Some VLANs shares bandwidth, some other VLANs have minimum bandwidth guarantee



  • Hi all,

    i have a working pfsense installation with 1 WAN 10Mbit/s connection and more than 150 VLANs (one per office room, each VLAN have one or more client). I can't figure out how to shape traffic in order to guarantee bandwith for some VLANs. For example:

    • 148 VLAN shares all the bandwith
    • 1 VLAN have a 2Mbit/s guarantee (clients in this VLAN must get at least 2Mbit/s)
    • 1 VLAN have a 4Mbit/s guarantee (clients in this VLAN must get at least 4Mbit/s)

    I tried (following an example on the wiki) with limiters but if I define a limiter of 2Mbit/s if works perfectly but clients cannot get more than 2Mbits/s. Limiters can guarantee bandwidth but cannot expand to get the unused bandwith.

    As fas as I know HFSC can define only 64 queues and I have more than 150…

    If you need more details about my setup in order to help.. just ask.

    Thanks for any help you can give me !



  • You don't need limiters.  They guarantee bandwidth LIMITs, they don't guarantee bandwidth reservations (unless you limit all other clients).

    You do not need 150 queues either.

    The short of it is that you only need 3 queues to start with.

    1st queue has a realtime of 2mbps for the VLAN that is guaranteed 2Mbit/s
    2nd queue has a realtime of 4mbps for the VLAN that is guaranteed 4Mbit/s
    3rd queue has no or minimal realtime rate for all the VLANs that share the remaining bandwidth.

    You only need to alias all the VLAN subnets that are sharing the bandwidth under a single alias and make sure that the floating rule directs all the traffic from these subnets under the alias to the 3rd queue.

    You then create additional floating rules that each direct all traffic from the guaranteed VLANs to their respective queues.

    This is the simplified version but you should be able to get on from there.  You will actually need 6 queues (3 each for downloading and uploading respectively).



  • Thanks for your reply dreamslacker

    I will try that and let you know !

    Thanks again



  • It seems that HFSC queue acts only on the defined interface.

    Defining a queue for interface X and then apply that queue on traffic egress from interface Y does not work.

    Can you give me another solution ?



  • @sgatto:

    It seems that HFSC queue acts only on the defined interface.

    Defining a queue for interface X and then apply that queue on traffic egress from interface Y does not work.

    Can you give me another solution ?

    Use the floating rules and mark the direction as 'IN'.  Select the appropriate interfaces (148 Vlan interfaces?) then direct to the WAN interface queue.

    You may want to re-create the queues with different names for the WAN and the other interfaces.  That will allow you to better differentiate between the queues.


Locked