Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    VPN's as WAN?

    Scheduled Pinned Locked Moved Traffic Shaping
    1 Posts 1 Posters 715 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K
      killerb81
      last edited by

      Hey there, quick question about setting up QOS.

      A little bit of info:

      • I have 2 OpenVPN client connections always connected (one to a server in Canada, the other to a server in the States)
      • I send traffic through each one using firewall aliases and LAN rules. This is working fine.
      • Also have HAVP as a parent proxy to a transparent Squid / SquidGuard proxy / filter.

      As you know these VPN connections appear as interfaces / gateways.
      My question is, when I setup QoS do these VPN connections qualify as multiple WANs? Or do I just set it up as a single LAN / single WAN?

      I understand that QoS works on traffic LEAVING any given interface. So shaping downloads would be on the LAN interface, and uploads on the WAN interface.
      I'm just not sure how QoS can shape uploads if they're already encrypted on the VPN… or does QoS happen before they get placed on the VPN?

      Another question about HOW QoS works:
      If the shaper works on traffic leaving an interface, how can it shape download traffic that I've already received?
      Seeing as the LAN traffic is where downloads are shaped... it seems this is traffic already passed through pfSense and is placed on the local network. Isn't this already too late to "shape" traffic as it's already arrived... ?  Or am I not understanding correctly?  (probably the latter)  :)

      Thanks in advance! Any nudge in the right direction would be great.

      edit: I want the QoS to use CBQ scheduler. I also don't care about specific protocols because I have dedicated VMs on my network to download torrents and from usenet. I just want to prioritize entire hosts to a certain queue.

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.