On 5, Jan2014, at 15:59 , Adam Thompson <[email protected]> wrote:
> On 14-01-05 12:49 PM, Benjamin Swatek wrote: >> Thanks for your help Adam, I got to admit that I definitely do NOT fully >> understand OSI ;-) > > Unfortunately, most people working with firewalls do not. It's like an auto > mechanic working on your transmission without understanding how gears work, > IMHO... > Wouldn’t call myself an auto mechanic neither ;-) - Yeah, I only have a little idea of what I’m doing here. >> >> The reason for the VLANs was to get the 3 LANs onto one NIC in the first >> place, hoping that it would be easier to “get them together” for shaping >> then having them come in on the pfSense box on 3 physical NICs. >> >> Looking at your answer this might be the wrong approach. >> >> If you have any suggestions as on how I can take the traffic from 3 LANs and >> pipe it through a traffic shaper where I can prioritise traffic from a >> certain LAN over another and prioritise certain traffic over other within >> each LANs traffic, I’d be very great full to hear… > > 1. Recall that priority/QoS is irrelevant until/unless the link is congested. > So unless you plan to push ~ 1.0 Gbps of traffic, stop now and don't waste > your time. Unless this is just a learning experience anyway, in which case > go right ahead. > I’m only looking to push 8Mbps through two 3Mbps and one 2 Mbps ADSL lines (MultiWAN) for each of which I pay more than the national minimum wage - this is Bolivia - trying to satisfy my business’s needs to answer to emails asap as well as my clients expectations for a fast WiFi - that is people who don’t have a clue how expensive 1 Mbps is compared to the 1st world. So yes, my links are constantly congested ;-) > 2. Although FreeBSD's if_bridge (we are using this, not ng_bridge(4), right, > guys??) supports bridging tagged packets, I don't see anywhere in the docs a > way to set and strip VLAN tags the way a real switch would. Perhaps you'll > be better off just buying a cheap managed switch off eBay to do this job, for > example http://r.ebay.com/CkaSX0 isn't what I'd choose for enterprise use but > will be more than adequate for home use. If you don't like used equipment, > look at the NetGear GS(105|108|116)* line which are small, cheap and fanless, > and will do almost everything you want to do. Minus the QoS, I think... > although they have slightly more expensive (but still small and fanless, I > think) models that can do QoS. Most vendors have a small, quiet, > VLAN-capable switch like this, but I think Netgear's are the cheapest (and > have lifetime warranty). > I have a TP-Link 8 port switch ( http://tinyurl.com/m2rbcdt ) that connects the 3 LANs and the 3 WANs to the pfSense Box. But I’m not sure anymore what help it is. I had the LANs coming in on their own physical NICs, but couldn’t get them together for QoS neither. I can get them all in their own queue for shaping, but that way I could only limit each LAN individually not taking into account what the other one needs. > 3. You could probably get some low-profile Cat5e cable and run multiple runs > in the wiring space you currently have a single cable run. This requires > skill and tools, however. Cables are there, if that would help at all I can run more. > > 4. Do all of this with routing instead of bridging. IIRC, you mentioned that > due to physical limitations, the pfSense device acting as a switch was > relatively underpowered; this will affect layer 2 (bridging) performance as > well, so whether you route or bridge, you still won't be able to push a > gigabit of traffic, and QoS will likely make the situation worse, not better. > There are no real physical limitations around the pfSense Box (Intel Pentium D 3 GHz - 2 GB RAM), all LANs come all the way down to the box, the modems for the 3 WAN connections sit right next to it too. The limit is the available bandwidth here in Bolivia, 3Mbps ADSL costs around $ 200 (US) per month which equals to the local minimum wage. We have 3 of those connections, serving our Office’s LAN, Client PC LAN and Clients WiFi in my Backpacker Hostel with sometimes up to 120 devices connected to the WiFi… So if you have any further suggestion on where to look (RTFM) how to do some routing so I can shape the traffic between the LANs, I am happy to read any manual you could suggest. Thanks Ben
_______________________________________________ List mailing list [email protected] http://lists.pfsense.org/mailman/listinfo/list
