How to Modify QoS for a Single Internal IP Address



  • We are looking to connect our company from Los Angeles to our other office in another city.  But we need to setup only 1 computer to have control of 60% of the bandwidth for a single day.

    The company line has 100up/100dn from the ISP.  So we need 60ms to be used for this single computer.  I realize we are talking about upload speed on my end, and at the other office they will be working on the download side because we are transmitting to them.

    I am working with the latest pfSense version, 2.3.2.  What would be the best method to achieve this goal?
    Thanks,



  • A limiter would probably be the easiest and fastest to configure.  Create a limiter with a 60 Mbps cap and then direct just that one IP into the pipe.  Here is a really good writeup of how to configure a limiter:

    https://www.reddit.com/r/PFSENSE/comments/3e67dk/flexible_vs_fixed_limiters_troubleshooting_with/



  • Thanks KOM.  I'll check it out.

    One thing we are trying to do is not really limit it to 60, but want to keep it at 60 or above due to bandwidth needed for that line.



  • Your wording made it sound like you didn't want it to consume more than 60% with the rest for all other clients.  Flip it and make a limiter than limits to 40 Mbps, and then put all other clients in that pipe.



  • @KOM:

    Your wording made it sound like you didn't want it to consume more than 60% with the rest for all other clients.  Flip it and make a limiter than limits to 40 Mbps, and then put all other clients in that pipe.

    Maybe I wasn't clear in my wording.

    We want 1 computer to have access to 60mbps, no more - no less, all others to share the other 40.  There are about 100 people at the company.  I was hoping to maybe include an IP range from our DHCP to limit those to 40, then give the PC that I need 60 on to a static IP outside the DHCP scope, then it would be allowed to have that 60 it needs.



  • Oh ok, I understood you right the first time around and my suggestion still applies.  Create a limiter of 60 Mbps and create a LAN firewall rule to push the traffic from just that one client into the limiter.  The limiter will ensure that it can use up to, but not more than, 60 Mbps.

    You could accomplish the same goal with a properly-configured HFSC shaper, but it would be MUCH more complex than a limiter.


Log in to reply