> So am I correct with this scenario : > > 1 - Create the 7a.m. to 6p.m. schedule > > 2 - Create a single limiter, say 20 Mbits/s, with no other option, > to dedicate 20 Mbits/s to classrooms (so appartments will use the > remaining bandwidth that is still available when this limiter > applies) > > 3 - When creating a rule, I add this rule only to the "classrooms" > interface, and use the single limiter's name in both the IN and OUT > drop down lists in the "Advanced features" of rule creation. Then I > put this rule with "PASS" mode at the top for it to be evaluated > first (or is it important at all where I put it wrt other rules) ? > > Am I correct ? > > Thanks for your feedback, I've never used limiters before and since > I'll do this on the production system I'd like to not make too much > mistakes. > > Thanks in advance for your help
That looks right, BUT... QoS on ADSL is notoriously difficult, and does not usually work quite as expected. There are implementation issues to blame, as well as a theoretical/logical problem. When you configure your system as described, you will rarely - if ever - get exactly the results you expected. Aim for "good enough", instead of "perfect" and you will likely succeed. First and foremost: you do not directly control what data is being transmitted to you. You have indirect control over it, at most. To fully control the downstream (i.e. towards you) traffic flow, you would need to have a device sitting at the ISP end of the connection implementing your policies. I have this problem as an ISP; the best traffic shaper in the world can only *indirectly* affect what comes back down the pipe towards me. I can easily drop packets once they arrive at my network (and artificially limit what each client receives), but at that point, why bother, because they've already consumed the scarce resource: incoming bandwidth. You *will* be able to control outgoing bandwidth - as long as you never saturate the ADSL modems' buffers. This means capping the outbound bandwidth at around 95% of your theoretical upstream; this needs to be done on the last device before the modem, so I hope your load-balancer can do this! Depending on how your load-balancer works, the bandwidth you need to limit to at the pfSense gateway might not be obvious - some experimentation may be required. (BTW: for a more detailed explanation of why you need to cap outbound bandwidth, read http://www.bufferbloat.net/projects/bloat/wiki/Introduction.) Assuming you aren't hosting publicly-available services (e.g. a public webserver or FTP site) standard traffic-shaping tools like what pfSense provides will probably be good enough for your purposes. -Adam Thompson [email protected] _______________________________________________ List mailing list [email protected] http://lists.pfsense.org/mailman/listinfo/list
