Seriously confused - multi-tenant share

  • I'm looking into replacing a main router with a pfsense box for multiple tenants, this will be setup on 1 wan and 1 lan i believe.

    The connection needs to largely shared equally amount most tenants (however with an upper limit of 6Mb)

    I've managed this part of the setup and that seems to work fine to a range of IP's via an alias, however, I also need 2 tenants to have a MINIMUM of 10Mb.

    As a side to this, i need the pool thats being shared equally to be able to take from the 2 tenants with minimum requirements but if the two then get trafic they should be the priority to ensure the 10Mb minimum.

    I'm seriously stuck with this and I've tried searching the forum but can't find anything that makes understandable sense to me…

    Any help would be much appreciated

  • i've tried 2 sets of limiters then assined with two different sets of queues via rules but it doesn't seem to take on any of the settings in the queues (minimum speed being the main one)

    I can get all machines to share pretty evenly but getting a headache trying to get one to work with a minimum bandwidth

  • Limiters only limit. They can only set maximums. If you want minimum, you need to start using HFSC or CBQ traffic shapers. I am not sure if you can use both at the same time. If you can, you may be able to only use the shapers to set minimums and let the limiters handle the maximums.

  • that's where I am presently, trying to use a queue with a minimum (set on a range of IPs) and limiters set with a maximum (on a different range)

    however it doesn't appear to be working as when tested with multple machines connected the one set to an IP in the minimum range drops below the minimum during a speedtest on all machines at the same time.

    Is what I require actually possible with pfsense?

  • You can easily accomplish your goal with HFSC traffic-shaping queues. 1 queue per tenant, then set the link-share & upper-limit values to the appropriate values.

    If you need to group certain tenants you can create a parent queue with the appropriate tenant queues as child queues.

    Forget about limiters.

