Can I bridge two interfaces and traffic shape a 3rd?
-
I am setting up a pfSense computer that I plan on using as a wireless router. I've got three NICs; two ethernet and one wireless. To allow my wired and wirelessly connected computers to communicate with one another as if they were on the same subnet, I'd like to bridge the wireless controller and one of the ethernet controllers together. I'd also like to use traffic shaping for internet traffic.
When reading some literature on pfSense I ran into a statement that bridging and traffic shaping did not work together, but it wasn't very clear on if it meant traffic shaping between the two interfaces, or just any traffic shaping in general.
I would imagine that I could bridge two interfaces together and still use traffic shaping on a 3rd interface since the shaping is really only applied to the interface that's connected to the internet, right?
Just wanted to make sure!
Thanks,
-Chris
-
The shaper is bound to two physical interfaces, typically this is WAN and LAN. While it's true that upstream traffic will get limited regardless of what interface it came from, the traffic will get shunted to the default queue as the queueing decision is actually made on the inside interface. You will also take a hit on traffic from OPT to LAN (regardless of bridging) because the queue(s) applied to LAN will limit the xfer from OPT to LAN to the max download speed you entered (and will obviously impact your ability to download stuff from the net at the same time).
There is currently a bounty open for making related changes to the shaper code. You can see the thread here: http://forum.pfsense.org/index.php/topic,2718.0.html
–Bill
-
Aw durn! :-[
So what you're telling me is that traffic across the bridge will be limited to the speed I enter in the traffic shaper?
With Linux, I know that I can just make a bridge interface and it will look like a single network device. If I could do the same thing with FreeBSD, would it help me in any way?
If all else fails, can m0n0wall shape a bridged interface? (I know that it uses a different shaper)
-
m0n0wall can shape on bridges (it uses dummynet).
-
I think I'll solve my problem by just having two subnets and specifying IP addresses when doing Windows file browsing between the subnets.
-
Uh oh! I just installed pfSense, but it looks like I can only shape the traffic coming from one interface? (I can traffic shape only traffic that is connected to my wired or wireless connection, but not both?) Is that right?
-
Yes. You can only shape 2 interfaces total on 1.0.*
-
Aw durn. :'( Well I'm either installing m0n0wall or waiting for this functionality in the next release of pfSense!