Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Prioritizing traffic when using LACP LAN?

    Scheduled Pinned Locked Moved Traffic Shaping
    3 Posts 2 Posters 511 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      mmiller7
      last edited by

      I'm trying to overcome some issues with high load degrading phone calls thru a femtocell (mini short range cell tower) and VoIP breaking up badly when my (small) upload is near capacity such as cloud syncing backups from a LAN PC.

      I've got it set up going out multiple WAN interfaces as fail-over, and I followed this guide to set up codel on the primary WAN (which has consistent speeds) but my backup is Starlink which varies substantially with satellite load out of my control (like 2x2Mbps to 190x20Mbps) so I can't just set a simple limiter with fixed bandwidth.

      I attempted to follow several guides using the traffic shaping wizard, but it won't let me pick my LAN interface because apparently LACP doesn't support ALTQ and all the guides I can find use the wizard to set up anything more custom than a basic CODEL hard-bandwidth-cap so I'm unsure what my options are now.

      My interfaces:
      WAN1: Cable modem 1000x50 Mbps (igb driver)
      WAN2: Starlink variable best-effort 2x2Mbps up to 190x20Mbps (igb driver)
      WAN3: Cellular (realtek driver)
      LAN (untagged): primary LAN devices (lagg LACP bonded 2x igb ports)
      VLAN2: local-only traffic without internet access
      VLAN3: guest-internet, isolated from LAN)

      My LAN and Guest go out a HA gateway failover group if that matters.

      Is there some way I can set up some kind of limiter so that the specified LAN IP addresses that are for femtocell and VoIP stuff will always get top priority and then the rest of my "anything else" LAN+Guest network gets "whatever is left" WAN throughput with this configuration?

      M 1 Reply Last reply Reply Quote 0
      • M
        michmoor LAYER 8 Rebel Alliance @mmiller7
        last edited by

        @mmiller7 why not use policy routing? Have your VOIP go over the faster high quality connection and your backups go over starling OR make sure your backup jobs go over the faster link but the jobs are kicked off during the times you have less load. Don’t think this is an issue with your bonded links

        Firewall: NetGate,Palo Alto-VM,Juniper SRX
        Routing: Juniper, Arista, Cisco
        Switching: Juniper, Arista, Cisco
        Wireless: Unifi, Aruba IAP
        JNCIP,CCNP Enterprise

        M 1 Reply Last reply Reply Quote 0
        • M
          mmiller7 @michmoor
          last edited by mmiller7

          @michmoor Normally that faster connection is the primary WAN (its failover, so it only uses the cable until it goes down) but it's still crap because the upload is so low. 50Mbps doesn't go very far when you have multiple machines fighting for it.

          And then when my cable ISP (annoyingly often) goes out and it fails over to running off Starlink, and in some cases (like my work laptop) I can't control it to separate the backup traffic from "needs to work all the time" traffic because I'm not an admin and they set it up to run everything over VPN that pfsense can't see the content of, so I need to find some alternative way to prioritize per-host.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.