Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    PRIQ - is my implementation "correct"?

    Scheduled Pinned Locked Moved Traffic Shaping
    4 Posts 2 Posters 1.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      moikerz
      last edited by

      I have a single WAN interface, single LAN interface and one VLAN.

      All I want to do is ensure that the single VLAN has a lower priority than the default LAN. The VLAN is for guest services.

      I started with the wizard, and modified from there - assuming my understanding of queues is correct. Have I made any mistakes in my implementation (below)?

      (At some point I'll try to figure out HFSC; I just need a quick-n-dirty prioritisation for now)

      Thanks for any comments/advice.

      (Waiting for doktornotor to tell me I'm a knuckle-dragging guppy..!)  :P
      pfsense-firewall-trafficshaper.jpg
      pfsense-firewall-trafficshaper.jpg_thumb
      pfsense-firewall-vlan9.jpg
      pfsense-firewall-vlan9.jpg_thumb
      pfsense-firewall-floating.jpg
      pfsense-firewall-floating.jpg_thumb

      1 Reply Last reply Reply Quote 0
      • H
        Harvy66
        last edited by

        It looks correct for the upload. You'll need to limit your VLAN interface to whatever bandwidth you want to shape to. Bandwidth can not be directly shared across interfaces, which is the main issue with multi-LAN. You can't easily allow "sharing/stealing", you need to reserve bandwidth.

        For only 4 posts, I like how you presented your information.

        1 Reply Last reply Reply Quote 0
        • M
          moikerz
          last edited by

          Thanks Harvy66 - I'm all too familiar with poorly-presented problems in my line of work.. A picture is often worth a thousand words.

          If I limit the VLAN interface under the Firewall>Traffic Shaper>Interface screen, is that effectively setting it's interface speed? In this situation, I couldn't see it being a problem, but if this VLAN needed high-speed access to another VLAN, it would be limited to this new bandwidth, correct?

          Regardless, would moving to HFSC make sharing/borrowing between interfaces easier?

          pfsense-firewall-trafficshaper-wan.jpg
          pfsense-firewall-trafficshaper-wan.jpg_thumb
          pfsense-firewall-trafficshaper-lan.jpg
          pfsense-firewall-trafficshaper-lan.jpg_thumb
          pfsense-firewall-trafficshaper-vlan9.jpg
          pfsense-firewall-trafficshaper-vlan9.jpg_thumb

          1 Reply Last reply Reply Quote 0
          • H
            Harvy66
            last edited by

            Regardless, would moving to HFSC make sharing/borrowing between interfaces easier?

            Shaping can't work across interfaces, but if there's a way to get two or more interfaces to bridge to a pseudo-interface, and assuming you can shape that pseudo-interface, you could probably do it.

            When you shape an interface, you shape the data leaving the interface. Shaping your LAN interfaces effectively slows how quickly you can download. With the naive setup for multi-LAN, you can't say how little bandwidth each gets, but how much. If you have 10Mb to split, you may give your guest 2Mb and your main LAN 8Mb.

            You may also want to try enabling CoDel on the child queues. If you have less than 1Mb/s, you may not want to do it. CoDel seems to have issues with 1500MTU with bandwidths less than 1Mb.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.