Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Shaper: nested queues

    Scheduled Pinned Locked Moved 2.0-RC Snapshot Feedback and Problems - RETIRED
    4 Posts 3 Posters 1.9k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      Peter Kaagman
      last edited by

      Preface:
      I work for a school in the netherlands (http://www.atlascollege.nl). This school is an organisation with 5 separate educational location and 1 central adminstration. Al those locations share 1 Internet uplink of 40mbits. To make sure each of those locations gets its fair share of that bandwidth we have a (linux based with tc) traffic shaper in production. In essence each of the location has a right on 6mbit bandwidth and can borrow from other queues if the other does not utilize their bandwidth.

      To do this we have a Linux box with a couple of bash script implementing iptable and tc rules. This has worked just fine for a couple of years but:

      • we are looking for more ease of use
      • we need to provide for new services (vpn for instance)

      pfSense looks like a serious candidate to replace our current setup. Traffic shaping is heavy on our wishlist. Not the QOS part…. but sharing bandwidth.
      Our shaping model:
      At the moment we have 3 mayor network: WAN, LAN (with at least 6 subnets) and a DMZ. Shaping is done on the LAN interface. The first layer of queues divides between WAN and DMZ. All traffic from the DMZ is assigned to a DMZ queue  being at least 60mbit but borrows from the WAN queue if that one allows it.
      The WAN queue is devided in queues for each of the locations.
      Traffic coming from the DMZ network is assigned to the DMZ queue based on the source ip. Traffic for the locations is assigned to their specific queue based on the target ip.

      pfSense 1.2.3:
      I did not seem able to nest queues in the 1.2.3 version which is vital for my setup.

      pfSense 2.x (the march 3 version):
      In this version I was able to make a hierarchial tree of queues. I saw borrowing from other queues is possible. But where are the rules to assign traffic to a specific queue? Is this still to come in this version?

      In essence my question:

      where is the GUI interface to make rules for shaping

      1 Reply Last reply Reply Quote 0
      • P
        Peter Kaagman
        last edited by

        owke…. just found it  :'(.... floating rules seems to be the keyword and they are located in te firewall rule section

        1 Reply Last reply Reply Quote 0
        • E
          eri--
          last edited by

          Its not limited just to Floating rules.

          1 Reply Last reply Reply Quote 0
          • D
            dusan
            last edited by

            Every firewall rule is a traffic shaping rule. The keyword is 'queue'.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.