1. Home
  2. pfSense® Software
  3. Retired
  4. 2.0-RC Snapshot Feedback and Problems - RETIRED
  5. Shaper: nested queues

Shaper: nested queues

  • P

    Preface:
    I work for a school in the netherlands (http://www.atlascollege.nl). This school is an organisation with 5 separate educational location and 1 central adminstration. Al those locations share 1 Internet uplink of 40mbits. To make sure each of those locations gets its fair share of that bandwidth we have a (linux based with tc) traffic shaper in production. In essence each of the location has a right on 6mbit bandwidth and can borrow from other queues if the other does not utilize their bandwidth.

    To do this we have a Linux box with a couple of bash script implementing iptable and tc rules. This has worked just fine for a couple of years but:

    • we are looking for more ease of use
    • we need to provide for new services (vpn for instance)

    pfSense looks like a serious candidate to replace our current setup. Traffic shaping is heavy on our wishlist. Not the QOS part…. but sharing bandwidth.
    Our shaping model:
    At the moment we have 3 mayor network: WAN, LAN (with at least 6 subnets) and a DMZ. Shaping is done on the LAN interface. The first layer of queues divides between WAN and DMZ. All traffic from the DMZ is assigned to a DMZ queue  being at least 60mbit but borrows from the WAN queue if that one allows it.
    The WAN queue is devided in queues for each of the locations.
    Traffic coming from the DMZ network is assigned to the DMZ queue based on the source ip. Traffic for the locations is assigned to their specific queue based on the target ip.

    pfSense 1.2.3:
    I did not seem able to nest queues in the 1.2.3 version which is vital for my setup.

    pfSense 2.x (the march 3 version):
    In this version I was able to make a hierarchial tree of queues. I saw borrowing from other queues is possible. But where are the rules to assign traffic to a specific queue? Is this still to come in this version?

    In essence my question:

    where is the GUI interface to make rules for shaping

    0
  • P

    owke…. just found it  :'(.... floating rules seems to be the keyword and they are located in te firewall rule section

    0
  • E

    Its not limited just to Floating rules.

    0
  • D

    Every firewall rule is a traffic shaping rule. The keyword is 'queue'.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy