Per IP traffic shaping–share bandwith evenly between IP addresses??
-
i donot want to see dumb but where is the set-up script everybody is talking account?
I think they mean the wizards under Firewall: Traffic Shaper: Wizards…
If you want to put in place what foxale08 described you have to do it manually though...
Good luck!
Nick
-
I'm having nothing but issues with this, in any configuration going, either via interface queues or limiter queues. Just doesn't want to work.
Unfortunately like most open source projects theres plenty of info on the how and the theory, but little to none on actual implementation. ???Anyway, per-IP (or set of IP's set as Alias) on a transparent bridge:
-
Should there be queues on the inside NIC, outside NIC, bridge, or for all three? (in the traffic shaper GUI)
-
ACK Queue - where? (linked to above question)
-
At firewall rules, where should the queues be applied? On each interface, on the bridge, floating?
-
Are we setting the "ackqueue/queue" as a per queue thing without a ack queue specified, or specified?
-
If specified, which ACK? A global ACK queue, or one specific to each interface? Or one specific to each queue
-
Source/destination in firewall rules, where do we set the IP alias list? similar to above, on a specific interface or floating?
That'd be a good start for me i think…
Thanks in advance.
-
-
I'm having nothing but issues with this, in any configuration going, either via interface queues or limiter queues. Just doesn't want to work.
Unfortunately like most open source projects theres plenty of info on the how and the theory, but little to none on actual implementation. ???Fortunately for you Pfsense offers commercial support so you can purchase that and then contact them and they can answer your questions AND help you get it implemented.
-
Just to clarify.
I can use one upload and one download limiter to cover my LAN / OPT1 /OPT2 interfaces and it will share the bandwidth evenly between all clients on each subnet, right?
Thanks.
-
On 2.2.3-RELEASE (amd64) it is a bug ???
Limiter enabled and set as in foxale08 posts… accessing from LAN a device on external IP:PORT is NOT WORKING… NAT Reflection probably broke ( NAT setting attached ).
Limiter disabled and accessing from LAN a device on external IP:PORT is WORKING OK.
-
so to clarify, when u enable limiters lan ips are unable to connect to systems located on the WAN subnet through NAT ??? ??? ??? …i have not had this issue but mabe i am interpreting this incorrectly, i have found that limiters do not function (for me) in the 2.2.3 build but it may be a misconfiguration on my part and im still experimenting with it (multi vlan + WPAD-DNS-DHCP + Squid 3 + squidguard + explicit proxy setup).
-
When I had limiters on NAT Reflection stopped working. I could no longer access internal servers via their external addresses. Turn off limiters and they would start working again. Limiters also break Squid Transparent proxy. There are several bugs in Redmine about this and I believe they are marked as targeted to be fixed in 2.3.
This was a no go for me since I rely on dyndns SRV records to route my kids internal computers to our external facing Minecraft servers. The solution at the start of this thread works great for sharing bandwidth but it broke too many things for me to be able to continue using it.
Chad
-
understood, it is worthwhile that these things are noted. mabe it could be posted up on the limiter doc so no one else is tripped up by this..
-
Limiters are currently completely broken as far as I'm concerned. Limiters breaking NAT is a known bug. Don't feel like looking it up.
-
https://redmine.pfsense.org/issues/4326
https://redmine.pfsense.org/issues/4590 -
hello guys i dont seem to find any answear to my problem
i have 2 wan interfaces 1 30mbit and 1 50 mbit
if i set the limiters i will set the total bandwith of the 2 lines or i have to create 2 sets of limiters?
if i set limiters it will make my nat records not working?
thank you in advance
-
I have attempted to document the process for a simple single lan single wan setup in screenshots. Click apply settings when presented with the option to do so. See if this does what you want.
I setup my Limiters as shown in this post when limiters are enabled my Users (50) telling me they are unable to access internet i am able to Ping to Site Name and IP but webpage is not opening
when i disabled limiter from lan rule everything is working properly ,last night i tested this when there were only around 4-5 users they didnt report any issue
Version 2.2.3-RELEASE (amd64)
built on Tue Jun 23 16:37:42 CDT 2015Package Running - Snort - squid for http -bandwidthd-ntopng -openvpn
–-edit
« Reply #70 on: March 14, 2015, 04:32:32 pm »
another user also facing same issue
---edit
I applied foxale08 method for the limiter and it kills internet connection (but I can ping websites), if I disable the limiters internet works fine. I'm also using squid proxy in transparent mode, I haven't tried to uninstall squid but could it be the issue?
I have the same issue.
Disable the transparent proxy and the limiter will works
We are using proxy server for caching files and http website monitoring
Is there any way to fix it without disabling transparent proxy ? because if i disable transparent proxy i will need to manually configure proxy in all computers (can do it from Server but due to some reasons i cant do it )
any alternate solutions please
-
-
Is there any way to fix it without disabling transparent proxy ?
A second transparent proxy upstream of your limiter node?
-
any alternate solutions please
No. Get rid of the proxy.
Proxy server we need to Monitor user visiting sites and for Caching huge files
So this will work rite if i configure Proxy server in non transparent mode ?
-
-
This thread should be locked.
-
for Caching huge files
With 0.0000000000000000023% hitrate. ::)
So this will work rite if i configure Proxy server in non transparent mode ?
That or move the stupid thing to another box. Squid-induced breakage is totally OT on this thread.
actually caching is very helping for me , i am not concerned about small file caching , mainly .exe download's and it works for me
Also Per user Net usage summary also , both is working for me
-
Thanks Sideout for the tips, I tried both ways using the default LAN rule and also the tip you gave me i.e. a new rule above the default LAN rule with the limiters applied. no change in results, however i noticed that if both clients are laptops on torrents (i.e. equal load) then it does some bandwidth balancing.
attached are the screenshots of my configuration, the graphs and the limiter info.
i created similar and applied
Setup is Pfsene with squid in non transparent mode with wpad - i am able to see Unique quoue/pipe for each local IP's in diag but when one user started downloading in bitorrent entire bandwidth was given to that user ,(test was performed with 2 user i normal user downloading in Http file and other downloading in bitrorrent , torrent user was getting speed (90%)
-
use 2.1.5 works perfectly with queue
