Limit by VLAN



  • Our setup includes one 50/50MB WAN connection, and 11 lan connections.  We currently have approximately 8 clients using one of the interfaces.  We started having issues where some clients were killing our bandwidth so we implemented traffic limiters.  I am just not sure if it has been done correctly.

    I created two limiters for each vlan - one in and one out.
    I then assigned the limiter to each of the rules created for each of the vlans.

    I gave an example of the rules with the limiters applied to each one.  Each vlan is setup similarly.  Is there a better way to do this

    I don't want to limit by user.  I want each vlan to be limited.  So if I assign the vlan 8/8MB they all share that bandwidth.

    Thanks Gordon



  • OK.  I will try to expand on this.

    We currently have 8 clients.  Each client is assigned their own vlan 172.30.4.0/27, 172.30.4.32/27 etc.
    All 8 vlans run over a trunked interface on the firewall.
    I have created an inbound and an outbound limiter for each of the 8 interfaces.
    I have then assigned the inbound and outbound limiter to each of the rules for each of the interfaces.
    So each of them have 8 rules (they are all the same) and I have applied both the inbound and outbound limiter to each rule.

    Is there a better way to do this.  I am sure I read that if I apply the limiter (set to 8MB)  to two rules say.  Then each rule gets 8MB not 8MB for the interface.

    I am trying to figure out when creating the rule, in the mask section it indicates a source and mask.  If I understand this correctly.  I can select "source addresses" from the source list and then enter 27 for the mask and this would provide the desired bandwidth limiting.

    I am in the process of rebuilding one of our firewalls and would like to streamline the configuration if possible.

    Thanks