16
17.1 Legacy Series / [SOLVED] Setup traffic priorization
« on: January 20, 2017, 07:33:13 pm »
Hi,
I've just installed Opnsense on a pcengine APU 2, and I configured my modem in bridge.
I live in the middle of nowhere and I get about 500 Ko/s.
I'm a sysadmin so I basically use ssh for a living, and when anything else is in use in the house (any download, updates ..) ssh becomes unusable. I'd like to setup Opnsense to give ssh priority over everything else.
I tried following the priorization part of this : https://docs.opnsense.org/manual/how-tos/shaper.html
I managed to get something that made ssh a bit better to use, but still not great. Here are the configs I'm at now :
The only thing you can't see in there is the rule for SSH has 22 in dst-port.
What am I doing wrong ? I feel like it's a bit better with this config, but it might be all in my head, it's still pretty horrible to use.
Now I know that using the full 500 Ko/s of my broadband makes the ping skyrocket, so I did try limiting to a lot less (3000 Kbp/s in the pipe screen), but it wasn't any better for my ssh connections.
Thanks !
I've just installed Opnsense on a pcengine APU 2, and I configured my modem in bridge.
I live in the middle of nowhere and I get about 500 Ko/s.
I'm a sysadmin so I basically use ssh for a living, and when anything else is in use in the house (any download, updates ..) ssh becomes unusable. I'd like to setup Opnsense to give ssh priority over everything else.
I tried following the priorization part of this : https://docs.opnsense.org/manual/how-tos/shaper.html
I managed to get something that made ssh a bit better to use, but still not great. Here are the configs I'm at now :
The only thing you can't see in there is the rule for SSH has 22 in dst-port.
What am I doing wrong ? I feel like it's a bit better with this config, but it might be all in my head, it's still pretty horrible to use.
Now I know that using the full 500 Ko/s of my broadband makes the ping skyrocket, so I did try limiting to a lot less (3000 Kbp/s in the pipe screen), but it wasn't any better for my ssh connections.
Thanks !