Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Per IP / Per VLAN - Bandwidth Throttling

    Scheduled Pinned Locked Moved Traffic Shaping
    8 Posts 4 Posters 6.7k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      jozipaulo
      last edited by

      Hi everyone,
      I was hoping someone could point me to the correct forum post or if it does not exist help me with a bandwidth throttling question.

      I am trying to throttle bandwidth in my system as there is a need for separate VLANs that have been created to get designated bandwidth and their users per VLAN.

      So I do know how to throttle either a VLAN or users per IP using the "Traffic Shaper: Limiter" feature and then applying that to a firewall rule per VLAN.
      I just cant seem to figure out how to do both at the same time per VLAN.

      So for a small example

      If there are 3 VLANs each VLAN would need the following. This is just an example of the bigger picture of our system

      Total bandwidth 100Mbps / 100Mbps

      VLAN 10 - Throttle VLAN 50Mbps / 50Mbps - Throttle Per IP 5Mbps / 5Mbps
      VLAN 11 - Throttle VLAN 25Mbps / 25Mbps - Throttle Per IP 2Mbps / 2Mbps
      VLAN 12 - Throttle VLAN 25Mbps / 25Mbps - Throttle Per IP 3Mbps / 2Mbps

      any guidance with this would be greatly appreciated.

      1 Reply Last reply Reply Quote 0
      • I
        ismaelnoble
        last edited by

        are you planning on using transparent squid with this deployment, it is my understanding that limiters do not work together with transparent squid…

        1 Reply Last reply Reply Quote 0
        • J
          jozipaulo
          last edited by

          No not using Transparent Squid.

          1 Reply Last reply Reply Quote 0
          • I
            ismaelnoble
            last edited by

            see https://forum.pfsense.org/index.php?topic=63531.msg364520#msg364520 for a guide, bear in mind that it will evenly distribute bandwidth among uses covered by the firewall rule. you will need to experiment further to get the minimum bandwidth per host working though.

            in the event that you do please post how u did it on the same thread so others can do the same.

            1 Reply Last reply Reply Quote 0
            • J
              jozipaulo
              last edited by

              I did see this,
              Have not tried it yet.

              I do need to find a solution where I can give users on a VLAN that has a bandwidth limit a further limit per IP though.

              1 Reply Last reply Reply Quote 0
              • I
                ismaelnoble
                last edited by

                its a decent starting point, and a part of my current setup which is similar except for the minimum bandwidth. i do find that in order to properly test speed limiting i use a separate browser (not tab or window) and i start it up only for testing.

                1 Reply Last reply Reply Quote 0
                • DerelictD
                  Derelict LAYER 8 Netgate
                  last edited by

                  Seems it should be possible to regulate overall line usage using the traffic shaper and per-host limits using the limiter.

                  Chattanooga, Tennessee, USA
                  A comprehensive network diagram is worth 10,000 words and 15 conference calls.
                  DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
                  Do Not Chat For Help! NO_WAN_EGRESS(TM)

                  1 Reply Last reply Reply Quote 0
                  • cyber7C
                    cyber7
                    last edited by

                    If you want to limit wan traffic to a specific site, you can also have a look at my Definitive Guide to Limit Facebook traffic:
                    https://aubreykloppers.wordpress.com/2015/07/22/pfsense-and-shaping-facebook-the-definitive-guide/
                    It really works and it works well!

                    cyber7-out

                    When you pause to think, do you start again?

                    2.2.4-RELEASE (amd64)
                    built on Sat Jul 25 19:57:37 CDT 2015
                    FreeBSD 10.1-RELEASE-p15
                    and
                    pfSense 2.3.2-RELEASE-p1 (amd64 full-install) on pfSense

                    1 Reply Last reply Reply Quote 0
                    • First post
                      Last post
                    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.