Archive > 15.1 Legacy Series

Captive Portal Per User Bandwidth limiter

(1/3) > >>

remonboonstra:
Hi all,

comming from m0n0wall, I would like to enable Per-User Bandwidth limitation for Captive Portal Users.

Any way to achieve this in OpnSense?
Can't find any documentation on Traffic Shaping in OpnSense, making it hard to figure out.

If it's not possible I might need to switch to pfSense :(

thanks,

Remon

jschellevis:
@remonboonstra and all who are searching for more information on the newly implemented traffic shaper..

Yes you can, but it work different as the feature is not tied to the Captive portal functionality.

Here is what you can do:

(TIP: For larger version of the images just see the attachments and click or download)

Assumptions
interface conntected to the internet is called: WAN
interface connetced to your captive portal is: LAN
we want to limit the traffic passing between LAN/WAN to 1Mbps per user

STEP 1
Open the Trafficshaper page located at Firewall->Trafficshaper


STEP 2
Now add a pipe by clicking on the icon below the tabel.
2a to see all options and help toggel the button on top of the edit dialog (advanced mode and full help)
2b enter the required user bandwidth, we choose 1 here
2c as bandwidth metric we will use Mbit/s
2d as we want each user to get 1Mbps we need to mask the traffic based on the source
2e enter a description so you know what it is



STEP 3
3a select to the tab Rules
3b click on the icon below the table to add a new rule
3c Enter a sequence (per example choose 1 here)
3d select the interface connect to internet ( WAN )
3e select the interface 2 to match only traffic going between the captive portal an the wan ( LAN )
3f select the target (the pipe we just created)
3g enter a description and save



STEP 4
Apply the new configuration by pressing apply



Done!, now you have limited the traffic on a per user base to 1Mbps

remonboonstra:
Wow!

What great that you replied that complete. I will take a look at it as soon as I get a change and reply if it works as expected!

Thank you!

Remon

jschellevis:
You are welcome  :)

Looking forward to your feedback.

remonboonstra:
Hi,

tested it, it works. But to be honest it is not as obvious to configure as I expected.

I wanted to limit download on 2Mbit, and upload on 300Kbit.
created 2 pipes -> clear, no doubt about that.

The rules tab:
- interface1, interface2
- source, destination
- direction (in, out)

all being the same in some point, I got lost there getting the above fixed.
solution I used now:

rule1
- interface1: LAN
- source: 192.168.x.x/24
- direction: both
- target: 300kbit pipe

rule2
- interface1: LAN
- destination: 192.168.x.x/24
- direction: both
- target: 2mbit pipe

(advantage: I got multiple WAN ports, so I only need a single entry here).

Is this correctly configured? If so we can close this post.

I will create another related to this (sharing total bandwidth equally).

Thanks for the help!

Remon

Navigation

[0] Message Index

[#] Next page