Dedicated LAN Priority



  • Hi,

    I think this should be simple, but I can't find any obvious documentation for it.

    I have a single WAN, with 50Mbps Down and 5Mbps Up. I have multiple LANs, one of which is dedicated to VoIP phones.

    What I want to do is give the VoIP LAN as much bandwidth as it wants, to the full detriment of any other LANs, but when there is no traffic on the VoIP LAN the other LANs should have access to it.

    It seems I should just be able to do a simple PRI queue on the WAN interface and route the VoIP LAN to the queue, and all other traffic will go to the default queue. Am I right in thinking that I don't need to worry about specifying bandwidth as all I want to do is make sure VoIP gets everything it needs to the detriment of anything else.

    What I'm not sure about is what ACK queue do I need to create on the WAN interface (if any as VoIP is udp)

    Also my understanding is that the WAN queue will queue the UP traffic only, so thats fine to make sure VoIP gets what it needs of the Uplink, but how do I make sure VoIP gets what it needs for the Downlink?

    Ben



  • With PFSense, you can only shape egress, not ingress, but you can shape the egress of your LAN interfaces. That being said, you cannot share bandwidth as a pool among interfaces.  Your best bet is to figure out how much bandwidth VoIP absolutely needs, then make your other LAN be ((max bandwidth) - (VoIP bandwidth)), but you're not going to be able to share the full 100% and guarantee at the same time.



  • Ok

    So I an use a priority queue to guantee the uplink on a single WAN which is good as that is more limited, and dedicate a fixed bandwith to the VOIP on the downlink, which means there is some wasted when no calls are happening, but isn't too bad.

    If I had 2 boxes, the first with just 2 interfaces, then I could queue both in and out based on destination quiet happily. What about some clever configuration where by all traffic coming in on the wan got routed out of an interfaces with a queue, which just came back in on another spare interface to be then processed as normal. Would that work / have any disadvantages? Clearly would need 2 spare interfaces to do it.