Bandwidth Management howto configure question?



  • CP+freeradius2
    How to configure bandwidth management?
    Example 10MB internet devided by on 3 groups
    group 1 - total 4MB shared to CP per users limit 768kbps
    group 2 - total 3MB shared to CP per users limit 256kbps
    group 3 - total 3MB shared to CP per users limit 512kbps
    Or this feature is not yet available



  • This is not supported by GUI with some simple clicks.

    Do you store your users on an external database (SQL or LDAP) or do you store them in "users"-file ?
    And can you please explain a little bit more in detail what is happening with your groups.

    Do you mean if in group1 only 1 user is connected then this user should have max 4MB bandwidth and if in group1 there are 2 users connected they both should have 2MB?
    Setting a limit on a per user basis without groups is no problem - just create a user and set the bandwidth for the user you like.

    But in general you can realize everything in the users file with custom options if you like. There is no need to create a "user" with username and password and so on. You can leave all fields empty and just add custom radius commands in there. For freeradius2 specific problems search the freeradius2 mailinglist.



  • Example Total 10mbps internet devided by on 3 groups
    group 1 - total 4mbps shared to CP per users limit 768kbps
    group 2 - total 3mbps shared to CP per users limit 256kbps
    group 3 - total 3mbps shared to CP per users limit 512kbps

    I don't know how to configure this grouping
    example on group 1 total 4MB:
    1 user connected = max 768kbps
    2 users connected = max 1.5mbps
    6 or more users connected = max 4mbps

    same goes with group 2 and group 3

    Is this the right forum category to ask this? Or this need to be request as a new feature for 2.1?



  • Such a feature is not supported by CaptivePortal and pfsense. If you like something like that for CaptivePortal, you need to open a ticket on github.

    Freeradius2 package is not a package which is maintained by the pfsense developers. It is a community package.
    To get answers on how to setup freeradius2 to work with such groups you should go to the freeradius2 mailing list.

    The features you want can not be done by the freeradius2 GUI only.

    –- edit ---
    Perhaps you can try with the traffic shaper. But I don't know how the traffic shaper works.



  • @lifeform08:

    Example Total 10mbps internet devided by on 3 groups
    group 1 - total 4mbps shared to CP per users limit 768kbps
    group 2 - total 3mbps shared to CP per users limit 256kbps
    group 3 - total 3mbps shared to CP per users limit 512kbps

    I don't know how to configure this grouping
    example on group 1 total 4MB:
    1 user connected = max 768kbps
    2 users connected = max 1.5mbps
    6 or more users connected = max 4mbps

    same goes with group 2 and group 3

    Is this the right forum category to ask this? Or this need to be request as a new feature for 2.1?

    With freeradius2 you could get this far with what you want too do.

    If possible and these groups are or can be separated by lan subnets?
    You could from free radius create a user for each group  using a mac address, This mac would be the WAN mac of another router dedicated for each group.
    1 router per group
    1 user in freeradius2 for each router ( the wan MAC address)

    Each user (group/ router) can be capped for usage daily/weekly or monthly/
    And each user (group/router) can be capped with speed up and down.
    This won't go faster when no one is using the internet but will keep them at a MAX up/down speed all the time.

    I also believe ( correct me if I'm wrong !!) you could add a dual or quad nic to a PFsense PC and have 4 lans. With CP running a new instance for each lan and configure each user on each lan the same way with the users mac address as it's login same PW for everyone. Or a user and PW per person.  This way saves 3 or 4 extra routers but may allow for static routes for lan too lan needs , and is also a lot of extra work setting up user accounts.

    Depending on your exact needs I prefer the extra router option. I plan to implement this on a 20 user network some time this year.



  • @Alan87i

    This brings me to an idea - with no routers and no different subnet but with static IPs.
    So lets say the LAN interface has IP 192.168.0.0/24

    Assign the members of group 1 IPs from 192.168.0.10-19
    Assign the members of group 2 IPs from 192.168.0.20-29
    Assign the members of group 3 IPs from 192.168.0.30-39
    Assign the members of group 4 IPs from 192.168.0.40-49

    Then - and here I am unsure - use the Traffic shaper to shape the group maximum bandwidth. So for IPs from .10 - .19 with 4 MBit/s and so on. And on freeradius assign every user the bandwidth you like.

    If thie shaper settings cannot be done then you need 4 subnets / 4 NICs and then limit every subnet with the shaper and the users with freeradius2 + CP.

    Just a suggestion - not sure if this will work.



  • It might work.
    The only problem I see with using the traffic shaper and 4 nics is will it affect any traffic between lans?
    I know on pf 1.2.3 it does.
    I have not tested it it on 2.0 or later.



  • Thank you very much for your ideas.


Log in to reply