• Limit inbound connections bandwidth by hostname?

    6
    0 Votes
    6 Posts
    1k Views
    DerelictD

    The source addresses should be the mask on the in queue, dest addresses on the out queue.  Yes, that will create a pipe for each outside address using the characteristics you set.

  • Traffic shapper for P2P not working

    24
    0 Votes
    24 Posts
    4k Views
    A

    @Harvy66:

    @Abhishek:

    control bandwidth getting used by p2p applications

    Just making sure because people tend to conflate bandwidth, latency, and fairness and assume everything is to be solved with bandwidth.

    not facing any latency issue

  • Limiter on Website I host

    6
    0 Votes
    6 Posts
    1k Views
    H

    Is there a reason you don't want them to use all of the bandwidth if the bandwidth is not being used? I let my P2P use all of my bandwidth and I never notice it even when my connection is maxed.

    The only reason I ask is because most issues of "slowness" are caused by bufferbloat and lack of fairness, not a lack of bandwidth.

  • VOIP Device Limit

    4
    0 Votes
    4 Posts
    878 Views
    G

    I found the issue and thought I'd post the how I "fixed" the issue, I use the fixed loosely.

    We had an issue a couple of months ago when we installed the pfsense router where lines were being dropped after a specific amount of time. To fix this I followed a number of guides on the internet, all of which said installing siproxd was the way to go… siproxd was the problem, or more accurately my lack of knowledge revolving around VOIP and siproxd was the issue. Until I develop my knowledge the fix was to remove siproxd, thankfully this hasn't recreated the original issue.

    What lead me to believe there was an issue with siproxd was that registered VOIP phones which show'd up on the list in siproxd weren't working, and phones which weren't registered with siproxd worked perfectly.... if I ever find out what I messed up with on siproxd I shall come back and post my findings.

  • Limiter On Wan Interface

    8
    0 Votes
    8 Posts
    2k Views
    N

    @Derelict:

    I didn't see the post about the proxy. If you want to limit traffic to/from specific outside IP addresses I think your only choice is a floating match rule on WAN out to catch the connections being made to those addresses and setting the limiters.

    In/out will correspond to Upload/Download I think.

    I think I have had 3 or 4 distinct times where I thought I had a good grasp of limiters, but each time the level of confusion grows in a brand-new exciting way. Networking kryptonite or something.

  • 2.2 and Traffic shaping working better

    3
    0 Votes
    3 Posts
    1k Views
    H

    Best to start your own thread, then we can help you better  :-)

  • How to include WLAN into a simple PRIQ traffic shaping setup

    2
    0 Votes
    2 Posts
    844 Views
    P

    New idea or temporary fix: If I map the whole WLAN traffic to a LAN interface, I could shape this LAN interface instead.

  • PfSense Mis-shaping traffic

    12
    0 Votes
    12 Posts
    2k Views
    N

    Can a single queue handle both In and Out traffic simultaneously? I think no.

    If you create "qArb" on both WAN and LAN, you only need to assign traffic once and the returning traffic will find the properly named queue automatically, iirc. I think the Wizard makes use of this method.

    As a general rule with pfSense, use precise, simple rules to ease later trouble-shooting. Broad rules with superfluous options can create an angry and frustrated admin.

  • Traffic Shaping WAN and also OpenVPN

    3
    0 Votes
    3 Posts
    2k Views
    A

    Thanks for the detail - I'll give this a go after I have read it a few times…...! Appreciate your time in response.

  • Do all interfaces share bandwidth with same queue?

    3
    0 Votes
    3 Posts
    859 Views
    O

    I see, thanks for the reply.

  • PfSense and Shaping Facebook – The Definitive Guide.

    27
    0 Votes
    27 Posts
    10k Views
    cyber7C

    @Derelict:

    The hard part is identifying the traffic.  Limiting identified traffic is pretty easy.  I think most people who go down this rabbit hole are overthinking things. (Facebook bad, google, ok, googlevideo bad, cnn ok).  Fuck it.  Just limit/shape them all and make the internet work.

    HAHAHA!  I like your attitude!  I am starting to really think in this direction as well!  I have set up limiters (1/2/3Mb/s).  It works, but after I implemented your solution, I am looking at making this more "smove" :)

    cyber7

    And you, Derelict, my dear sir ARE A GENIUS!  Re-Wrote all my Limiters with your specs and WOW, soooo smove!

    cyber7-out

  • Limit the bandwidth of specific ports

    9
    0 Votes
    9 Posts
    4k Views
    DerelictD

    https://forum.pfsense.org/index.php?topic=96941.msg543955#msg543955

    You would, of course, tweak the firewall rule to match any address on the specific ports.

    If you want a separate pool for each port you'll need to define a different set of limiters for each one.

    As far as I know if you set the same limiters on different rules they're all pooled together.

  • Prioritize Icecast / MPD Traffic Outbound for Radio Stream

    1
    0 Votes
    1 Posts
    675 Views
    No one has replied
  • Simple In-line transparent Traffic Limiter

    1
    0 Votes
    1 Posts
    730 Views
    No one has replied
  • Viewing Queue with an implemented Traffic Shaper Queue

    6
    0 Votes
    6 Posts
    1k Views
    G

    the ports I mentioned above are just examples, and yes, I have those ports already listed on the alias page.
    the ones that you also posted is for steam, dota 2 have these ports according to: http://dev.dota2.com/showthread.php?t=15261

    What protocol and ports does Dota 2 use?
    Dota 2 uses the UDP protocol and communicates on ports 27015 through 28999 to our dedicated servers. By default, your client opens UDP port 27005 or your computer to connect to the game servers.

    and I have added them also and all is working great for dota 2…, just need some other games which does not post their port(s) on their websites :(

    but anyways, for my other games, I'll just add the port(s) accordingly and reboot pfsense if needed.

  • Terrible ping/LAG intermittently…please help!

    2
    0 Votes
    2 Posts
    843 Views
    DerelictD

    I don't think OP was talking LAG as in link aggregate group.  I think he was talking lag like my gaming session is lagging.

  • Simple traffic shaping to prioritize VoIP traffic

    6
    0 Votes
    6 Posts
    4k Views
    DerelictD

    Nope.

    You want to forget about everything VoIP and OpenVPN and prioritize the tunnel endpoints and the VPN tunnel itself.

    You will have a firewall rule on the server passing inbound traffic to your OpenVPN server.  Prioritize that traffic using that rule.

    On the client, you will need a floating rule on WAN out UDP source WAN address dest Remote VPN Server address port OpenVPN port.  Prioritize that using a match rule.

  • Pfsense default

    2
    0 Votes
    2 Posts
    947 Views
    H

    Like any other devices, without any settings, PFSense will forward packets first come first serve at full line rate and let something else worry about congestion.

  • Another penalty box question

    5
    0 Votes
    5 Posts
    4k Views
    D

    WFM…

  • 0 Votes
    2 Posts
    833 Views
    DerelictD

    Firewall > Traffic Shaper > Limiter Mask on source address for inbound and and destination address for outbound.

    There was a walkthrough posted on this very subject a couple days ago.  Look at the posts.

Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.