• Limit individual and global bandwidth both in same time

    6
    0 Votes
    6 Posts
    3k Views
    N

    I just need some clarification here:

    On topic:
    Should it be like this?

    IN/OUT Limiters:
    IN = Use "Source Address" if you're going to limit bandwidth per user.
    OUT = Use "Destination Address" if you're going to limit bandwidth for the whole users.
    Current I am using "Destination Address" Mask only for limiting bandwidth.

    Question:
    Do this method will work if I combined the two Mask? TIA!

  • Traffic Shaper Names in the Queue Status Screen

    1
    0 Votes
    1 Posts
    1k Views
    No one has replied
  • Limiter doesn't work with Steam

    3
    0 Votes
    3 Posts
    2k Views
    K

    Setting up Limiters or Queues is VERY tricky without perfect understanding of what every setting does. You've most likely configured it wrong.

  • IP phone Traffic Shapping

    1
    0 Votes
    1 Posts
    1k Views
    No one has replied
  • Firewall: Traffic Shaper multi wan

    3
    0 Votes
    3 Posts
    2k Views
    E

    manually create a queue via the web interface? or edit configuration files? which files so as not to spoil the configuration?

  • Shaping traffic with login

    1
    0 Votes
    1 Posts
    1k Views
    No one has replied
  • Messing with queues - a slightly less messy approach

    3
    0 Votes
    3 Posts
    2k Views
    K

    No, because none of this is necessary. Everything can already be done with the normal queue functionality. A user who doesn't understand how to create queues will screw it up anyway.

  • QOS per Interface

    13
    0 Votes
    13 Posts
    7k Views
    A

    I am just now starting to need QoS for a cluster with 4 different security zones where I need to find a solution without bridging.  I am still experimenting with Limiters to see if I can get by using them but I am afraid they might have big performance issues (based on reading the forum not from experience) and I know they don't have all the features that I want to use with the normal queues.

    I have been using 2.1 on a few non critical systems and I haven't dound anything that would make it better for this.  I think it might be a limitation of the QoS implementation on FreeBSD.

  • Openvpn traffic shaping

    2
    0 Votes
    2 Posts
    2k Views
    G

    In order to shape download traffic you need rules on the LAN interface, no matter if the traffic is coming from WAN, OpenVPN or whatever. In this case, you need a rule on your LAN tab with source: LAN subnet and destination: your OpenVPN subnet (not the server public IP), and specify what queue you want that traffic in (you previously saw the traffic on qLink because it is was catched by the default rule that sends traffic to qLink)

  • Do queues on outbound WAN also apply to response packets exiting LAN?

    3
    0 Votes
    3 Posts
    2k Views
    G

    That's why it is a good idea to have queues with the same names on both LAN and WAN ;)

  • Excluding specific IP's from Traffic Shaping Rules

    3
    0 Votes
    3 Posts
    4k Views
    G

    Firewall rules are evaluated from top to bottom, so create another rule above the other ones that catches the traffic from that PC, and send it to the appropriate queue (one with more priority, or with more bandwith, or without limiters, depending on how you configured your shaper).

    Regards!

  • Traffic Shaping per IP

    7
    0 Votes
    7 Posts
    4k Views
    C

    @jimp:

    FYI- the masking is incorrect on the example given by cheonne earlier in this thread.

    For the upload limiter, you want a source mask
    For the download limiter, you want a destination mask

    The same pair of limiters would be used for both LAN and WAN rules (LAN - In=Upload, Out=Download, WAN - In=Download, Out=Upload)

    thanks for the correction.. ;)
    i mislook his thread ttle "…per ip"

  • Manage the amount of data traffic on the Internet

    1
    0 Votes
    1 Posts
    1k Views
    No one has replied
  • Limit Public IP

    12
    0 Votes
    12 Posts
    4k Views
    F

    What is described here is a known bug in pfsense, provide more detail here: https://redmine.pfsense.org/issues/3096

  • Limiting speed on a single site ?

    8
    0 Votes
    8 Posts
    5k Views
    C

    @falbertopl:

    Using firewall rules an limiter. create an alias with facebook domain and apply a limiter to a firewall to contain that alias

    facebook domain can be added through alias?
    coz i did this but i got an error

  • Synchronously (symetric) bandwidth limit?

    5
    0 Votes
    5 Posts
    2k Views
    F

    As I have understood, each limiter acts as a channel with a bandwidth allocated, if within it are created queues, each queue share that bandwidth based on the percentage allocated to each queue or letting pfsense be responsible for rolling, i attached a sample image. if there is only one traffic queues, the entire bandwidth of the limiter is assigned to that queue, if there is traffic in another queue so that traffic is shared among those queues according percent of the queue or you can leave depending on the amount of traffic on queue pfsense decides , that is achieved by letting the percent white. If you think what I said is wrong, please correct me.

    Symetric.jpg
    Symetric.jpg_thumb

  • HOWTO: Traffic Shaping with Squid Cache

    12
    0 Votes
    12 Posts
    15k Views
    A

    I had made a queue named 'qProxy' as your setting and then setting up firewall rules as you recommended. But why there are no activity in in queue status for 'qProxy'. I also had inserted your code in custom field for proxy server settings.

  • Shared bandwidth in limiters or separate?

    3
    0 Votes
    3 Posts
    2k Views
    jimpJ

    That's correct. Unmasked limiters are global for any traffic in the limiter. Masks define how to group them into per-group limits (on 2.1 you can mask by IP or by subnet)

  • Variable connection speed yet share what's available evenly per IP?

    10
    0 Votes
    10 Posts
    6k Views
    R

    @phil.davis:

    In my cases in Nepal, on a quiet connection, the ping time to anywhere except the direct ISP device at the other end of the ADSL copper phone wire, is completely variable.

    I assume that's why the Gargoyle solution defaults to pinging the gateway on your WAN connection, to which pfSense's RRD WAN quality graphs also refer.

  • Floating rules or specific interface shaping rules?

    1
    0 Votes
    1 Posts
    1k Views
    No one has replied
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.