Stop tenant from saturating line with torrents. Improve netflix
-
Hi
I have a network that is shared with a tenant. That tenant is pretty keen on torrents. I dont have a problem with him downloading torrents but I do have a problem when that stops me from using netflix.
What I would like to do is have two aliases with his and my I.P addresses. Then I would like to have traffic shaping that will give him 100% use of the line, but If I am running netflix it must drop down to 20% of the line speed so that I can use 80% of the line. When I'm done streaming then he can borrow the bandwidth again.
Any help would be appreciated.
Thanks
-
Hi
I have a network that is shared with a tenant. That tenant is pretty keen on torrents. I dont have a problem with him downloading torrents but I do have a problem when that stops me from using netflix.
What I would like to do is have two aliases with his and my I.P addresses. Then I would like to have traffic shaping that will give him 100% use of the line, but If I am running netflix it must drop down to 20% of the line speed so that I can use 80% of the line. When I'm done streaming then he can borrow the bandwidth again.
Any help would be appreciated.
Thanks
P2P is hard to control. For most setups, you will need to set the the p2p download maximum not at 100%, but 80% (going by your requirements above). If I were you, I would allocate p2p with [max-bitrate minus ~7Mbit]. The 1080p Netflix stream is 5700 or 6700 kbit iirc.
p2p is hard to control because instead of a few clients needing to be told to lower the transmission bitrate (which takes ~100ms or more), hundreds of clients need to be told. Now imagine that there will be a >100ms delay before each clients slows the bitrate… it is unpredictable. For this reason, it is usually best to limit torrents to well below the maximum, like ~60%.
Experiment and see what works for you.
-
Sorry. I should have been more clear. I am not interested in shaping by packet but rather ALL traffic going through the two different IP addresses. So if I'm watching netflix or need speed for any other protocol on my PC I get 80% of line speed and he gets 20% regardless of traffic going through his line.
-
Sorry. I should have been more clear. I am not interested in shaping by packet but rather ALL traffic going through the two different IP addresses. So if I'm watching netflix or need speed for any other protocol on my PC I get 80% of line speed and he gets 20% regardless of traffic going through his line.
Everything I said applies regardless of the way you classify the traffic into firewall rules.
You can only fully control what you transmit. Downloads are strange. Really, downloads are only controlled as side-effect of rate-limiting what your LAN interface can transmit from your pfSense device to your LAN devices. The download traffic then experiences TCP congestion avoidance and begins to rate-limit the sender. The congestion avoidance will take time.
So, even if you limit the other PC to 20%, you will receieve more than that, perhaps much more, until the sender(s) slow down.
You will need to experiment. You may be able to simply set your devices to 80% and the other PC to 20% and get what you want.
Edit: If you use HFSC link-sharing or CBQ's borrowing, the queue will use all available bandwidth, but will proportionally share it when needed. You might try using HFSC's upper-limit to limit the maximum that the other PC can use, so that your devices will always have some bandwidth available on demand.
-
I recommend classifying the traffic you want to be higher priority and all unknown traffic get's reduced priority. Example, ports 80, 8080, 443, and 53 get shoved into your higher priority and all other traffic gets lower.
-
You'd probably have to write a script to do that since you'd have to check if there is a connection to netflix. Why not just limit them to 80% of the traffic at all times?