It's up to you to set your bandwidth limit. 20% might have been a bit conservative. However, I recommend running some bandwidth test with the shaper turned off first. Test upstream and downstream. I have not yet seen a line that had exact the advertised speed. Some are a bit slower, some even a bit faster. Don't trust your provider  ;)
In case your line is slower than advertised and you use the advertised values shaping won't be successful when reaching your lines limit.

cool. thanks

I think what he's looking for is a way to monitor the total throughput for the month….possibly auto-throttle at a certain usage amount so that he doesn't go over on his usage.....ie you get 100gb/month transfer limit then pay large amounts per gig after that.

@billm:

If I work it that way, you OK with bandwidth disappearing if HFSC is selected as the scheduler?
This convo might be better off on the dev list, I don't check the forums that often :)

–Bill

Ok.. I'll move this to the dev list later today when I wake up  :).

@nima.m:

Thanks for the response.

Then, Will this scenario be possible :

I have 5 computer connected to my Lintex router trough LAN.
Can I configure pfsense to have low prioritizing  computer 1 based on the "IpNumber/Mac Address" and standard prioritizing computer 2 based on the "IpNumber/Mac Address" and high prioritizing computer 3-6 based on their "IpNumber/Mac Address" ?

Yes this can be done but not so easily with the wizard. You will need to run the wizard then create custom queues and rules. I use this setup on my lan where I give piority and 59% of the bandwidth to a set of computers (me only ;)) and 39% to a few others. However you can't use mac addresses so I had to make use of static arp to assign the ipaddress.

Just wanted everyone to know everything is working great. This blows m0n0wall away. Clients are pissed off as they were getting a 10Mbs feed but they were only paying for 3Mb. NTOP Great addition really helps with figuring out where my client traffic is coming from and who to point the finger at.

tcp/udp port forward from external 22105 to internal 192.168.105.105:22105
some other forwards to 192.168.1.2

internal network is 192.168.0.0/16

queues:
upload:

name: up105105
bw = 1%
priority = 1
m2= 25kB
RED,ECN,
qWanroot

other filelds are empty

download: the same as above but
name: down105105
m2 is empty
qLanroot

rule:
upload queue - up105105
download queue - down105105 (I found that specifying here qP2Pdown doesn't work)
LAN->WAN
protocol: any
source: 192.168.105.105 (single host)
rest of fields are empty/default

squid is running in transparent mode,

version: snapshot 25/03/2006

config-siroccofw1.local-20060405004147.xml.tar.gz.txt

:-[ OK we wait up to version 1.1

Danke / thx

Stefan

There's a limit of 256 queues in ALTQ, fyi.  We can change that if/when it becomes an issue (at this time pfsense rule generation performance will be a bottleneck long before you get to 256 queues though).

–Bill

@sullrich:

This is to be expected.    CARP/pfSync does not sync the ALTQ assignments.  When a new connection (state) is created then the queue is reassigned.

This will change in the future with our Layer 7 shaper detection work that is ongoing.

I think this is also "fixed" in the kernel patches that I made not too long ago (not in 1.0).

–Bill

ok, fixed  ;D

Run the trafficshaper wizard. It has exactly the option you need. You can enter a VOIP IP or an alias. You also have the option to select Vonage as VOIP Povider. Either should work. The choppyness was surely related to the issues the shaper had these days. Give it a go. It should be fine now.

I guess you have to just test it out for yourself then.

Do not try to import my original config file into your system.  It was only posted so as to help others understand a little bit better how the traffic shaper works and what was working for me at that time.  If it is too confusing for you to decipher, then you probably need to learn more about TCP/IP, ports, and protocols.

This isn't pfSense, so you don't have fancy hostgroupaliases, queuegraphs and so on. You have to set it up and simulate a maxed out line and do phonecalls and terminalsessions under that condition and tweak it until you are happy with it.  ;)
I'll pm you something later when I'm at home. I don't think it makes sense to discuss that public as the m0n0 shaper is completely different compared to pfSense. I suggest closing this thread.

@mentalinc:

and an lil extra questionL: shaping will only work on upstream data as by the time downstream gets to my box its far to late as the pipe has been saturated and my HTTP traffic for example is sitting at the ISP waiting its turn. is that correct?

Yes, the traffic shaper in pfSense can only shape packets exiting an interface but it can also shape downlaods by shaping the traffic exiting lan card to your pc (you can look at it from the perspective of your box uploading to your pc). In other words, download shaping isnt dependent on your isp alone, pfsense actively shape downloads just the same as uploads.

However if you saturate your link traffic will be queued up in your box and possible at your isp as well (or your isp will drop extra traffic), so its a good idea to set ur max download & upload speed to a fraction below what your isp advertised, that way your box will limit the traffic before your isp policing or shaping kicks in, you sacrifice some bandwidth to gain better control over your traffic.

(ab-)use the voip queue for that. run the shaper and add an IP for the voip queue. after it has finsihed edit the queue and set the traffic limit at upper limit and dump the realtime value. set the priority lower. that's it. then copy these for as many clients as you need. however you have to keep the math in mind or you'll get an alert because of assigning more bandwidth than you have.

Possibly.  Try it in beta2

–Bill

@rexster:

in addition to many known ports,
it'll be great if we can add our own custom ports for traffic shaping.

tia
rex

Copy an existing rule.

–Bill

@sullrich:

Not at this time.  Patches accepted.

Patches accepted (although I know exactly what needs to be done, I backed out the code for this back in June due to other issues) - but be warned the shaper is under heavy development, you will want to coordinate any work you do with me.

Or again, donations are accepted - at this point a quiet machine with Intel FXPs would be appreciated.  I can no longer do shaper development on my (silent) Soekris as there's an OS level bug that affects the NICs on this machine.

–Bill