• PFsense single shaper

    Locked
    12
    0 Votes
    12 Posts
    5k Views
    H

    If you create lots of queues and assign each host to a queue yes.

  • Cannot access Status -> Queues anymore

    Locked
    7
    0 Votes
    7 Posts
    3k Views
    A

    In my case, it's finally works by doing the following.

    Setup Traffic Shaper by the wizard, then goto Firewall: Shaper: Queues to setup the bandwidth for each queue. For example, given smaller maximum bandwidth to P2P traffic, then the Status: Traffic shaper: Queues can be load without problem.

    Thanks hoba! I know I have been asked many dump questions but your help is most appreciated!

    Aldo

  • Priority on WWW traffic

    Locked
    5
    0 Votes
    5 Posts
    3k Views
    M

    @brizio:

    Ok, thanks but is it possible define a maximum bandwith that an user can utilize ?
    I mean in case I have a 2MB of bandwith on my Wan link I would like that an user can utilize a miximum of 1MB, is it possible ?
    Thanks

    This may be done by squid more simple: define a one connection speed less than maximum available for this acl. In this case is possible to make difference between http traffic types

  • SIP Traffic Shaping question

    Locked
    2
    0 Votes
    2 Posts
    3k Views
    H

    Multiinterface shaing is not really working in 1.2 (search the forum) but it will be much much better in 1.3 (see the trafficshpaer thread in the bounty section).

    For now you could do something like this:

    wan upstream is upstream on wan interface lan downstream is downstream of ALL your wans

    This won't work perfect of course but it's the best that you can do in 1.2 currently, at least when working with only one pfSense. Other option would be to have an additional system inline on wan only doing shaping from wan to lan as workaround until 1.3 is available.

    ISP1-------wan/pfsense/lan-------wan          lan----- ISP2-----------------------------wan2 pfSense optx----- ISP2-----------------------------wan3        opty---                                 ...          ...
  • RE: Traffice Shaping over VPN

    Locked
    9
    0 Votes
    9 Posts
    5k Views
    H

    Doablo in 1.3. Search the forum.

  • 70% bandwidth for qwanacks still not enough?

    Locked
    2
    0 Votes
    2 Posts
    3k Views
    H

    I think this is a general problem with asymetrical links. I have a 16000/800 kbit/s ADSL2+ at home and if I download at full speed my upstream is almost full with ack packets only. If then other traffic comes on top it might see some drops. However 125 drops in 1 day 4 hours is really not much or better said almost nothing. I would simply just ignore it.

  • Ipsec vpn shaping

    Locked
    5
    0 Votes
    5 Posts
    3k Views
    E

    The answer has changed slightly.

    Search the forums. Doable in 1.3 or through the bounty system.
    It allows full shaping of ipsec tunnels inbound and outbound.

    Ermal

  • Traffic Shapping into ALIX board

    Locked
    2
    0 Votes
    2 Posts
    2k Views
    H

    Yes, the only thing different between embedded/CD and full installation is the option to use additional packages with full installs. All basefeatures are included in the embedded version as well.

  • How priority selective protocols?

    Locked
    1
    0 Votes
    1 Posts
    2k Views
    No one has replied
  • Getting high pings in games when using traffic shaper

    Locked
    6
    0 Votes
    6 Posts
    3k Views
    P

    thanks Hoba, will try this

  • 0 Votes
    10 Posts
    5k Views
    H

    Good to hear  :)

  • Calculating the required bandwidth for ACK queues for asymetric link

    Locked
    53
    0 Votes
    53 Posts
    100k Views
    E

    As Scott said in some posts before ask your question in another thread.

    The answer to your question is a plain NO.

    Remember that this is just a recommendation and not suitable to every case.

    Ermal

  • Outbound FTP Shaping

    Locked
    3
    0 Votes
    3 Posts
    2k Views
    W

    I can tell FTP sucks. I spent an hour searching around these forums and mailing lists through Google and came up with the same conclusion. I was hoping maybe someone knew something new, oh well..

    Thanks for the response. I'll keep my eyes open for 1.3.

  • Shapping Help

    Locked
    2
    0 Votes
    2 Posts
    2k Views
    H

    Trafficshaping in pfSense happens always outbound at an interface. This means your WAN upstream is shaped outbound at WAN whereas the WAN downstream is shaped outbound at interface LAN.

  • Do I need to create another rules for OPT1 subnet?

    Locked
    3
    0 Votes
    3 Posts
    2k Views
    H

    http://forum.pfsense.org/index.php/topic,2718.0.html

  • Traffic through second port….

    Locked
    2
    0 Votes
    2 Posts
    2k Views
    H

    Search the forum. Shaping downstream of WAN actually happens upstream on WAN. Shaping is always applied outbound of an interface. That's why your opt1 downstream is falling into the queues at LAN as well. You should add the downstream of WAN and OPT1 as overall downstream and have as upstream the upstream speed of WAN. That works best for me using 3 wans at our office.

  • OpenVPN traffic shaping

    Locked
    6
    0 Votes
    6 Posts
    12k Views
    V

    @hoba:

    No, as pfSense only sees encrypted traffic passing through it. It can't determine what's inside this encrypted packages and therefore it can't shape. You only could give higher or lower priority for all that vpn traffic with the shaper but not on different traffic inside the tunnel.

    thanks for the reply.. I think I dont really need to shape -within- the tunnel traffic, I just want to ensure outbound/inbound TCP traffic on port 1194 (what I use for openvpn stuff) to have a higher priority than bulk traffic.  whatever happens inside the tunnels pfsense doesnt need to know about in my case, i think.. so the traffic shaper should be able to help me somewhat

  • Newbie needs help about traffic shaping

    Locked
    4
    0 Votes
    4 Posts
    4k Views
    E

    Yes, for embedded and yes for fitting your needs.

    Though the issue of configuring it still remains. Meaning there are 4 wizards till now in there but still do not feet everybody setups.

  • Shaper dont work on 1.2final

    Locked
    19
    0 Votes
    19 Posts
    9k Views
    S

    ok sullrich, thanks a lot! as I'm in Brazil, I dont know how can I contribute, but I'll check this, ok! I always used pfsense since 0.9x and pretend keep using it!!!

    Thanks a lot!

  • Interesting Traffinc Shaping needs

    Locked
    16
    0 Votes
    16 Posts
    10k Views
    N

    Hmm that is alot more complicated than i thought!  I redid the shaper wizard again and its working much much better.  Im not sure how to add some of these rules manually, so i checked the box for the p2p catch all, and then selected all of the individual p2p services.  Now skype shows up again in the p2p que!  must be associating it with one of the rules… now if i could just figure out which one its using!

    As far as bandwith:

    p2p up - i assigned 256Kb realtime, 60% bandwidth
    p2p down - 256Kb realtime, 25% bandwidth
    ack up - 25% (standard)
    ack down - 25% (standard)
    queOthersUpH - 10%
    queOthersDownH - 40%
    queOthersUpL - 1% min
    queOthersDownL - 1% min

    Its working MUCH much better now.  I am able to skype with my wife and watch others surf the net!!!  After reading that last post, i cant claim that i know exactly why it works like it does.  I am still trying to learn though.  My question is this though - what is the difference between queOthersH and L?  most of the http traffic seemed to go through H, so that is why i traffic shaped it the way i did.  But sometimes the traffic will go through queOthersL - whats the difference?

    Thanks again for all your help and time.  I dont take it for granted.  ; :D

Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.