Limiting bandwith dynamically per user/device



  • In searching for a solution for an issue that I am having to address I ran across pfsense and it looks really promising. 
    I am currently taking over managing a public wireless for an rv park of which on avg has over 100 devices connected. The issue that I am having is that I don’t have any way to limit one user from killing their internet connection. I really don’t care what they are downloading/looking at but I would like to be able to either dynamically rate limit per user/device or just set a hard avg % with a max cap.
    Are there any features within PFSense that would help me address this issue or make life easier?

    Thanks,

    ~Justin



  • yes, you can use Squid Package to shape traffic.

    http://www.smallnetbuilder.com/security/security-howto/31468-build-your-own-utm-with-pfsense-part-3?start=1

    this tutorial is for version 1.x but also applicable to 2.x

    rgds



  • The better option is limiters if you are OK with giving them a fixed pipe.  There is a burst option in there for allowing people to exceed that limit for a short amount of time.

    https://doc.pfsense.org/index.php/Traffic_Shaping_Guide#Limiter

    To limit each device to a specific amount of bandwidth you'll need two limiters, one for download and one for upload.  When setting up the limiters, the download one should be set to "Destination addresses" and the upload one set to "Source addresses" in the "Mask" setting.  You'd then apply those limiters to your pass rule on the LAN firewall rules.