Bypass traffic shaper for internal LANS

Hello everyone,

I am new to your community, new to pfsense and i have made a lot by following your guides.
I have a wan connection - 200/20 and 3 LANS. LAN - IOT - DMZ.
All connected to pfsense machine - AMD AM1 5350 - 16GB RAM - 4 NIC INTEL PRO.
I have configured traffic shapper, full bandwith to LAN, 100Mbit to DMZ and 5 Mbit to IOT.
The problem is that when i try to connect from LAN to DMZ i cannot have full bandwith of 1Gbit but i am traffic shapped to 100Mbit.
How can i bypass this ?
I also want to know which this hierarchy of rules? Floating - Interface - and other rules…
I am just new comer and want to learn many.

Just on your rules point, when I was first looking at PfSense, it took me a while to understand the rules. The approach I took was to block everything going in and out of the WAN for each of the vLANS. Then I basically created alias for my subnets and ports, from there it was easier to determine how I wanted the traffic to flow. It took a while of working out the ports I needed so applications had access to the internet (then I’d add them to the alias) but now I can understand the flow. Having fewer rules seemed the way to go.

I didn’t set any floating rules (I believe these work across all interfaces) but I noticed pfBlocker added some.

On my ISP vLAN I have 4 permit rules and 3 block rules as a benchmark.

1 Like

anyone can help?
tried many tricks to bypass traffic shaper but no results