Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Traffic shaping of Wireguard that enters and exits on WAN

    Scheduled Pinned Locked Moved Traffic Shaping
    1 Posts 1 Posters 278 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • F
      frasse
      last edited by

      I have a Wireguard server running and I've been struggling with the traffic shaping, I'm using PRIQ.

      On the floating tab I have 3 rules.
      Floating rules.png

      The first rule applies to all traffic connecting to the Wireguard server.
      The second rule matches traffic that's tagged on the Wireguard server interface,
      And the third rule increases the priority to/from some services on my LAN.

      Traffic between the Wireguard clients and the services with aliases in rule 3 works as intended.

      The issue is when a Wireguard client uses a service available via WAN (aka Internet), since it then both enters and exits on the WAN the traffic shaping it only "sees" half the traffic but in reality it both sends and receives on WAN at the same time.
      And if a low priority LAN client starts to use max download capacity it will not be shaped since the shaper isn't aware of any other traffic then whats on WAN.

      That the shaper can't act on the Wireguard traffic that only passes on WAN doesn't seems like a mystery, it's never on the LAN interface. But is there a clever way to make it shape-able, or am I missing something obvious?

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.