Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
Traffic Shaping and aliases
« previous
next »
Print
Pages: [
1
]
Author
Topic: Traffic Shaping and aliases (Read 5400 times)
blc
Newbie
Posts: 3
Karma: 0
Traffic Shaping and aliases
«
on:
April 06, 2021, 10:52:53 am »
Hi
I'm trying to move from pfSense to OpnSense, but apparently i'm using features that noone talks about in here..
So.. This is what i'm used to do when creating rules in pfSense:
- I create an alias, either host based or port based list.
- I create rules to reflect how i want to handle the traffic in relation to this alias list.
- I tag which queue and ackqueue i want this rule to point to.
The end result is that i configure the traffic shaper once, and update rules as necessary.
So far it seems i have to do this in OpnSense as following:
- I create rules for traffic, this supports using aliastables.
- I create traffic shaping Pipes and queues in the same way pfSense has their interface -> pipes
- I create one rule for each of the listings in the aliastable
This makes it both very much work as well as difficult to maintain.
Would it be possible to update this interface to handle aliases when generating rules? Or even better, connect the rule to the queues directly..?
Or is there something i simply misunderstand? Would love to get this working without spending hours adding rules to the traffic shaper.
My Setup:
Over the years i've gone from single wan <-> single lan to various multi wan <-> multi lan setups.
Right now i have single wan (2/3 vpn tunnels to route to) <-> multi vlan lan, and can use this with a 2 port physical setup. Having had speeds from 7/0,7 mbps adsl to 50/50 mbps 4G the need for priority based ruling of traffic is very much still needed.
Logged
bn_
Newbie
Posts: 2
Karma: 0
Re: Traffic Shaping and aliases
«
Reply #1 on:
April 06, 2021, 01:26:48 pm »
Came here checking for the same thing from PF and so far its the only thing that I'm seriously missing are the use of aliases within the traffic shaping rules... as this would make administration of ports / ip's for specific queue's a whole lot easier to administrate.
Logged
blc
Newbie
Posts: 3
Karma: 0
Re: Traffic Shaping and aliases
«
Reply #2 on:
April 07, 2021, 08:27:03 am »
Exactly!
The concept of aliases is genius when making rules work.
It seems to me though, that not many people use traffic shaping any more.. Either it's too much hassle (of which OPN really hasn't helped it along) or not enough people know how much it helps make the internet connection work MUCH better for everyone behind the router/firewall..
Logged
franco
Administrator
Hero Member
Posts: 17570
Karma: 1596
Re: Traffic Shaping and aliases
«
Reply #3 on:
April 07, 2021, 01:32:07 pm »
In pf aliases work in the shaper because the shaper is a part of it. The limiter is not and our shaper the the limiter since 2015.
Glueing together pf and ipfw is difficult. ipfw does not support large tables like pf, especially reading large tables quickly if we can work around compatibility issues between both formats.
Cheers,
Franco
Logged
blc
Newbie
Posts: 3
Karma: 0
Re: Traffic Shaping and aliases
«
Reply #4 on:
April 07, 2021, 03:38:59 pm »
Thanks for reply franco
It gets me thinking though.. instead of seperating the rule creation, how about making the option to add as part of the firewall rules, then handling that addition in a script?
So if the firewall rule has multiple ports, that is spanned into multiple limiter rules..
That would simplify the process somewhat... perhaps?
Logged
bn_
Newbie
Posts: 2
Karma: 0
Re: Traffic Shaping and aliases
«
Reply #5 on:
April 08, 2021, 10:17:36 am »
Thanks for the clarification! :-) Guess I will have to look into put everything into the traffic shaper rules manually. :-)
Logged
matrix73
Newbie
Posts: 6
Karma: 0
Re: Traffic Shaping and aliases
«
Reply #6 on:
September 29, 2021, 12:01:14 pm »
I would like to see also an alias, because you can limit a bunch of computers at once
Logged
Clint.Davis
Newbie
Posts: 2
Karma: 0
Re: Traffic Shaping and aliases
«
Reply #7 on:
December 27, 2021, 01:43:32 pm »
+1
Would be good to at least have the UI enumerate/resolve alias for an easier way to mage rules.
Alias has many good features around eg: external population and refresh of alias.
Then I imagine that some change to an alias category would just retrigger a rulset save action.
Wish I had the skills to help move this forwards.
Logged
e-man74
Newbie
Posts: 1
Karma: 0
Re: Traffic Shaping and aliases
«
Reply #8 on:
August 27, 2023, 05:29:35 pm »
Has there been any headway made on this capability by chance?
I would like to use OPN to shape traffic from Youtube. I found a list of Youtube IP addresses and got them into a alias list, but there is no way to use the Alias list for shaping. I don't want shape based on source as there are other tasks I don't want to slow down that are equally difficult to define by IP.
Lets say 2MB to Youtube but unlimited to Microsoft for O365 and related services. Both are huge lists of IPs for IPV4 alone, but using FQDN can simplify it from the rule standpoint substantially. I understand there are limitations to the underlying components that support shaping.
Thank you!
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
Traffic Shaping and aliases