Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Crude SSL limiter not working on Win 7/64 and Chrome

    Scheduled Pinned Locked Moved Traffic Shaping
    4 Posts 3 Posters 766 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      pFbubba
      last edited by

      Howdy!

      Fairly new to pfSense, and I've set-up a crude limiter to reduce the bandwidth available to HTTPS connections to act as a way to "discourage" YouTube use (not "block"), but not effect games, non-HTTPS web browsing, etc.

      Basically, I limit all port 443 traffic on the LAN side to 128kb/s, it works on the Google search page and other HTTPS connections (syrupy ISDN speed!), but games, etc. work fine.

      YouTube-wise, it seems to work fine on Win 7/32 but on a Win 7/64 machine with Chrome, YouTube videos stream/cache at the full bandwidth of the link!

      Any ideas how Chrome/YouTube can circumvent a limited HTTPS connection?

      1 Reply Last reply Reply Quote 0
      • N
        Nullity
        last edited by

        @pFbubba:

        Howdy!

        Fairly new to pfSense, and I've set-up a crude limiter to reduce the bandwidth available to HTTPS connections to act as a way to "discourage" YouTube use (not "block"), but not effect games, non-HTTPS web browsing, etc.

        Basically, I limit all port 443 traffic on the LAN side to 128kb/s, it works on the Google search page and other HTTPS connections (syrupy ISDN speed!), but games, etc. work fine.

        YouTube-wise, it seems to work fine on Win 7/32 but on a Win 7/64 machine with Chrome, YouTube videos stream/cache at the full bandwidth of the link!

        Any ideas how Chrome/YouTube can circumvent a limited HTTPS connection?

        Chrome might be using QUIC: https://en.wikipedia.org/wiki/QUIC

        Please correct any obvious misinformation in my posts.
        -Not a professional; an arrogant ignoramous.

        1 Reply Last reply Reply Quote 0
        • P
          pFbubba
          last edited by

          @Nullity:

          Chrome might be using QUIC: https://en.wikipedia.org/wiki/QUIC

          Give this man a cookie!  :)  Yup, that was it…

          You can limit UDP on ports 443 and that'll do it, or in the Chrome advanced settings there's a toggle for QUIC.

          Thanks!

          1 Reply Last reply Reply Quote 0
          • H
            Harvy66
            last edited by

            I find limiting undesirable traffic is more difficult than prioritizing (loose term) desirable traffic.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.