How does it work?
-
Hi all,
I have a few questions. The first one is: how does the traffic shaper work? Can I assume it reads the TCP headers and checks the flags in every packet? Based on the flag, it pushes the packet to a specific queue? How does the traffic shaper knows the traffic come's from bittorent or any other based P2P network? From my understanding, a lot of rules use ports. But in the case of bittorent the port can be changed. In that case, it's easy to bypass the traffic shaper.
I know that the traffic shaper drops packets based on the RED and ECN algorithm, if that option is enabled in the queue a packet ends in. The wizard also enables a "penalty box". I have enabled that option and specified a host. For some reason, all the traffic from that host is still ending in the "othersdownh" queue, instead of the penalty. Why? From my understanding of the penalty box, all traffic for example from: 10.0.0.2, should end in the penalty queue and thus being able to limit that specific host.
Also I'm using Squid (transparent mode) + Squid guard. Would this be the reason it's ending in the othersdownh queue? Where is the traffic shaper placed: router ==> firewall ==> traffic shaper ==> squid?
Not finished yet :p If I want to split my servers and clients with Vlan's, will pfsense's traffic shaper / squid still be able to work? I know this could be a stupid question, but I've never used vlan's before and need to be sure. The network would then be:
INTERNET ==> PFSENSE (squid, trafficshaper, snort etc)
==> vlan 1: clients
==> vlan 2: serversI'm sorry if these questions have already been answered, but I need to be 100% sure, cause some of this is going into my paper :)
-
Traffic shaping in Pfsense 1.2 is based on IPs and ports, so indeed as you say it is quite useless to classify and shape torrent traffic. In 2.0 there will be "L7 filters", which work by packet inspection.
Squid in transparent mode will send everything to qlandef, see http://forum.pfsense.org/index.php/topic,14436.0.html