Exclude local ip from Traffic Shaping
-
Hello,
I am setting up a new pfsense machine with release 1.2.3-release, now I am just testing and studying pfsense in order to pass to the new firewall if there are not any blocking issue.One of the things I don't understand is how to exclude from the traffic shaping the traffic between LAN and DMZ (optional interface), and between LAN and some other network directly connected to the WAN network (some dedicated connection to some customer's networks).
I think, but I'd like to have a feedback, I could manage like this: I create a "root" queue of 2gbps (both ingoing and outgoing), and a second queue of 20mbps (the bandwith of our internet connection) that will be the "root" for the packets that have to be routed throught out internet connection.
So I would have:
Root Queue: 2gbps, root
Internet Queue: 20mbps, parent: Root
Default Queue: 1%, parent: Internet Queue
ACK Queue: 25%, parent: Internet Queue
1st queue: X%: parent: Internet Queue
2nd queue: X%: parent: Internet QueueThen the rules will include a first rule to identify traffic from LAN to DMZ, LAN to dedicated connections, then rules for QoS from DMZ to the internet…
Do you think this could work?
Thanks,
Michele