WAN Limit bandwith
-
Hi, I have a problem that I couldn't find any solutions on the web.
I currently have a multiple WAN / multiple LAN setup that works well with no traffic shapping (only firewall rules that redirect traffic according to ports). The fact is I just got a symetrical 1000 Mbit/s WAN access but I want to use only 60 Mbit/s on this connexion (each up and down) and no more (let's call it WAN1). But the LAN users need auround 100-150 Mbit/s for surfing the web. That's why I also have a few 15-20 Mbit/s WAN access (let's call it WAN2-WAN6) but their quality is worse (higher ping and less stable) than WAN1.
So what I need is to setup a (set of) rule(s) with Traffic Shapping probably that handles all the http/https traffic and redirect it to the WAN1-WAN6 group gateways but under the condition that under no circumstances the WAN1 bandwith gets above 60 Mbit/s.
I have found out how to use the limiter to limit up and down bandwidth of a firewall rule but I don't want it applied on the whole http/https traffic but only a single interface.
So I've looked at Traffic Shapper By Interface but I've only managed to limit the upload bandwidth and not the download one and I can't find how to limit both up and down on an interface.I'm quite lost right now, so I hope you would come with a solution.
In addition if the WAN1 gateway could be prioritized over the WAN2-WAN6 that would be better but it's not the most important point.
MoaMoaK
-
Download is shaped on the LAN.
Maybe you could use packet marking to mark traffic incoming on the chosen WAN and then match it on the LAN & shape it.
or, with traffic-shaping queues, I think that if traffic leaves the WAN through qWhatever it will be placed into qWhatever on the LAN when it returns.
-
Thanks but I'm not sure how to shape only marked packet. Do you have any clue where this can be done ?
And about the same names of the queue on both WAN and LAN. I tryed it but it doesn't seem to work. The download is still not limited.
Moreover I don't want to use a queue for the whole LAN (just for the part that goes into WAN1) so I can't use a queue on the LAN interface (or I haven't found out how to specify that) -
OK problem solved.
I used "match" floating rules to catch all traffic on a specific interface and force it to go through a queue limited to 60 Mbit/s
Link : https://forum.pfsense.org/index.php?topic=120380.0
Thx -
I just wanted to say THANK YOU. I've been like a whole month searching for this and couldn't find it anywhere and you were kind enough to not only state the exact same problem I was having but also to show up with a tutorial.
You're pure gold !