Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Will pfSense do what I need?

    Scheduled Pinned Locked Moved General pfSense Questions
    5 Posts 4 Posters 1.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      joozi
      last edited by

      Hey guys,

      I am thinking about using pfSense for a project I may be taking on. Basically I have a 1Gbps internet connection I want to run through pfSense then onto a switch in order to provide internet access to users in different offices. I need pfSense to share the access equally between the different offices, so each office for example will have a 10mbps connection. I also need to monitor the network, I think i can do this with BandwidthD, NTOP, or Darkstat.

      So my questions: Can the bandwidth be split and shared equally among the different offices? What kind of hardware would I need for this? Are there any Examples of this kind of setup?

      I've attached an example of what the setup might look like.
      preview.png
      preview.png_thumb

      1 Reply Last reply Reply Quote 0
      • P
        podilarius
        last edited by

        Yes, all this can be done in pfSense with the traffic shaper or the limiter. With the limiter, you can hold each subnet to exactly 10mbps. With the traffic shaper, you can hold them to 10mbps if all subnet want full load. They can go above that if the resources are free. As in subnet 1 is only using 5 then subnet 2 can use 15 but will scale down if subnet 1 needs more BW. Not sure of any example setups. As for hardware, perhaps something like this:
        http://www.applianceshop.eu/index.php/firewalls/opnsense/opnsense-rack/opnsense-quadcore-rack-edition-pfsense-appliance.html

        1 Reply Last reply Reply Quote 0
        • J
          joozi
          last edited by

          thanks, I'll try setting up a test system in a VM tomorrow and see how far I get.

          1 Reply Last reply Reply Quote 0
          • K
            ksoviero
            last edited by

            I can't be sure, but I think limiters place some load on the system, and if you are planning to push 1Gbps for a large number of clients, then you are already pushing the hardware kinda hard.

            As an alternative, you may want to do what my collocation center does and simply get a managed switch (or more than one) and FORCE all interfaces going to your clients to auto negotiate to 10/full.  This will give you the 10Mbps you wanted for your clients, but will do it at layer 2 in hardware, rather than in software with pfSense.  This also has the positive of still letting you set the links between your core switches to 1Gbps/full to avoid bottlenecks…

            Just my $0.02 as they say...

            1 Reply Last reply Reply Quote 0
            • C
              cmb
              last edited by

              Numerous ISPs, and businesses that aren't ISPs but act as one (generally sharing their Internet amongst a building of other tenants), do exactly what you describe. Limiters generally the best for that type of usage, and the easiest to configure.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.