Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
15.1 Legacy Series
»
Trafic shaper - different pipes for multiple VLANs.
« previous
next »
Print
Pages: [
1
]
Author
Topic: Trafic shaper - different pipes for multiple VLANs. (Read 30042 times)
Martinezio
Newbie
Posts: 44
Karma: 3
Trafic shaper - different pipes for multiple VLANs.
«
on:
June 18, 2015, 04:09:16 pm »
Hi.
Can someone help me to achieve this solution in OPNSense?
Facts:
- OPNSense as main router/firewall installed on VMWare server with two network interfaces: one interface connected to WAN, second to switch as trunk (all vlans allowed);
- one WAN connection (let assume 10Mb, syncro);
- many clients connected via different VLANs (for each vlan is created OPT interface, for example I will use OPT1).
- all devices are connected to switch
- client pays for specified speed of his uplink (ie. 1Mb, synchro).
Goal:
- cut the speed of uplink to this payed by client.
Currently I've done this on m0n0wall using pipes:
- 1 pipe for download, and 1 for upload, both without mask - just set the bandwidth,
- rules are applied by interface - one rule for incomming and one for outgoing - and it works good.
I tried the same solution on OPNSense, but without luck - speed is not limited to pipe, but is using full speed of WAN.
What I'm doing wrong and how can I achieve the same behaviour as in m0n0?
Please, find attached screens with my setup in OPNSense.
Thanks in advance!
Logged
remonboonstra
Newbie
Posts: 16
Karma: 3
Re: Trafic shaper - different pipes for multiple VLANs.
«
Reply #1 on:
June 18, 2015, 04:35:51 pm »
Hi,
Do you have Captive Portal enabled? If so, try disabling it first. There seem to be issues with the combination of these two.
I would also try a single rule;
- IF1: WAN
- IF2: LAN
- Pipe: 1Mbit (target: src)
And try if it limits to 1Mbit.
Good luck - it also took me a while to figure out directions and things like that.
Remon
Logged
Martinezio
Newbie
Posts: 44
Karma: 3
Re: Trafic shaper - different pipes for multiple VLANs.
«
Reply #2 on:
June 18, 2015, 04:55:19 pm »
Thx remonboonstra for Your hints...
I give it a try...
I admit, I tried to enable captive portal, but I had some issues with enabling it (and with deleting profiles - got some errors)... I try to remove all settings and start over (this is my testing environment, so I can destroy it
).
BTW: is it possible to install VMWare Tools on OPNSense?
Perl is already installed, but system is lack of "compat6x_amd64" package from FreeBSD ports.
EDIT:
- deleted all captive portal profiles,
- created single rule with direction set to "both"
- edited pipes to set mask for "destination" and "source"
But still not working... I think there is something broken in pipes implementation
«
Last Edit: June 18, 2015, 05:20:27 pm by Martinezio
»
Logged
franco
Administrator
Hero Member
Posts: 17661
Karma: 1611
Re: Trafic shaper - different pipes for multiple VLANs.
«
Reply #3 on:
June 18, 2015, 05:19:02 pm »
From the console:
# pkg install open-vm-tools-nox11
Logged
Martinezio
Newbie
Posts: 44
Karma: 3
Re: Trafic shaper - different pipes for multiple VLANs.
«
Reply #4 on:
June 18, 2015, 05:22:48 pm »
Franco: thx a lot! This is what I need
Now I can focus on pipes...
Logged
franco
Administrator
Hero Member
Posts: 17661
Karma: 1611
Re: Trafic shaper - different pipes for multiple VLANs.
«
Reply #5 on:
June 18, 2015, 05:26:55 pm »
You are welcome. I just sneaked through the documents, the available packages can be viewed via:
# pkg rquery "%n: %c"
Logged
Martinezio
Newbie
Posts: 44
Karma: 3
Re: Trafic shaper - different pipes for multiple VLANs.
«
Reply #6 on:
June 22, 2015, 05:18:38 pm »
Anyone have an idea, how to solve my problem? Still no luck
Pipes simply doesn't works for me
Logged
jschellevis
Administrator
Full Member
Posts: 156
Karma: 37
Re: Trafic shaper - different pipes for multiple VLANs.
«
Reply #7 on:
June 22, 2015, 05:35:01 pm »
Martinezio, we are currently working on the traffic shaper as there are some issues with it.
However, waht you can do is the following:
create 2 rules for up and download as following:
upload
interface: LAN (or your TEST interface)
direction: in
target: your upload pipe
download
interface: LAN (or your TEST interface)
direction: out
target: your download pipe
This way you wil shape the traffic on the LAN side.
Only downside of this is that all traffic on this interface is shaped, however in your case that should be fine.
Let me know if this works for you.
Shaping on the wan side currently does not work for outbound traffic due to pf/ipfw combination issues, this will probably be solved in 15.7.
Logged
jschellevis
Administrator
Full Member
Posts: 156
Karma: 37
Re: Trafic shaper - different pipes for multiple VLANs.
«
Reply #8 on:
June 22, 2015, 05:50:57 pm »
and another update on this issue..
Ad just compiled a new kernel you can try, this solves the known issue.
install in the cli:
Code:
[Select]
opnsense-update -kr 15.1.12_dummynet
with this kernel you can also shape on the wan side
Let me know how this works out for you.
Logged
Martinezio
Newbie
Posts: 44
Karma: 3
Re: Trafic shaper - different pipes for multiple VLANs.
«
Reply #9 on:
June 25, 2015, 10:24:24 am »
Nope - still the same
Logged
jschellevis
Administrator
Full Member
Posts: 156
Karma: 37
Re: Trafic shaper - different pipes for multiple VLANs.
«
Reply #10 on:
June 25, 2015, 10:26:21 am »
That is strange, did you reboot after installing?
I am pretty sure it does work as I have it on my test system as well and doen a lot of test with it...
Logged
Martinezio
Newbie
Posts: 44
Karma: 3
Re: Trafic shaper - different pipes for multiple VLANs.
«
Reply #11 on:
June 25, 2015, 10:32:37 am »
Yes, of course. I have no ide, why
Such same configuration I'm using in m0n0wall and it works pretty well.
Logged
jschellevis
Administrator
Full Member
Posts: 156
Karma: 37
Re: Trafic shaper - different pipes for multiple VLANs.
«
Reply #12 on:
June 25, 2015, 10:36:41 am »
I can take another look.
you are looking for this, correct?
- one WAN connection (let assume 10Mb, syncro);
- many clients connected via different VLANs (for each vlan is created OPT interface, for example I will use OPT1).
- all devices are connected to switch
- client pays for specified speed of his uplink (ie. 1Mb, synchro).
Goal:
- cut the speed of uplink to this payed by client.
Currently I've done this on m0n0wall using pipes:
- 1 pipe for download, and 1 for upload, both without mask - just set the bandwidth,
- rules are applied by interface - one rule for incomming and one for outgoing - and it works good.
Logged
Martinezio
Newbie
Posts: 44
Karma: 3
Re: Trafic shaper - different pipes for multiple VLANs.
«
Reply #13 on:
June 25, 2015, 02:19:27 pm »
Ok. After extensive work on configuration and sorting out problems we have come to point, that there is an issue with traffic shaper, when You use vmxnet3 drivers in virtual environment of vmWare ESXi server.
After changing NIC to E1000 - router seems to be working as planned.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
15.1 Legacy Series
»
Trafic shaper - different pipes for multiple VLANs.