Shared Bandwidth for Pfsense

I’m trying to setup pfsense with shared bandwidth for all users.

For example, if I have a 1000 mpbs uplink and 1 user is accessing the web, they get 100% of the 1000 mbps link. If 2 users are accessing the web, each user gets 50% of the 1000 mbps uplink. There is a ton of conflicting information on the web and on pfsense’s forum about this. I did find this link and people seem to have success with it.

Question 1:
Does anyone have experience with this setup and does it work?

Question 2:
I’m considering setting this up in an apartment building so I can fairly share bandwidth for all users. Each apartment will be on a separate vlan. So the second question is, can I “share” the bandwidth based on vlan rather than individual user?

thx

1 Like

Completely disregard. I didn’t read that very well at all!

got it. I was even more confused with the video links. I’m basically looking to replicate the shared bandwidth model of this device. It’s very expensive and more than I need.

https://www.netequalizer.com/

There are several threads all over the place saying it work and no it does not work. The reddit post seems to make a lot of sense, but I found other posts on the pfsense forum saying that the approach created other issues or there was no way for pfsense to know how much bandwidth is currently being used to reallocate to all users.

You can setup a captive portal https://docs.netgate.com/pfsense/en/latest/captiveportal/captive-portal.html and then use the “Per-user bandwidth restriction” option for the users

1 Like

Is there a captive portal video tutorials that you can point us to? Thank you

1 Like

I’m not looking to strictly “limit” bandwidth. I’m looking to “share” bandwidth. For example

Assuming 1000mbps asymmetric

Scenario 1 with (1) Active User
User 1 gets 1000mpbs up and down

Scenario 2 with (2) Active Users
User 1 gets 500mpbs up and down
User 2 gets 500mpbs up and down

Scenario 3 with (3) Active Users
User 1 gets 333mpbs up and down
User 2 gets 333mpbs up and down
User 3 gets 333mpbs up and down

You get the point… Bandwidth is shared based on total usage. And the users allocation of bandwidth changes on the fly as user activity increases of decreases.

This device does that (https://www.netequalizer.com/) but they want 4K for my installation. It’s very unclear from all the forum activity (on pfsense.com) and reddit posts if pfsense can actually do this.

If you enable QOS and all devices are equal priority, then it will generally work out this way. I don’t have specifics on setting this up in PFSense but I know it’ll do it

The instructions in the reddit link are as follows. Does anyone have experience with this approach?

The configuration in Firewall > Traffic Shaper > Limiter:

  • Create a new Pipe
  • Name: Upload
  • Bandwidth: 18mbps (put the total amount of bandwidth available here; remember to save a small amount of bandwidth for remote management, downloading packages, etc – in this example, we’re allowing 18mbps for users on a 20mbps line)
  • Schedule: None
  • Mask: None
  • Create a new Queue under Upload
  • Name: UploadQueue
  • Mask: Source addresses
  • Create a new Pipe
  • Name: Download
  • Bandwidth: 290mbps (in this example, we’re allowing 290mbps for users on a 300mbps line)
  • Schedule: None
  • Mask: None
  • Create a new Queue under Download
  • Name: DownloadQueue
  • Mask: Destination addresses

The configuration in the applicable LAN-side firewall rule:

  • Advanced > In/Out: UploadQueue / DownloadQueue

Hi,

putting this here as it’s related. I have a VLAN/Interface setup for some guest machines that I want to traffic shape in this way:
I want to allow them to use maximum speed up/down as long as my main machines don’t need it. So lets say I only need 50Mbit on my main VLAN I want to allow the guests to use the remaining 450Mbit. But when I need to download from a high speed server and need the 450 I want to limit the guests to 50Mbit. So basically: “guests can use the full speed as long as I don’t need it and I don’t want to be slowed down by them”
So instead of limiting the guests to a fixed speed I want to allow them to use maximum speed as long as I don’t need it for the main net.
Is this even possible with the traffic shaper in pfsense?

I want this rule to apply for the entire guest VLAN interface not just single hosts.

Thanks!

You need to review this, it has a solution though it’s quite involving.

1 Like

Oh wow, thanks. Surely a lot to digest. :grinning:
I might use a plain limiter for guests until I’ve wrapped my head around that info.

Thank you!

Yep I got the limiters running on my vlans with my bufferbloat down, so it works. Though you ideally want his last solution so you optimise your bandwidth.