Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Excluding a single device from floating rule with CoDel limiters

    Traffic Shaping
    1
    1
    218
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      Sikh
      last edited by Sikh

      Hey folks,

      I have been using limiters since pfsense 1.2.3 when my internet was 60/4. Since then, I've always had one device that was excluded from the general "default lan" rule and had its own limiter.

      So the setup looked like this:

      Firewall > Rules > LAN

      • "Dedicated Upload/Download for (device)": Added (device)up and (device)down limiters
      • "Default allow LAN to any rule": Added WANUp and WANDown limiters

      Firewall > Traffic Shaper > Limiters

      • deviceUp: 1meg
      • deviceDown: 1meg
      • WANUp: 3meg
      • WANDown: 55meg

      Around the 2.1/2,2 days, I switched to having limiters with Queues because my internet got faster (200/10), my network got larger and it was time to update my limiter configuration.

      With this update, all I did was add queues to the WANUp and WANDown limiters. So the configuration looked like this:

      • Parent limiters
        • QMA was set to Tail Drop (default)
        • Scheduler was set to Worst-case Weighted fair Queueing (default)
      • Queues
        • Mask was changed to match direction (download = destination, upload = source)

      Everything else, including the "dedicated device" rule and limiter stayed the same.

      But since Friday 12/9/2022 (9/12/2022 for the rest of the world), I have switched to CoDel limiters now that they are stable and working and because i have been on 2.6 for 3 months now and haven't had any major issues. One of the reasons I switched to CoDel was so I can utilize my full bandwidth across my network and not have to worry about bufferbloat or having my gaming connection see ping spikes or congestion as other devices were active. Also my old method of dealing with bufferbloat which was to set the download speed a little lower than max to allow for other traffic to flow is ancient and I can do better.

      But, since I've switched to CoDel, I realized the dedicated device rule I have setup isn't working because its still set up under the "LAN" tab versus the CoDel limiter which is set up under "Floating".

      I tried setting up the same exact Floating rule but have it above the "general WAN" Floating rule and setting the destination address to the single device IP but that isn't working.

      My goal is to exclude this device from the general rule / shaping of my network. The reason for this is, this device will always use a set amount of bandwidth and its always upload. Right now this device is my wife because she's doing a lot of video editing and I've dedicated 10 megs out of 35 to her. Before moving to CoDel limiters, this was working fine. I set her up with 10 megs, the rest of the network with 25. We could use all 35 megs of our upload and I would see no ping spikes at all. She would be able to max out 10megs uploading large files while the rest of the LAN had 25 megs and my connection when gaming was unaffected.

      My question is, how would I go about replicating my old config of having a dedicated device rule / limiter and a general WAN rule / limiter with Floating rules and CoDeL limiters?

      My ideal setup would be

      • Rule for dedicated device with limiters for up and down set to 10megs
      • Rule for the entire network with limiters for up and down set to 600 and 25 respectively

      Apologies in advance for the long post but I wanted to make sure I didn't leave any details out and provided enough context so folks reading this understand what I am trying to achieve.

      Thanks in advance for your time!
      Sikh

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.