NEWB NEEDS HELP!!! :CRY:



  • Greetings!

    Thank you for looking at  my post you're gonna be a big help as I really need help as
    the title says I'am indeed new to pfsense and I have ALOT of questions to ask I hope
    all of you can help me go through this dilema.

    I apologize if I do not know what some terminology mean but I'll try to search for
    there meaning before asking what it means.

    Now for the problem at hand, I'am currently going to setup a Diskless server with
    2 ISP needed to be connected to the main server. This specific setup is for a gaming
    hub so around 20 PC's connected to a single diskless server and I'm gonna run pfsense
    on a different computer with the 2 ISP together going about load balancing and all but
    what I really need help with is TRAFFIC SHAPING.

    Someone taught me how to do it by using Alliases to declare ports like browsing ports
    like HTTP and then going to Traffic Shaper > Limiter to set the up down speed and tying
    everything up with Rules. I got some screenshot as an example see attachment

    Now the questions:

    1.) Do I need to declare all the ports using Alliases to shape traffic like for example
    I need to limit VoIP programs like Discord/Teamspeak?

    1.1) Follow up question are all the VoIP programs run on a very specific port? Or are
    all of them different? If I limit the ports for Discord would it affect Teamspeak as
    well or are they running on different ports?

    1.2)  Is Alliases>Traffic Shaper>Limiter>Rules the only way to shape traffic? or is there
    a more efficient way?

    1.3) If things go in a specific port what happens to the port that doesn't get assigned
    to a limiter and creates a lag spike is there a way to assign all unassigned port and
    tie it up with limiter and rules?

    2.) Does VoIP/Downloading/Video Streaing run on a specific port?

    2.1) If not how do you limit VoIP/Downloading/Video Streaing in general so It doesn't
    create lag spikes and high latency for gaming while doing those in the background?

    2.2) Is VoIP applies to Video Calling?

    3.) Is there a way to make a bandwidth "RESERVE" so for example all 20 PC's are being
    used everybody using youtube in the background while gaming its gonna eat up your
    bandwidth then the reserve kicks in is there a way to do that?

    3.1) Would you recommend doing question 3 or not?

    4.) What are the optimized speed to limit VoIP/Downloading/Video Streaing/Video Calling
    and other things that might affect gaming keep in mind this is a gaming hub and the
    customers doesn't like lag spike and lag in general if you can suggest some things that
    would be great!

    4.1) More info 2 ISP consist of 10Mbps and 15Mbps connection.

    4.2) I would like to limit video streaming like youtube to the bandwidth that could
    support atleast 480p whats the best speed limit for it?

    5.) How do you evenly share the bandwidth with all the computers and not one hogging
    all the bandwidth?

    6.) How do you block porn effectively?

    I'm really sorry for all the NEWB questions. I really need someone to point me in the
    right directions. Calling all the wizards out there I hope I'll become one someday. See
    attachment for what I've learned so far.

    Best Wishes,

    Carlos
    ![Alliases- Ports.jpg](/public/imported_attachments/1/Alliases- Ports.jpg)
    ![Alliases- Ports.jpg_thumb](/public/imported_attachments/1/Alliases- Ports.jpg_thumb)
    ![7 HTTP-DL.jpg](/public/imported_attachments/1/7 HTTP-DL.jpg)
    ![7 HTTP-DL.jpg_thumb](/public/imported_attachments/1/7 HTTP-DL.jpg_thumb)
    ![8 HTTP-UL.jpg](/public/imported_attachments/1/8 HTTP-UL.jpg)
    ![8 HTTP-UL.jpg_thumb](/public/imported_attachments/1/8 HTTP-UL.jpg_thumb)
    ![(4) Firewall Rules - Lan - Https.jpg](/public/imported_attachments/1/(4) Firewall Rules - Lan - Https.jpg)
    ![(4) Firewall Rules - Lan - Https.jpg_thumb](/public/imported_attachments/1/(4) Firewall Rules - Lan - Https.jpg_thumb)
    ![(5) Firewall Rules - Lan - Browsing.jpg](/public/imported_attachments/1/(5) Firewall Rules - Lan - Browsing.jpg)
    ![(5) Firewall Rules - Lan - Browsing.jpg_thumb](/public/imported_attachments/1/(5) Firewall Rules - Lan - Browsing.jpg_thumb)
    ![(6) Firewall Rules - Lan - Others.jpg](/public/imported_attachments/1/(6) Firewall Rules - Lan - Others.jpg)
    ![(6) Firewall Rules - Lan - Others.jpg_thumb](/public/imported_attachments/1/(6) Firewall Rules - Lan - Others.jpg_thumb)



  • Upgrade to a currently supported pfSense build before doing anything else.



  • Yes I did thank you for the reply this is just a screenshot of the person who taught me.



  • BUMP ANYONE?



  • Hey

    1. No.
    1.1 Unless a program is using standard protocols, it uses its own ports. So yes, I'd say Teamspeak and Discord are both different. You'll have to look up the ports they use.
    1.2 No, there is a traffic shaping wizard and the newer versions (2.3 and up I think.)
    1.3 I don't know that.
    2. Same with 1.1. It depends on the applications and the protocols they use.
    2.1 I'm pretty sure there are options to do things like that with the traffic shaping wizard.
    2.2 What do you mean by that?
    3. and 3.1. What? I'm sure you can set bandwidth limits on specific things if that's what you mean. And yes I would recommend setting bandwidth limits.
    4. and 4.1. and 4.2. Doing about 2 seconds googling I found this: https://stackoverflow.com/questions/24198739/what-bitrate-is-used-for-each-of-the-youtube-video-qualities-360p-1080p-in. 5 PCs watching YouTube in 480p will eat at least one of your Internet links, I guess.
    5. I'm no expert in traffic shaping, so I can't tell how, but I am sure there's a way to do that with pfsense.
    6. You could use DNS Blacklisting with Unbound and pfBlockerNG.

    Some useful links for you:
    https://turbofuture.com/computers/How-to-Configure-Deep-Packet-Inspection-Using-pfSense (somehow wrong title in URL)
    https://doc.pfsense.org/index.php/Category:Traffic_Shaping
    https://doc.pfsense.org/index.php/Traffic_Shaping_Guide

    In general, I'd say there's a lot of possibilities with the traffic shaper to improve your traffic flow. But I can't tell you everything. I think Google will help you a lot.

    Regards, Philipp



  • Wow thanks for the reply I'll mess around with the newer version of pfsense and see how far I can go without being a nuisance to anyone. Thanks for the links I'll definitely check it out cheers!