How to limit upload bandwidth only to certain destinations on the internet?
-
I have an older firewall that I cannot upgrade until later this year, but I need to manage the upload bandwidth used when sending data to certain cloud backup vendors.
I have tried to follow the documentation, but I cannot disrupt connectivity - so I am going to ask for advice.
How do I limit the bandwidth used when sending data to certain cloud backup providers?
I will start with Backblaze.Their upload targets are:
- 206.190.208.0/21
- 104.153.232.0/21
- 149.137.128.0/20
- 45.11.36.0/22
- 2605:72c0::/32
All Backblaze servers use the *.backblaze.com or *backblazeb2.com domains.
Would someone explain to me how to limit the outgoing bandwidth to these addresses?
I assume I would create an alias for the destinations, but how would I build the limiter and use that?
-
@lburns You can use a LAN firewall rule to assign a queue:
https://docs.netgate.com/pfsense/en/latest/trafficshaper/limiters.html#assigning-and-using-limitersSo something like, LAN rule, allow from device IP (or any) to BackBlaze_Alias, set an IN pipe to your 10Mbps limiter.
Remember it will take effect for new connections.
Often times, the device can do that also, for example Datto and rsync have speed limits I know. I don't know about Backblaze.
DNS probably won't work for your alias. If their list of subnets is incomplete, pfBlocker has a way to create aliases by ASN (company/registered IP blocks).
-
Thanks man.
While you typed this, I set up a virtual server and tested in a sandbox..got it!
