Is it possible to limit traffic in such way?



  • Hello,

    I am planning LAN architecture for hosting environment and want to use Pfsense. So I will have about 10 servers. Each of them will have http, ftp, mail, dns services. I will have about 50MBps ineternet connection.

    So I would like to know is it possible to configure Pfsense that if one of my servers will have traffic it will get 100% internet bandwith, if second server will become active traffic will be divided into 50% and 50% to each server and so on? I am talking about bandwith load balancing between all servers depending on usage.

    So can someone tell me is it possible to implement this with PFsense 1.2.3 or with PFsense 2.0 ?


  • Rebel Alliance Developer Netgate

    That's how the traffic shaper will usually work by default. In 1.2.3 (and optionally in 2.0) the HFSC shaping will balance the load, reducing the speed of the fastest transmission so that eventually they should all even out.



  • Thanks Jimp for your reply. 60 views and just one answer to such simple question…

    I thought it is possible just to make priority of protocols: http prior to ftp and so on. I will definitely try this. Can you suggest the computer requirements for PFsense if I plan to use 10-20 servers and about 50Mbits internet line?

    Does someone use PFsense in hosting environment and want to share their experience? Pros and coins?


  • Rebel Alliance Developer Netgate

    There are sizing guidelines on the website and in the book. For 50Mbit though, just about anything 1GHz or over could handle the load. (Often less than that, but the impact of traffic shaping on the CPU might be greater toward the low end)



  • @drift1:

    Thanks Jimp for your reply. 60 views and just one answer to such simple question…

    simple? IMO not.

    @drift1:

    Does someone use PFsense in hosting environment and want to share their experience? Pros and coins?

    I do:
    got my ESX Servers behind pfsense, wich is with 100 Mbit external connected (internal GBit),
    Its all NATed, I limit Mail and p2p traffics bandwidth down to 3 mbit each,
    I use VPN for me and customer private networks to enable their console-access to hosted VMs.

    but this will go off-topic tho



  • @jimp:

    That's how the traffic shaper will usually work by default. In 1.2.3 (and optionally in 2.0) the HFSC shaping will balance the load, reducing the speed of the fastest transmission so that eventually they should all even out.

    Jim, when you say it is optional in 2.0, what setting affects this?  And is that setting in the wizard?


  • Rebel Alliance Developer Netgate

    @danswartz:

    @jimp:

    That's how the traffic shaper will usually work by default. In 1.2.3 (and optionally in 2.0) the HFSC shaping will balance the load, reducing the speed of the fastest transmission so that eventually they should all even out.

    Jim, when you say it is optional in 2.0, what setting affects this?  And is that setting in the wizard?

    I just meant that HFSC is the only shaping algo in 1.2.3, but 2.0 has a couple different ones (HFSC, PRIQ, etc.)



  • sorry i wasn't clear - what i was asking was: what is the load balancing part?


  • Rebel Alliance Developer Netgate

    @danswartz:

    sorry i wasn't clear - what i was asking was: what is the load balancing part?

    HFSC does this by default, traffic in the same queue should eventually even out and take up an equal part of bandwith. Hence the F in HFSC being "Fair" :-)



  • Ah, I was wondering if there was something else involved.  I misread the original post.


Log in to reply