Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Floating traffic limiter rules .. ???

    Traffic Shaping
    1
    1
    1.6k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      Javik
      last edited by

      I am trying to set up interface-based traffic limiting using floating rules. We have 1 WAN and 3 LANs. I want to limit two of the LANs into a shared limiter and leave the 3rd LAN connection unlimited.

      But the options for setting up floating traffic rules are bizarre.

      Why is there a requirement to select an interface, AND a source address? The source address can be "Any" but not the interface cannot be "Any", so that selection is forced, it's not an either/or choice between source interface and source address? Why does the interface have to be specified at all?

      • What happens if I set the interface to WAN and the source to ANY?
      • Is that the same thing as selecting "interface WAN" and source as "WAN net"?
      • I can choose "Interface WAN" and source as "LAN net" … but is this an invalid choice that will never match?

      Next up is the direction box and what effect it has on everything else.

      I just want symmetric limiting with two limiter queues:
      *  WAN -> InFromWAN limiter queue -> LAN
      *  WAN <- OutToWAN limiter queue <- LAN

      If I create the two floating rules as:

      • Interface WAN, Source WAN net, Destination LAN net
        ...  In limiter: InFromWAN  Out limiter: OutToWAN
        ...  Direction: In
      • Interface WAN, Source WAN net, Destination LAN net
        ...  In limiter: InFromWAN  Out limiter: OutToWAN
        ...  Direction: Out

      This does nothing as far as I can tell. Setting immediate match also does nothing. It seems like choosing Out may require completely flipping around the selections for everything else?

      Also if I HAVE to specify a direction, then setting both the In limiter and the Out limiter is probably unnecessary because only one limiter queue will be used for the direction specified?

      ,

      The limiter does work if I ignore the floating rules tab, and instead apply the limiter queues to the pass rules in the LAN tab, but it's a hassle applying the same two In/Out limiter queues to 30+ pass rules in there.

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.