Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - masgo

#1
I found a solution.
a) create a pipe.
bw: 250 kbit/s
Mask: source

b) create a rule
interface: the corresponding interface
source: any.
destication: the host (192.168.200.50)
target: the pipe from (a)

Since there are multiple VLANs locally, where BW is not an issue, I actually used an inverted entry for "source" to exclude all local networks.
#2
I am using OPNsense 19.7.2 and would like to limit the traffic of one specific host (192.168.200.50) within my LAN. This host connects to multiple destinations via WEB or VPN and downloads things from there. I want to limit the traffic it produces at each destination to 250 kbit/s. The reason is that otherwise the host could saturate the available bandwidth at the destination and I can not enforce the limit at the destination.

Example:
if it connects to 192.168.1.1, 192.168.1.2, 192.168.2.1 and 192.168.2.2 the traffic at each of these nodes should be 250 kbit/s for a total traffic of 1000 kbit/s at 192.168.200.50.

Bonus:
This host shares the internet connection with other hosts. It would be great if it's traffic could get the lowest priority possible (whild still enforcing the limit above).
#3
Hi,
I am planning an OPNsense installation and I am not completley sure whats the best way to go.

From what I have read so far, installing the nano image on an SD card gives me a (mostly) read-only installation with a lot of Stuff in RAM. Are there any other relevant differences?

Also, I could put an SSD into the OPNsense server. Obviously I could install OPNsense there, but I like the idea of having a read-only installation. So, is there a possibility to use the nano install and make the logs and RRDs go to the disk?

Also, how about using a cheap HDD for the logs and RRDs. From what I have read, the disk performance is irrelevant as long as I am not using a proxy server. Am I right?


If I go for the SD card install: is it possible to do a kind of "safe" upgrade? Something like: backup everything to a USB drive (which could serve as a replacement for the SD) and then upgrade?

As a background information: I plan to use a HP Microserver Gen 8 with an additional HP NC364T 4x Gigabit NIC as Hardware.