[SOLVED] Need help with shaping P2P traffic through VPN



  • I've almost managed to shape my Deluge traffic going through my PIA VPN by following this post https://forum.pfsense.org/index.php?topic=71513.0 , but I'm struggling to get the VPN rule to work.

    in my states I see:

    and I've managed to create a LAN rule, but how do I create a rule for the VPN link to tag the traffic so I can shape it?  Or, should I be shaping deluge another way?  At the moment it's going into qLink which is buggering up my whole network - rather than into qP2P where I've managed to put my usenet traffic.

    Thanks in advance.



  • The best way is to use the bandwidth limiting features within the Deluge client itself.



  • @Nullity:

    The best way is to use the bandwidth limiting features within the Deluge client itself.

    I'd rather prioritise the traffic so if the connection is unused, p2p can use it.  I've managed this with Usenet traffic.



  • I'm not familiar with Deluge, however I do shape traffic inside my vpn tunnels.  I have a site to site OpenVPN connection setup and I like having some traffic have a higher priority than others.  For instance, I downgrade bulk traffic for backups and prioritize higher web and other traffic.  I tried lots of ways.  I found that marking the vpn packets doesn't work, and the VPN is already encrypted on the WAN interface, so there's no way to see the traffic to give it priority.  So I shape it before going into the tunnel.  This is what I do:

    I create an interface for the OpenVPN connection under Interfaces – > Assign

    Then go into the traffic shaper configuration.  I added two queues to my OpenVPN interface.  I just call them qHigh and qDefault.  Make sure the box is checked on the qDefault one as this will get all the traffic that is unmatched on the VPN interface.

    Go to your firewall rules and click on the tab for your OpenVPN interface.  Add rules here for the different types of traffic you want to traverse the vpn.  If you have a specific thing like Deluge that uses a specific port number create a pass rule for it.

    In the Advanced part of the rule select your queue you would like the traffic to go in.  For instance I prioritize HTTP traffic, so I create a pass rule with port 80 TCP and assign it to None / qHigh on the advanced section.

    Any other traffic should just go to the qDefault queue.  All the traffic is shaped before it is encrypted.  If you want to then combine it with your other traffic streams on your WAN, you would need to shape the VPN tunnel itself against all of your other traffic.



  • Thanks all.

    I'm not sure how, but I managed to create some LAN rules that on the P2P/Usenet ports that queued my traffic.