Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Another traffic shaping question

    Scheduled Pinned Locked Moved Traffic Shaping
    1 Posts 1 Posters 1.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      Cybdex
      last edited by

      Im new to pfSense, so hello everyone :)

      Oki, quick run through of the setup in question:

      pfSense 2.0 Release(i386) - Single LAN, Single WAN - 25/25 Fiber internet

      Example:
      pfSense LAN ip : 192.168.0.1
      Client LAN ip : 192.168.0.10
      WAN ip: 200.200.200.200 (example)
      uTorrent static port: 30000

      Oki, ive run the "Multi WAN, single LAN" wizard as per pfSense doc.. And to simplify things im gonna ask to see if i understand this correct..

      In my states log i get this when i open a regular webpage (ofc. loads of loads of more.. but for simplicity)
      192.168.0.10:34553(rand port) -> 200.200.200.200:22342(NAT translated random port??) -> 100.100.100.100:80 (the webserver im connecting to)
      Then i get:
      100.100.100.100:80 <- 192.168.0.10:34553

      Now, i asume this is data from my client TO the webserver, and back. A default floating rule of "WAN - TCP - ANY - port 80 - qACK/qHighPrio" should tackle this.. right? Atleast i would understand that data coming and going on port 80 on the WAN side, would get into this queue.. And from what i gather, it seem to be put in the correct queue..

      However.. Torrent traffic is a wee bit worse.. This is kinda what it looks like:

      192.168.0.10:30000 (utorrent port) -> 200.200.200.200:54332(random nat port) -> 123.123.123.123:32344(random port depending on their torrent client)
      and
      123.123.123.123:32344 <- 192.168.0.10:30000

      Now, the last traffic here i would suppose be picked up by my "torrent rule".. ie: "WAN - TCP/UDP - ANY - Port 30000 - none/qP2P" .. Am i right so far?

      The first tho, how would that be picked up? It does not enter "into" the WAN interface in any shape or form as port 30000. What i did was make a copy of my WAN rule as a LAN rule (as packets would atleast travel from my client into the LAN on port 30000 before it gets translated to a random NAT port of some kind. But i still seem to end up with the bulk of the P2P traffic in the "default" queue. Not sure if the "LAN/WAN" setting actually work this way?

      Yes, i know torrents are "hard", but is there absolutely no way of doing this without making a "p2p catchall" rule?

      And a quick one at last. Im no network guru by any kinds, or i would prolly have figured this out by now, but am i to understand that the floating rules that it will match the top rule first, and skip the rest, or will it check all the rules before making a decision?

      Ex:
      #1: WAN - TCP - ANY - port 80 - qACK/qHighPrio
      #2: WAN - ANY - ANY - IP:192.168.0.10 - qLowPrio/qP2P

      What would happen with webtraffic on my client (192.168.0.10)? Would it "pass" the first rule and be put in highprio queue? or would the last rule override everything?

      Sorry for my n00bish questions, but i really hope someone can answer them in a "as easy that your mother would understand" manner :)

      C

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.