Traffic Shaping per IP



  • hi all:

    i am trouble with limiting  ip address to a certain bandwidth, went through nearly all the posts but still no luck.

    i need to limit a single ip address  (Lan) "10.0.0.40" to 256Kbit/s Upload and Download.

    i did the following: (taken from another post) but still the download hits 2Mbits/s

    Create 4 Limiters per client:
    IncomingWan –->> Download  (Select Mask "Destination addresses" when creating the limiter , select also desire bandwidth here)
    OutgoingLan --- >> Download  (Select Mask "Source addresses" when creating the limiter , select also desire bandwidth here)
    IncomingLan ---->> Upload (Select Mask "Source addresses" when creating the limiter , select also desire bandwidth here)
    OutgoingWan ---->>Upload ( (Select Mask "Destination addresses" when creating the limiter , select also desire bandwidth here)

    After creating the limiters you need to apply them on Firewall>>Rules ( I did it over my LAN Interface)

    Create 2 rules by IP

    You need to specify the IP or IP group as source in one rule and the other as destination.

    On each rule , go to advanced and select IN/OUT limiters  .
    Example : IncomingWan --- OutgoingLAN  ( when the IP is the destination) download
                    IncomingLAN --- OutgoingWAN  ( when the IP is the source) upload

    any help would be appreciated
    thanks in advance....



  • you only need two limiters for that scenario

    ex.
    upload - 40 kbps - mask: destination
    download - 200  kbps - mask: source

    on lan rule
    proto: any
    source: 10.0.0.40 (select single host or alias)
    destination: any
    destination por: any

    advance
    in/out: upload (40)/ download (200)

    then save



  • @cheonne:

    you only need two limiters for that scenario

    ex.
    upload - 40 kbps - mask: destination
    download - 200  kbps - mask: source

    on lan rule
    proto: any
    source: 10.0.0.40 (select single host or alias)
    destination: any
    destination por: any

    advance
    in/out: upload (40)/ download (200)

    then save

    i did the following but the limiter is still not getting applied

    link to the screen shots
    http://postimg.org/gallery/94rnd790/

    thanks


  • Rebel Alliance

    Firewall rules are evaluated from top to bottom & "First match" win….

    So, to get your rule with the limiter working, you should move it above the "Default allow LAN to ANY " rule




  • @ptt:

    Firewall rules are evaluated from top to bottom & "First match" win….

    So, to get your rule with the limiter working, you should move it above the "Default allow LAN to ANY " rule

    thanks it worked  :)


  • Rebel Alliance Developer Netgate

    FYI- the masking is incorrect on the example given by cheonne earlier in this thread.

    For the upload limiter, you want a source mask
    For the download limiter, you want a destination mask

    The same pair of limiters would be used for both LAN and WAN rules (LAN - In=Upload, Out=Download, WAN - In=Download, Out=Upload)



  • @jimp:

    FYI- the masking is incorrect on the example given by cheonne earlier in this thread.

    For the upload limiter, you want a source mask
    For the download limiter, you want a destination mask

    The same pair of limiters would be used for both LAN and WAN rules (LAN - In=Upload, Out=Download, WAN - In=Download, Out=Upload)

    thanks for the correction.. ;)
    i mislook his thread ttle "…per ip"