Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Bandwidth Limitations on Individual VLANs

    Scheduled Pinned Locked Moved Traffic Shaping
    3 Posts 3 Posters 2.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      teward
      last edited by

      Hello.  I'm not entirely sure how to go about doing this, so please bear with me as a relative newbie.  I've got multiple VLANs on multiple Interfaces and I'd like to set specific bandwidth limits on each of those VLANs.  Here's basically what I'm trying to achieve when each VLAN tries to reach out to the Internet:

      WAN: 100 Mbps down / 15 Mbps up  (This is what I've got from the ISP, on a good day)

      LAN Interface:  45 Mbps / 10 Mbps (shared limit on all VLANs, such that the total of all VLANs will not exceed this)
      VLAN100  10Mbps downspeed
      VLAN150  10Mbps downspeed
      VLAN200  10Mbps downspeed
      VLAN250  10Mbps downspeed
      VLAN300  5Mbps downspeed

      OPT1 Interface:
      VLAN1020: 1.5 Mbps / 1.5 Mbps strict limit (both internal AND external to internet)
      VLAN1030: 25 Mbps / 10 Mbps (these are the maximum speeds I'd like this to have, however it does not have to be that 100% of the time)

      I'm not really sure how to accomplish this in the Traffic Shaper, can someone give me some pointers?

      1 Reply Last reply Reply Quote 0
      • R
        raverX
        last edited by

        Hi Teward,

        We have a similar setup with one of our sites, and after a bit of messing around this is the setup that seems to work for us -

        Setup "Interface Limits"

        • "VLAN231" limit 50mbps
          – "Default" queue with limit 50mbps
        • "VLAN232" limit 20mbps
          -- "Default" queue with limit 20mbps

        Setup "Limiters"

        • "VLAN231_LIMIT" limit 50mbps
        • "VLAN232_LIMIT" limit 20mbps

        Go to your Firewall Rules, go to VLAN231 and apply the "VLAN231_LIMIT" to the Advanced/Queues/In rule; do the same for VLAN232 and VLAN232_LIMIT rule.

        Apply. You may need to reset your states (depending on how much stuffing around you're doing).

        As our limits are bidirectional, I can't recall which one is the upload and which one is the download limit. But hopefully this should give you a bit of a starting point.

        1 Reply Last reply Reply Quote 0
        • DerelictD
          Derelict LAYER 8 Netgate
          last edited by

          Do you want to set, say, a hard limit on VLAN100 of 10Mbps down or do you want the whole 45Mbps available if nobody else is using it? (The latter is harder and I'm not sure if it's even possible using the limiter when multiple interfaces/bandwidth goals are present.)

          If you switch to HFSC you will run into the multi-LAN interface config issues.  See the first part of this post for an brief explanation: https://forum.pfsense.org/index.php?topic=79589.msg434856#msg434856

          Chattanooga, Tennessee, USA
          A comprehensive network diagram is worth 10,000 words and 15 conference calls.
          DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
          Do Not Chat For Help! NO_WAN_EGRESS(TM)

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.