Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    How to limited bandwidth for download and upload but not for browsing?

    Scheduled Pinned Locked Moved Traffic Shaping
    9 Posts 5 Posters 1.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      Jane_1997
      last edited by

      Hi guys!
      I was trying to config traffic shaping on my pfsesne. I used the traffic shaping wizard and limited the download and upload bandwidth on my wan interface and it works fine.
      My next goal is to have limited bandwidth for download and upload but unlimited bandwidth for browsing. I've searched alot and couldn't find the answer.Is there any way to do that?
      I'm using pfsense 2.3.4

      1 Reply Last reply Reply Quote 0
      • N
        Nullity
        last edited by

        Make ports 80 (HTTP) and 443 (HTTPS) unlimited.

        Please correct any obvious misinformation in my posts.
        -Not a professional; an arrogant ignoramous.

        1 Reply Last reply Reply Quote 0
        • J
          Jane_1997
          last edited by

          @Nullity:

          Make ports 80 (HTTP) and 443 (HTTPS) unlimited.

          How can I do that?

          1 Reply Last reply Reply Quote 0
          • johnpozJ
            johnpoz LAYER 8 Global Moderator
            last edited by

            So how does that limit him when he is uploading or downloading on 80 or 433?

            He didn't say he was downloading or uploading via some other protocol..

            An intelligent man is sometimes forced to be drunk to spend time with his fools
            If you get confused: Listen to the Music Play
            Please don't Chat/PM me for help, unless mod related
            SG-4860 24.11 | Lab VMs 2.8, 24.11

            1 Reply Last reply Reply Quote 0
            • N
              Nullity
              last edited by

              @johnpoz:

              So how does that limit him when he is uploading or downloading on 80 or 433?

              He didn't say he was downloading or uploading via some other protocol..

              True, but prioritizing 80/443 would only improve browsing, right? It would not make it any worse.

              I wish pfSense had the ability to classify streams by data transferred or time-span like iptables can. Maybe snort or squid can do that?

              @The Windrunner
              Can you share more details about your traffic-shaping config and anything else you think could help us help you.

              Please correct any obvious misinformation in my posts.
              -Not a professional; an arrogant ignoramous.

              1 Reply Last reply Reply Quote 0
              • J
                Jane_1997
                last edited by

                There's a little change in my scenario. I understand that I have to use limiters to limit each user instead of the wizard. so I create 2 limiters and then defined a firewall rule in order to apply those limiters.after that when I use the speedtest it says it's working just fine but when I try to download something (using both IDM and browser) I get the whole bandwidth.
                I attached my configurations.

                UPDATE: I've found out that it is squid's problem. When I disable squid proxy server my limitation's work fine but I don't know how they should work together.

                2.PNG
                2.PNG_thumb
                3.PNG
                3.PNG_thumb
                4.PNG
                4.PNG_thumb
                5.PNG
                5.PNG_thumb
                6.PNG
                6.PNG_thumb
                7.PNG
                7.PNG_thumb

                1 Reply Last reply Reply Quote 0
                • NogBadTheBadN
                  NogBadTheBad
                  last edited by

                  Squid will uses its cache and not go out to the internet if your trying to download the same file each time ?

                  You don't need to worry about if the file is cached, if it is it wont eat into your bandwidth.

                  Andy

                  1 x Netgate SG-4860 - 3 x Linksys LGS308P - 1 x Aruba InstantOn AP22

                  1 Reply Last reply Reply Quote 0
                  • johnpozJ
                    johnpoz LAYER 8 Global Moderator
                    last edited by

                    "UPDATE: I've found out that it is squid's problem. When I disable squid proxy server my limitation's work fine but I don't know how they should work together."

                    Well when you use squid why would it be limited?  Squid that is running on pfsense is going out and getting what the client asks for.  Your limiters are based upon traffic coming into the lan interface.

                    You should be able to limit bandwidth in squid.

                    An intelligent man is sometimes forced to be drunk to spend time with his fools
                    If you get confused: Listen to the Music Play
                    Please don't Chat/PM me for help, unless mod related
                    SG-4860 24.11 | Lab VMs 2.8, 24.11

                    1 Reply Last reply Reply Quote 0
                    • R
                      robnitro
                      last edited by

                      The most difficulty is to set up floating rules for inbound.  For example, I wanted to put http downloads for XBOX in a low priority queue.  I did a floating rule for 80 source,  destination (xbox IP), to go to my lowprioqueue.  But even though the floating rule is at the bottom, it never gets used.  It's hard to do inbound matching, any help on this?

                      1 Reply Last reply Reply Quote 0
                      • First post
                        Last post
                      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.