Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Bandwidth Limitations on Individual VLANs

    Traffic Shaping
    3
    3
    1480
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      teward last edited by

      Hello.  I'm not entirely sure how to go about doing this, so please bear with me as a relative newbie.  I've got multiple VLANs on multiple Interfaces and I'd like to set specific bandwidth limits on each of those VLANs.  Here's basically what I'm trying to achieve when each VLAN tries to reach out to the Internet:

      WAN: 100 Mbps down / 15 Mbps up  (This is what I've got from the ISP, on a good day)

      LAN Interface:  45 Mbps / 10 Mbps (shared limit on all VLANs, such that the total of all VLANs will not exceed this)
      VLAN100  10Mbps downspeed
      VLAN150  10Mbps downspeed
      VLAN200  10Mbps downspeed
      VLAN250  10Mbps downspeed
      VLAN300  5Mbps downspeed

      OPT1 Interface:
      VLAN1020: 1.5 Mbps / 1.5 Mbps strict limit (both internal AND external to internet)
      VLAN1030: 25 Mbps / 10 Mbps (these are the maximum speeds I'd like this to have, however it does not have to be that 100% of the time)

      I'm not really sure how to accomplish this in the Traffic Shaper, can someone give me some pointers?

      1 Reply Last reply Reply Quote 0
      • R
        raverX last edited by

        Hi Teward,

        We have a similar setup with one of our sites, and after a bit of messing around this is the setup that seems to work for us -

        Setup "Interface Limits"

        • "VLAN231" limit 50mbps
          – "Default" queue with limit 50mbps
        • "VLAN232" limit 20mbps
          -- "Default" queue with limit 20mbps

        Setup "Limiters"

        • "VLAN231_LIMIT" limit 50mbps
        • "VLAN232_LIMIT" limit 20mbps

        Go to your Firewall Rules, go to VLAN231 and apply the "VLAN231_LIMIT" to the Advanced/Queues/In rule; do the same for VLAN232 and VLAN232_LIMIT rule.

        Apply. You may need to reset your states (depending on how much stuffing around you're doing).

        As our limits are bidirectional, I can't recall which one is the upload and which one is the download limit. But hopefully this should give you a bit of a starting point.

        1 Reply Last reply Reply Quote 0
        • Derelict
          Derelict LAYER 8 Netgate last edited by

          Do you want to set, say, a hard limit on VLAN100 of 10Mbps down or do you want the whole 45Mbps available if nobody else is using it? (The latter is harder and I'm not sure if it's even possible using the limiter when multiple interfaces/bandwidth goals are present.)

          If you switch to HFSC you will run into the multi-LAN interface config issues.  See the first part of this post for an brief explanation: https://forum.pfsense.org/index.php?topic=79589.msg434856#msg434856

          1 Reply Last reply Reply Quote 0
          • First post
            Last post

          Products

          • Platform Overview
          • TNSR
          • pfSense
          • Appliances

          Services

          • Training
          • Professional Services

          Support

          • Subscription Plans
          • Contact Support
          • Product Lifecycle
          • Documentation

          News

          • Media Coverage
          • Press
          • Events

          Resources

          • Blog
          • FAQ
          • Find a Partner
          • Resource Library
          • Security Information

          Company

          • About Us
          • Careers
          • Partners
          • Contact Us
          • Legal
          Our Mission

          We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

          Subscribe to our Newsletter

          Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

          © 2021 Rubicon Communications, LLC | Privacy Policy