I’m trying to setup pfsense with shared bandwidth for all users.
For example, if I have a 1000 mpbs uplink and 1 user is accessing the web, they get 100% of the 1000 mbps link. If 2 users are accessing the web, each user gets 50% of the 1000 mbps uplink. There is a ton of conflicting information on the web and on pfsense’s forum about this. I did find this link and people seem to have success with it.
Question 1:
Does anyone have experience with this setup and does it work?
Question 2:
I’m considering setting this up in an apartment building so I can fairly share bandwidth for all users. Each apartment will be on a separate vlan. So the second question is, can I “share” the bandwidth based on vlan rather than individual user?
got it. I was even more confused with the video links. I’m basically looking to replicate the shared bandwidth model of this device. It’s very expensive and more than I need.
There are several threads all over the place saying it work and no it does not work. The reddit post seems to make a lot of sense, but I found other posts on the pfsense forum saying that the approach created other issues or there was no way for pfsense to know how much bandwidth is currently being used to reallocate to all users.
I’m not looking to strictly “limit” bandwidth. I’m looking to “share” bandwidth. For example
Assuming 1000mbps asymmetric
Scenario 1 with (1) Active User
User 1 gets 1000mpbs up and down
Scenario 2 with (2) Active Users
User 1 gets 500mpbs up and down
User 2 gets 500mpbs up and down
Scenario 3 with (3) Active Users
User 1 gets 333mpbs up and down
User 2 gets 333mpbs up and down
User 3 gets 333mpbs up and down
You get the point… Bandwidth is shared based on total usage. And the users allocation of bandwidth changes on the fly as user activity increases of decreases.
This device does that (https://www.netequalizer.com/) but they want 4K for my installation. It’s very unclear from all the forum activity (on pfsense.com) and reddit posts if pfsense can actually do this.
If you enable QOS and all devices are equal priority, then it will generally work out this way. I don’t have specifics on setting this up in PFSense but I know it’ll do it
The instructions in the reddit link are as follows. Does anyone have experience with this approach?
The configuration in Firewall > Traffic Shaper > Limiter:
Create a new Pipe
Name: Upload
Bandwidth: 18mbps (put the total amount of bandwidth available here; remember to save a small amount of bandwidth for remote management, downloading packages, etc – in this example, we’re allowing 18mbps for users on a 20mbps line)
Schedule: None
Mask: None
Create a new Queue under Upload
Name: UploadQueue
Mask: Source addresses
Create a new Pipe
Name: Download
Bandwidth: 290mbps (in this example, we’re allowing 290mbps for users on a 300mbps line)
Schedule: None
Mask: None
Create a new Queue under Download
Name: DownloadQueue
Mask: Destination addresses
The configuration in the applicable LAN-side firewall rule:
putting this here as it’s related. I have a VLAN/Interface setup for some guest machines that I want to traffic shape in this way:
I want to allow them to use maximum speed up/down as long as my main machines don’t need it. So lets say I only need 50Mbit on my main VLAN I want to allow the guests to use the remaining 450Mbit. But when I need to download from a high speed server and need the 450 I want to limit the guests to 50Mbit. So basically: “guests can use the full speed as long as I don’t need it and I don’t want to be slowed down by them”
So instead of limiting the guests to a fixed speed I want to allow them to use maximum speed as long as I don’t need it for the main net.
Is this even possible with the traffic shaper in pfsense?
I want this rule to apply for the entire guest VLAN interface not just single hosts.
Yep I got the limiters running on my vlans with my bufferbloat down, so it works. Though you ideally want his last solution so you optimise your bandwidth.