandwidth is split between 10 + 1 = 2.18Mb/s per client. If this then changes over time to 2 active the assigned bandwidth goes up to 24 / 2 +1 = 8 Mbs per client.

Linked VPN networks

When multiple VPN subnets are linked together, the assigned bandwidth is split per active VPN subnets and then split per active clients within its subnet.

Example: If 100Mbs is set on the parent subnet, and you have 3 active child subnets, giving 4 active subnets with the parent, the bandwidth is then first split into (4, 100/4 = 25Mbs). The split value is then split per the number of active clients within that subgroup. So if one location has 10 active clients, they get 25Mbs/ 10 + 1 = 2.18 Mbs. If only a single subnet has VPN clients, the bandwidth will be allocated to a single VPN

When are these calculations done?

The calculations are done at the same time for all bandwidth assignment, which is at connection time, and then at a rolling 5 minute interval per VPN client. (For non VPN connections the bandwidth is allocated every 15 min).

Last updated