Traffic Shaping for multiple LANs

devnull

Hi,

I've read quite a few of the topics regarding my problem but I don't quite seem to get the answers to my problems.
Anyway I've got a 100 Mbps up/down connection connected to a PFS on the outside. On the inside there are 5 local networks. One is for servers and other IP equipment, second is for IP telephony, the third is for WiFi and the remaining two are for stationary pcs.

Now what I would like to achieve is so that the telephone lan has priority for VoIP, and QoS for all the other lans. I've already closed all the necessary ports to the outside so that I automatically block some traffic but I would like to configure it so that all the pcs have an equal share of the connection depending on how many are online. Currently my problem is that some people now download stuff again and again and all it dose is take up bandwidth (had I guy who downloaded 32GB in one day) .

Thanks for the suggestions and help.

Bye

devnull

Hi,

ok now I've tried fiddling around with the traffic shaping and when I try using the wizard I render the network unusable. All of the traffic on the network stops.
I've got a 100 Mbps connection so I entered into the speed feald 102400 kbps. This is right, right?

Now if I try changing the settings manually I keep getting the same result, no traffic in or out.

So now I'm thinking that the wizard is good for when you've got only one LAN, but when you want to configure more complex things you need to do things manually.
But I don't know where to start.

Oh one more thing. Does the traffic shaping affect also connections that have been passed from WAN to LAN like RDP or WWW or not?

Anyone done stuff like this before?

Bye and thanks for the help in advance

danswartz

Not an expert, but I assume you are using 1.2.3 or somesuch?  If so, you might want to give 2.0 a try, since the shaper wizard there is designed to cope with topologies like that.

devnull

Hi,

I'm not sure if 2.0 is ready for a production environment.
But as I said I can't seem to get it working in combination of the wizard and them manually changing a few things.

Thanks and bye

danswartz

Dunno then.

jimp

I don't think the shaper in 1.2.3 is capable of doing this, even manually.

Though you could mimic the setup in 2.0 in a virtual machine, run through the new shaper wizard, and see if you can replicate the resulting rules. I think there were too many changes, however.

carbeam

I have about the same setup as devnull, and the same issues, i have read that the traffic shaper just will not work for multiple lans in 1.2.x.

But i just have to find a solution!!

no i can't go to a beta 2.0 i would love too but i just can't yet.

What i have been thinking lately is setting up a 2nd pfsense box in front of my existing and using it just for shaping.  My only problem is that i just can't seam to get my head around if i'm on the right track.

How can i configure PF sense to pass all my public ip traffic from one IF to the Next, traffic shape and not consume one of my public IPs.

basically looking for a transparent firewall.

I know i'm just missing one piece that is going to make it click i just need a kick in the butt to get me going.

Anyone got a big boot to help me out.