PfSense 2.0 RC1 VoIP LAN, Data LAN, single WAN

  • Hi,

    I have a subnet dedicated to the VoIP phones in my office, and one dedicated to DATA. I have a WAN connection on a cable modem, its 20Mb downlink, and a 1Mb uplink. I want to give full priority to traffic coming from the VoIP LAN as these will only contain phones and need to have priority over everything.

    Ideally I would not specify any specific size for the VoIP queues, it should get as much as it needs, and then any left over can get used for DATA.

    I can see how to do this for uplink, by creating a couple of queues under the WAN connection, I have qACK, qDefault & qVoipUp. I have a rule on the VoIP LAN page to add packets to the qVoipUP queue. This seems like it should work (should I have anything set for the Ackqueue in this rule, or just the Queue set as I have now?).

    What I can't see is how to setup the queues I would need for the download. I can see you can create queues on each LAN (DATA & VoIP) but how do you give priority from the WAN downlink traffic to a queue in the VoIP subnet over the DATA one?



  • You're making it too complicated.  Just use the shaper wizard (what release are you running?)  Specify things to the wizard such that it knows you want to do voip, and there should be an entry for an IP to get special priority - I have done a single IP, don't know if you can do a subnet here.  Also, depending on how QoS on the phones is set up (if at all), that can be used to tickle the traffic into the higher priority queue.

  • I'm using 2.0 RC1.

    I'll try the wizard again, but  I'd still like to know how to share downlink bandwidth between multiple LANs. Its seems to me that the only shaping you can do is when entering an interface from within the firewall (i.e you can shape uplink because you are entering the WAN interface from a LAN), If you have just 1 LAN this can work as you can shape the traffic going into the LAN and thats all the downlink traffic anyway.

    Since I have 2 LANS I think I can only prioritise traffic within any LAN, so VoIP over HTTP over P2P etc, but not one LAN over another.

    Or have I misunderstood this all together and there is a way to shape downlink WAN traffic before it goes to whichever LAN its destined for?



  • It's not easy to try to keep inbound tcp traffic from screwing with inbound udp (voip) traffic.

  • So I have looked into this a bit more, and read up on ALTQ etc. I understand now a bit more about how it works, and why you can only shape traffic the leaves an interface (because if you think about it once the traffic has entered the interface its already there and used up the bandwith).

    What I would like to know though is if I have multiple VLANs assigned to the same physical interface, can I think add a queue to that interface and shape all the traffic across the multiple VLANs?



Log in to reply