Limit bandwidth of specific port



  • Hello all, I am running simple priority qos currently to prioritize gaming traffic in my home, and I'd like to know the proper way to limit bandwidth to a port, as there are games that use total speed for lag compensation purposes and it creates a more fair playing field if i only allocate them the bandwidth they need for the game to function correctly.  I am familiar with prioritizing bandwidth, but not setting specific limits.  Any help would be appreciated, thanks!



  • So I am confused as to why you want to limit a specific set of ports for gaming to a finite amount of bandwidth?  Some games use specific ports while others use a wider range and the majority of games also use 80/443 to download data before launching the client.  here is a list of some of the tactics I use for categorizing gaming and ports:

    1. Make Aliases for Game server IP's
        A. Spend a little google time and find all of the LoL / other game  server's  IP ranges and you can use that to make a rule.

    2. Make Aliases for game ports for TCP and then for UDP.
        A. Since TCP requires the qACK while UDP does not , I like to make separate rules for TCP and UDP.

    If you look at my post on here - https://forum.pfsense.org/index.php?topic=77388.0 this has my Alias set in it that I use.  I have about 40 games broken down by port / protocol along with about 8 Game server IP Ranges.

    This is info I have gathered by doing google searches and packet captures during numerous LAN parties and using my test environment.

    So to finally answer  your question - you would need to do the following:

    1. Create a queue for the games you want to limit. Assign it a bandwidth amount either by percentage or by actual MB/KB.
    2. Create a floating firewall rule to use that queue with using the alias for ports or IP for that game. Make sure to set the Quick Match option.
    3. Test , test ,test!!!!

    Again I think the better solution is to just use one big queue for gaming , i.e. , qGAMES and give it minimum reserved amount like 30% with 50% being the overall amount.  This is if you are using HFSC.  If you are using PRIQ and not using VoIP then you can give it a priority of 7 with qACK being at 6.

    Hope this helps you out.



  • That's some good info.  I'll check into it a bit more.  The reason it needs a specific amount of bandwidth (not a percentage) is to fool the lag compensation of the game into not turning itself on.  It's more of an experiment than anything, but last night i switched the algorithm from PRIQ to HSFC, created a child queue of qGames with 512kbps bandwidth set and it did appear to work.  I would need to test more without it to be sure.  That did seem to break BF4 traffic from going into the qGames queue somehow, which did appear to work when set to PRIQ.  The net result i would like more than anything is to prioritize games that I play over any other applications.  The only implication I can see with this is that I need rules to put the outbound traffic into queues, and a lot of games use a huge range of outbound ports.  I saw the Layer 7 option, however from what I can tell that could only block applications.

    When I return home this afternoon I'll test this stuff out a little more.



  • Traffic shapers like PRIQ and HFSC don't limit your bandwidth, they just try to provide a policy-defined service and will happily slurp up all your bandwidth.  You need a limiter to enforce a hard bandwidth cap per subnet, IP or port.  First, create the limiter, then add a LAN rule such that traffic that meets the correct port range goes into the limiter (you can find them under Advanced Features - In/Out).



  • Alright awesome, I know that HSFC has a way to basically drop packets after a certain point.  I dont really want that, I just want gaming to have first dibs on all bandwidth aside from just this one limiter, so I set up a simple PRIQ for gaming using the wizard to do that.  It may need some tweaking of a few of the floating rules (adding more possibly) but in testing seems to work well.  Here are some shots of how i've set up the limiters, does anyone see any problems with this setup going forward?  I'm going to do a bit of testing on it now, but if there's anything that would need to be changed, I'd appreciate it.

    I was inspired to do this based on a device called a Lagbuster that is being touted as the miracle fix to lag compensation.  After watching their demo video, I said to myself "This is just a traffic limiter" so I knew right away that with the proper setup, my trusty PFsense box could do the same (and more)

    Thanks for all the advice so far.






  • @sideout:

    2. Create a floating firewall rule to use that queue with using the alias for ports or IP for that game. Make sure to set the Quick Match option.

    I do not know if documentation is outdated, but it specifically warns not to use Quick Match in floating rules that work with queues.



  • That documentation was from 2.0 if it is the one I think you are referring to.  I have seen other posts saying to use the quick option with queueing.

    Here is one of those posts https://forum.pfsense.org/index.php?topic=61841.0

    I would be interested in getting a admins opinion here or getting a link to up to date documentation.



  • Don't be concerned about packet drops.  When you have an active shaper in place, drops are expected when the router is under load.  You want packets from your lower-priority queues to get dumped in favour of packets from higher queues when there is contention or service guarantees to maintain.  That's how the whole thing works.  If you don't have any drops, you likely don't even need traffic shaping at all.