Hi,
At home a I have a rack with some servers. From time to time I can se that they are having some bandwidth issues. I have tried to look this up online, but cant find any tutorials on the setup I’m looking for in pfSense traffic shaper. And I really don’t understand traffic shaping
My network has several vlan’s, and only two of them really matter to me. So what I want to do, is to give my server vlan (if possible two of the hosts) no1. prioity so it can use as much bandwith as it want’s, except that I want to guarantee my LAN 70 Mbps if it needs for streaming etc.
How can i setup such rules?
I’ve been dwelling on how to ensure my network can use total bandwidth required, but when a particular vlan requires bandwidth it receives it. However, I think it was a while since I looked at it, as I also want to retain my bufferbloat config.
This dude has the ultimate insight on traffic shaping
Keep in mind that if your ISP does traffic shaping you may not need to, depending on why you want to shape your traffic of course. For example, DOCSIS 3.1 has built in active queue management so if you get your internet via cable make sure your modem is DOCSIS 3.1 and you should have no trouble getting maximum speed with minimal buffering. The same goes for many fiber networks I have seen where you get your internet from a optical network terminal. The traffic shaping is usually pretty basic but if basic is all you are after then you are good to go.
I like to measure with fast.com and when it’s done hit the “more info” button to see loaded vs unloaded. If the loaded latency is less than 50ms it’s probably not worth your time to try and get that last little bit. Keep in mind where you are testing from and the capability of that machine. Ideally the test computer is capable of more bandwidth than your internet connection and plugged directly into your network as close to the internet as possible.
Also, queues don’t kick in until the pipe is saturated (full) so if you have a gigabit connection and never ask a gigabit of it then why bother? Limiters on the other hand are another story (they limit things).
Just to clearify what I aim to achieve:
I have a server running multiple VM’s, and two of the VM’s is SCPrime nodes (decentralized storage)
The last week or so, as the pressure on my TOR router i rising, the latency on SCPrime scans has increased from about 318ms to about 550ms, that includes DNS resolution, settings respons and key exchange.
It’s not only the TOR router that is using a lot of bandwidth, there are many other services like plex, nextcloud etc. I want the SCPrime nodes to get a high priority, but I also want my LAN to have “the right” to use a predefined bandwitch if it needs it. All other services can share the leftovers
If this is even possible. I really don’t know the limitations to traffic shaping
Oh boy! That sounds like it could get messy fast. I would try using priority queuing PRIQ first and if that doesn’t work move on to class-based queuing (CBQ). If these things are on different VLANs it would be easy to just assign one VLAN a higher priority than the other. I haven’t tried something like this recently though. Do keep in mind that if your bandwidth on your network (between your router and your server for example) is more than what you are paying for from your ISP then it only makes sense to prioritize outbound traffic. Otherwise the issue is outside of your control. You cant prioritize traffic that didn’t arrive yet. You know? https://docs.netgate.com/pfsense/en/latest/trafficshaper/index.html
Yeah it gets messy fast in my head too Thats why I need posts like yours, to point me in the right direction. My servers and pfsense box is on 10Gbe network, and I have a 600Mbps fiber line form my isp. The 10Gbe is only so I can run a single fiber to each host machine.
I will give the VLAN approach a try. The SCPrime nodes has it’s own vlan so it could be easier than I think. Might just me making a complex plan to solve a simple problem
PRIQ is really simple and would do what you want for prioritizing traffic. The main downside of PRIQ is that if you have a lot of high priority traffic then there may be no bandwidth left for the low priority traffic. CBQ solves this problem but I feel is a bit more complicated. I used CBQ on Cisco and when I look at CBQ on pfSense it does not look familiar. You could use PRIQ to prioritize then add some limiters so that high priority traffic only get’s 90% of your connection, just to add one more way, haha. The important thing is that you understand how it works, and maybe write it down for later.
Thank you all. I have set up a pfSense vm to test out some strategies and see what would benefit me the most before I deploy it on my pfSense box. What I have found so far is that the learning curve on this topic is steap, but now I a basic idea of how this works and it is just a matter of testing scheduler types to see what works or not
- 
Thats why I need posts like yours, to point me in the right direction. My servers and pfsense box is on 10Gbe network, and I have a 600Mbps fiber line form my isp. The 10Gbe is only so I can run a single fiber to each host machine.