Is it possible to limit a lan ip-adress to example 10kbit or 10% of the bandwidt



  • hi all

    do anyone know if it is possible to restrict a single users bandwidth, to example 10% of the total internet bandwidth by using his ip-adress or mac-adress?

    if this is possible, i would like to know how.

    this would be very helpfull, when adminitration my 500 users, i have 10-20 users that is using all the totalt internet bandwidth 10/10mbit fwa connection, and would like to put some restrictions on them, so they only could gain about 10% of the bandwidth.

    is this possible?

    Sincerely Carsten



  • In Traffic Shaper you can create queues with certain bandwidth limits ( see http://forum.pfsense.org/index.php?topic=13.0 ) and then add rules for users (based on IP addresses).



  • hi again, i must admit that i´m not so sharp to this

    could someone please explain in simple steps how to configure this scenario in the traffic shaper, i know i ask of much, but i hope that someone of you will take the time to explain

    this is what i want to do, with the shaper

    i want to add a rule saying that the user from my lan example 192.168.3.192 only can have 50kb of internet upload and 100kb of internet download, is this possible and how, i know i have to make some kind of queue, but i dont know how to configure it?

    could anyway help, and explain this in every step?

    sincerely

    Carsten Larsen
    www.sundbynet.dk



  • @blackbox:

    hi again, i must admit that i´m not so sharp to this

    could someone please explain in simple steps how to configure this scenario in the traffic shaper, i know i ask of much, but i hope that someone of you will take the time to explain

    this is what i want to do, with the shaper

    i want to add a rule saying that the user from my lan example 192.168.3.192 only can have 50kb of internet upload and 100kb of internet download, is this possible and how, i know i have to make some kind of queue, but i dont know how to configure it?

    could anyway help, and explain this in every step?

    sincerely

    Carsten Larsen
    www.sundbynet.dk

    It isn`t possible.

    Homa, admin wrote: "pfSenses Trafficshaper isn't meant to limit bandwidth but share it fairly. Per User limit isn't a showstopper though it would be nice to have that feature back down the road, but not for 1.0."

    RoboK.



  • This is totally possible.  Simply create a queue or modify an existing one and set the bandwidth.  Then add a rule for that ip and point it to the queue.

    However, you'll have to do this for every ip, which if you're wanting to shape a class C thats 500 rules/queues ;)

    Scott



  • Hi
    If I want set everyone LAN IP.
    download speed is 1.6Mbit.
    upload speed is 160Kbit.
    How to setup on Traffic Shaper.
    Please touch me.
    Thanks every friend.



  • @akong:

    Hi
    If I want set everyone LAN IP.
    download speed is 1.6Mbit.
    upload speed is 160Kbit.
    How to setup on Traffic Shaper.
    Please touch me.
    Thanks every friend.

    per user bandwidthlimits are only possible if you add queues with dedicated bandwidth as target for the sinngle ips. this has not been a design goal of the shaper for 1.0 (see other threads for more discussion about it).



  • I cant get this to work. Wich ip do I put as "source" and "Destination"? Is there anything else I have to change to get it to work?



  • Anyone? I really want this to work. Can I leave "ports" open?



  • Noone that can help me with this?



  • I am wondering if this can be done a larger scale (say a full class B network) or more to make it easier to do it by vlan to limit all addresses per address to a fixed bandwidth limit.



  • Use aliases to define the items to shape and add rules using the alias as a source or destination.



  • Quick howto:
    1. Define upload queue similar to p2pup, but m2 value schould contain limit: 40kB for example.
    2. Define download queue similiar to p2pdown. I left m2 blank - do not limit download.
    3. Define rule: use new queues and define source IP.
    Direction from LAN to WAN.

    Seems to work, but sometimes "forgots" about an IP.:
    ntop shows traffic on this IP, but queue is empty.



  • Keep in mind that queues are assigned to traffic on openeing a new connection only. If there is an already established connection it will stay in the queue it once was assigned to until the connection times out or is shut down. If you want to apply changed traffic shaping settings to all your traffic you should reset the states at diagnostic>states, reset states after making changes to the traffic shaping (btw, there is a hint at the end of the shaper wizard about this).



  • thinking back at this on a larger network the network would be subnetted and I am wonder if it could be added for a future feature to throttle speed per host per subnet….so you would have rules by subnet besides the normal ones which would set for instance subnet a gets 20k/per client while subnet b gets 40k/per client...ect.



  • There's a limit of 256 queues in ALTQ, fyi.  We can change that if/when it becomes an issue (at this time pfsense rule generation performance will be a bottleneck long before you get to 256 queues though).

    –Bill


Locked