Multi-WAN and traffic shaping
-
Currently, I have a DSL connection providing my WAN connection. I also created three WAN interfaces for my VPN connections (VPN1_WAN, VPN2_WAN, and VPN3_WAN). On the other side of the equation, I have my LAN and 9 VLANs (although at this time I am only utilizing 5 VLANs). Using the Traffic Shaper Wizard I set up using 4 WAN interfaces and 10 LAN interfaces, when I get to the first part when asked what the upload/download speeds are for the WAN devices, I am at a loss.
My speed in theory is 20Mbps/5Mbps, and after many speed tests, I come up with my numbers (minus 10%) for the first WAN interface. Now should I use the same numbers for the other WAN interfaces or should I just use a single WAN interface when I use the wizard. Because my thinking is that if I use the 4 WAN devices and plug in the up/down speeds, I would assume (assume can be dangerous at times) that pfsense will believe that I have 20Mbps/5Mbps * 4 (or 80Mbps/20Mbps, and just using the advertised speed as opposed to the real speed) rather than just the 20Mbps/5Mbps shared among 4 WAN interfaces.
Since I am on this issues with the Multi-WAN/Multi_LAN, if I make use of (for instance) VOIP, and want to make use of UDP ports 19302-19309, I am assuming that everything ends up as a floating rule and will be handles across the board on all interfaces? I have yet to tackle the traffic issue because of the numerous interfaces, but I am now having issues with things like VOIP, etc, so would like to resolve this.
Any pointer would be greatly appreciated!
-
The wizard is pretty bad. Other than the default floating rules, I ditched the wizard and did everything myself.
If possible, I'd just use Limiters and setup fq_Codel, which is pain right now but should be a simple check-box soon. Limiters have the benefit of being able to shape ingress, allowing for easy multi-WAN shaping, and fq_Codel is turn-key for nearly every situation with no config other than setting the bandwidth.