Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    A queue used for varios IPs = PROBLEM

    Scheduled Pinned Locked Moved Traffic Shaping
    12 Posts 2 Posters 5.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • E
      EduFrazao
      last edited by

      Hi all!
      I want to use pfSense in a Wireless Internet Provider, to control bandwidth and DHCP for all clientes ( about 300 )…

      We have 8mbps of total bandwidth down, and 1mbps UP..

      Some clients, have 256kbps of bandwidth, others 512, others 768.

      I Want to create this three queues ( 256, 512, 768 kbps ), and create firewall aliases, 256, 512, and 768, and put the ips of each client in this groups. Latter, in the shapping rules, create a rule for Upload and Download, to each group...

      Well... At this moment, i reach to do that... The problem is: If I have 4 clients in the 256kbps group, and this 4 clients make a download, the bandwidth of the queue is splited for this 4 clients... I Want that each client, have 256kbps, not the clients share the bandwidth of the queue...

      How can I do that? Can I create a queue, that can be used for various clients, allowing the named bandwidth for each client without share himself?

      Sorry by bad english...

      1 Reply Last reply Reply Quote 0
      • E
        eri--
        last edited by

        Actually only really possible in 1.3!
        In 1.2 you can accomplish that but only if your intimate with the shaping.

        1 Reply Last reply Reply Quote 0
        • E
          EduFrazao
          last edited by

          Im tryng to use it on 1.3 too, but, when I choose the IN/OUT limiter ( Inserted In Firewall / Traffic Shapping / Limiter ), the traffic stop…

          I can conect on a WebServer in example, BUT, nothing returns... If i
          n the same rule, I change the In/Out limiter to NONE, all works...

          Can you help me to make a correct limiter?

          Thanks!

          1 Reply Last reply Reply Quote 0
          • E
            eri--
            last edited by

            Simple enough you need to 2 limiters 1 for in and one for out.
            Create one with src-mask and the other with dst-mask

            For in choose limiter with src-mask and out the one with dst-mask
            That should do it.
            If it does not post screenshots, config.xml and /tmp/rules.debug here for review.

            I assume the rule that you set in and out is in one of your lans.

            1 Reply Last reply Reply Quote 0
            • E
              EduFrazao
              last edited by

              The problem continues…

              Ive Posted some ScreenShots, Config, and Debug files, as solicited...

              This is the Limiter IN

              This is the Limiter OUT

              Firewall LanRules

              Firewall Default Lan Rule ( Was This Rule that Ive changed to use the Limiter IN/OUT)

              This is a Download with Limiters Turned ON in the firewall rule…
              Note that connection was maded, but the return can reach the destination ( at least I think that )

              And NOW, a Download if I remove the limiters from the rule:

              HERE is my /tmp/rules.debug:
              http://pastebin.com/f274b1ab

              And, here is my config.xml ( /cf/conf/config.xml )
              http://pastebin.com/f3b36e187

              Please… If anyone can Helpme...

              1 Reply Last reply Reply Quote 0
              • E
                EduFrazao
                last edited by

                Only for information: This is the version Alpha that Im using:  pfSense-20081024-1237.iso

                Thanks a lot

                1 Reply Last reply Reply Quote 0
                • E
                  EduFrazao
                  last edited by

                  Another thing that ive noted is:

                  When the LIMITERS is ON on the firewall rule, any tcp connection that I make, open two conections on PfTOP..

                  One, with State in 4:4 and other in State 4:2

                  If I try in example, to conect on a smtp server, via telnet, I reach..  But any data is received ( even the Wellcome message of the SMTP Server ).

                  When I remove the Limiters from the rule, I reach to connect in the same SMTP Server, and operate with him normally..

                  IN PFTOP, appears two conections too, but both in State 4:4

                  I Dont know what this states can tell, everyway, im here posting :)…

                  1 Reply Last reply Reply Quote 0
                  • E
                    EduFrazao
                    last edited by

                    Other Information: In a ping test, with 100 packs..

                    ALWAYS occour 92% of loose… Always.. The same loose count...

                    The packet loss of the queue is 0... Ive config it to 1, to test, but Ive got the same result...

                    Please... Anyone can Helpme?

                    1 Reply Last reply Reply Quote 0
                    • E
                      eri--
                      last edited by

                      Can you try one of the latest snapshots the limiter should behave correctly now since i fixed the issues.
                      Please give me a confirmation on this.

                      1 Reply Last reply Reply Quote 0
                      • E
                        EduFrazao
                        last edited by

                        Oh… Thank you so mutch Ermal... I will test it now!!!

                        And, came back to do a feedback!

                        Thanks again!!!

                        1 Reply Last reply Reply Quote 0
                        • E
                          EduFrazao
                          last edited by

                          OH.. Its seens to be working now…

                          I will do more tests with more complex filter rules and aliases...

                          For success or not, i will reply here ok???

                          IMENSE thanks!!!

                          1 Reply Last reply Reply Quote 0
                          • E
                            eri--
                            last edited by

                            Can i have some feedback from this?

                            1 Reply Last reply Reply Quote 0
                            • First post
                              Last post
                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.