Configuration needed in pfsense + l3 + vlan for even internet dsitribution



  • I have pfsense + vlan in L3  switch which is working fine

    As i have 50 Mbps ILL sometimes some users utilize all the bandwidth while other are getting poor internet

    So my requirement is that

    for internet users
    VLAN 1,2,3 will surely get 10 Mbps and VLAN 4,5 use remaining bandwidth which must be fairly equally distributed among all the users

    Also if there is no users in vlan 1,2,3 then the 50 Mbps total bandwidth must be equally distributed between current users.

    It is also to be mentioned that all streaming websites access must be within 20 Mbps for all and evenly distributed

    Also it must be ensured that all intranet users should connect the locally hosted servers in LAN speed

    Please specify the required configuration needed for this either using limiters or traffic shaping

    Waiting for valuable reply and any queries

    My Current configuration is as below:

    I HAVE CONFIGURED 5 VLANS IN OUR L3 SWITCH

    L3 configuration:

    VLAN DETAILS
    VLAN1 192.168.0.0/24 GW 192.168.0.1
    VLAN2 192.168.1.0/24 GW 192.168.1.1
    VLAN3 192.168.2.0/24 GW 192.168.2.1
    VLAN4 192.168.3.0/24 GW 192.168.3.1
    VLAN5 192.168.4.0/24 GW 192.168.4.1
    VLAN6 192.168.5.0/24 GW 192.168.5.1

    Pfsense is connected to untagged port VLAN2 of L3 switch

    In L3 switch all vlan are routed to each other

    0.0.0.0 is routed through 192.168.1.2(IP of PFSENSE)

    Pfsense configuration version using 2.4.3-RELEASE (amd64)

    Wan side static ip with gw
    Lan side static ip 192.168.1.2 gw 192.168.1.1 i.e pf sense in VLAN 2

    In routing static routes
    192.168.0.0/24 LANGW - 192.168.1.1 LAN
    192.168.2.0/24 LANGW - 192.168.1.1 LAN
    192.168.3.0/24 LANGW - 192.168.1.1 LAN
    192.168.4.0/24 LANGW - 192.168.1.1 LAN
    192.168.5.0/24 LANGW - 192.168.1.1 LAN

    In NAT
    Automatic outbound NAT rule generation (IPsec pass through included) option is selected which automatically generate NAT rules

    On alias named campus are created with range 192.168.0.0/24,192.168.2.0/24,192.168.3.0/24,192.168.4.0/24,192.168.5.0/24 i.e (except pfsense vlan2)

    In rules in LAN section rules

    From LAN NET to any

    From Source alias campus to Destination any

    –---------------------------

    In PCS we gave ip and gw of corrosponding VLAN segment and DNS is 192.168.1.2(IP of PFSENSE)

    Every thing is working fine



  • I am now going to follow the guidelines https://forum.pfsense.org/index.php?topic=145255.0