Traffic Shaping

Hello,

I have enabled traffic shaper on my network but I think it is not correctly configured. The problem is that two of my IPs should have inbound and outbound limitation (inbound 2048 kbps and outbound 512 kbps), but if one of this IPs uses whole 512 kbps of his outbound pipe, other users can't download from the internet anymore. I think that something isn't correctly configured.

So here is my situation.

I have 10/10 Mbps internet connection (DHCP static IP); monowall is between VDSL modem and main switch. I would like to have this kind of configuration: all LAN IPs aren’t limited except two of them: they should be set to inbound 2048 and outbound 512 kbps. And if one of them uses all of his 512 kbps outbound the other one should still work normally. They should me completely separated.

Maybe if you can send me some screenshots, because there are really a lot of options and I really don't know how to configure it right.

Thank you!

Best wishes,
Marko

If you don't care about shaping the rest network only those 2 and you only wana limit them to 2048/512 separately why dont you make 4 pipes?

No.   Bandwidth   Description

1    512kb/s           Pc1 Upload
2    2048kb/s         Pc1 Download
3    2048kb/s         Pc2 Upload
4    512kb/s           Pc2 Download

If you don't want to shape the trafic in those pcs

use 4 queues

one for each pipe with 100 weight

and make the rulez (all on wan interface)

if (ip from pc1) = source then send him to Pc1 Upload queue
if (ip from pc1) = destination then send him to Pc1 Download queue
if (ip from pc2) = source then send him to Pc2 Upload queue
if (ip from pc2) = destination then send him to Pc2 Download queue

of course  that this wont be shaping anything, only limiting the speeds
if you wana shape in those conditions another firewall distro or maybe some virtual or real interfaces could help

if you don't care about the download/upload being higher then 2048/512 for those 2 computers as long has they don't mess with your other computers then

set the pipes to
No.   Bandwidth   Description

1    9500kb/s           Upload
2    9500kb/s           Download

make a  4 queues for those 2 pcs
2 for upload and 2 for download

the weight on the uploads should be (512/9500)*100 = 6
the weight on the downloads should be (2048/9500)*100 = 22

so we have 2 queues of 6 (=12) of upload
and 2 of 22 (=44) of download
leaves us with 66 to share of download
and 88 of download

share them with your other pcs

this way is granted that in a stress situation (all pcs on network with spaming upload and download) you will always have 2048/512 for each of your 2 pcs and 5404/8476 for the rest of the network

in a calm situation (no one is using download or upload) all the computers will be able to use 9500/9500
 

[LAN]

Actually you can do both methods at the same time,

You can Limit with out shaping the trafic from those 2 pcs, using my 1st reply, on LAN Interface

And then shaping it, using my 2nd reply, along with all other trafic on WAN Interface

you will need 6 pipes:

for LAN use
1 - PC1 Upload               512 kbps
2 - PC1 Download          2048 kbps
3 - PC2 Upload               512 kbps
4 - PC2 Download          2048 kbps
for Wan use
5 - Shaper Upload          9500 kbps
6 - Shaper Download     9500 kbps

so you need 1 queue with weight 100 for each LAN pipe (see up)
and 1 rule for each LAN queue caching all trafic on the LAN interface from/for (upload/download) each pc (pc1/pc2)

on wan interface use my example in reply 2 or your normal shaping rules

after all this and if you use my example then is granted that:

in a quiet or stress situation your 2 special lan pcs will have their 2048/512  for sure and only their 2048/512 (just like an ISP)

if they are not using it, the rest of your lan computers can use their band
Let me know if it worked

Thank you for the reply. I will try this things in a next few days and then i will post printscreens of the configuration so you can tell me if everything is configured correctly.

Bye!

Can you also tell me how should I set up Masks in Pipe and Queue configuration for all my pipes and how to set up Source and Destination in Edit rules for all my rules, because I am confused about this two things.

Thank you!

Understand this:

Packages already have their destination, that wont be changed, so neither queues or pipes need any configuration filtering packages according to their destination, this is done by the rules.

you could even use the same pipe and queues for both upload and download traffic, and it would still work(but not correctly).

You need different pipes and queues for upload and download because your upload speed is not dependent from your download speed.

pipes are speed limiters, and queues share the speed limited by pipes to the packages in those queue, but they don't care from where or to where the package goes they will hold it in line, just has any other package.