Shaper - minimum bandwith on VLAN, but use all remaining bandwith on other VLANs

HansJ · April 03, 2024, 10:17:24 PM

Hello,

I am a total noob with this, I recently started playing with OPNsense for upgrading my home network.

I got the basic's working and now am trying to get the main reason I got OPNsense in the first place to work,
We have a very slow internet connection (100Mbps down, 40Mbps up VDSL) and want to get the most out of it.

I got one Vlan for our chromecasts with a higher priority and thats working very good, so one problem already fixed,

What I want to do now ;

Give all my different Vlan's a MINIMUM bandwith they "can" use, but always distribute all remaining bandwith to the other VLAN's so nothing gets wasted.

So for instance ;

VLAN 100 gets a minimum of 10Mbps/4Mbps (if it needs it)

VLAN 200 gets a minimum of 5Mbps/2Mbps (if it needs it)

VLAN 300 gets a minimum of 30Mbps/5Mbps (if it needs it)

VLAN 400 gets a minimum of 30Mbps/5Mbps (if it needs it)

All remaining available bandwith can always be used by whatever VLAN requests more (but never so that other VLAN's who need bandwith and are NOT at there minimum yet do not get that.)

I found guides to distribute bandwith evenly on OPNsense,
I found guides to limit bandwith,
but I do not find guides to combine that ??

I do find other posts with the same requests/problems and not really a fix I get to work :(

https://forum.opnsense.org/index.php?topic=22776.msg108503#msg108503
https://forum.opnsense.org/index.php?topic=16181.0
https://forum.opnsense.org/index.php?topic=22776.0
https://forum.opnsense.org/index.php?topic=2068.0

I also found PFsense forum posts where they give a fix for it in 2018 ? (but the naming is to different on OPNsense for me to try that :( )
https://forum.netgate.com/topic/128268/guaranteed-bandwith-to-a-vlan

I am afread I need a real noobs step by step guide to explain to me how exactly to do this,

My hardware config ;
- dedicated hardware with intel N200 and 4 intel 2.5Ghz nics 16GB RAM and Samsung m.2 1TB SSD
- TP-Link Layer 2 smart switch with VLAN support
- TP-link Omada wifi access point with VLAN support
- VDSL modem connected to one port on the router set as WAN
- one LAN connection to the smart switch

- VLAN for the chromecasts with higher VLAN priority
- VLAN for wife's laptop and smartphone
- VLAN for my desktop and smartphone (gamer)
- VLAN for my son's desktop and smartphone (gamer)
- VLAN for my other son's desktop and smartphone (gamer)
- some other VLAN's for IoT and other stuff, but no need to take those in account now, ill work that out later.

I am currently NOT using any protection firewall stuff and rules and blocking yet, I want to get this bandwith thing sorted first, later I will migrate my Ad guard home (now on other server) to the router, start using zenarmour on the OPNsense , get all my arduino's and pi's on there own seperated vlan, get guest wifi, ..... I am defenatly seeing the potential here, but its currently bit over my head :)

Any help would be greatly appreciated.

Founding9371 · April 04, 2024, 04:43:24 PM

I have been looking for something like this but haven't been able to find it. I want all VLAN's to have full capacity when its possible, but assign a guaranteed minimum when the available bandwith is limited.

HansJ · April 04, 2024, 05:36:36 PM

Yes, and I gues it should be possible, apperantly is was possible in some way on Pfsense in 2018 ?
and those other posts have people saying its possible, but im kinda to dumb to replicate the way they do it (and also some things have changed or have been re-named since those posts)

I hope someone knows exactly how to do it and can explain it to me/us :)

HansJ · April 06, 2024, 10:36:13 AM

Anyone that got something like this working that can point me in the right direction ?

any help is much appreciated,

thank you,

Hans

HansJ · April 24, 2024, 06:07:10 PM

Anyone got anymore pointers or tips for me ??

Currently I made one pipe of 100Mbps and than added our 3 gamer VLAN's to it with all 3 a weight of 30 ,
this "kinda" helps a bit, since now than all 3 gamers got about the same priority of data, but still if one goes full out update download , the others still suffer (not as much as without the pipe with the weights)

I am still looking for a way to give different VLAN's a MINIMUM bandwith IF they request it, but the ability to use ALL Bandwith if no other VLAN is using/requesting any bandwith.

Any help is very much appreciated,

HansJ · May 09, 2024, 10:07:41 PM

I still have not found a way to do this :(
(kinda the number one reason I switched to OPNsense :) )

Anyone have any tips to point me in the right direction ?

Seimus · May 12, 2024, 12:44:30 PM

Hm,

I am not sure here if you did as was advised in documentation but.

1. Create a 1 Pipe with the BW you have avaiable
2. Create queues for the dedicated Host/Subnets you want to give the BW, set proper Weights
3. Create rules that will tell which Host/Subnets fall under the specific queue

Important:
A. Dont use FQ_CODEL in those pipes nor queues, as FQ_CODEL ignores weights

or

Use FQ_Codel and let it handle all, but there is no minimum guarantee cause FQ_Codel tries to share resources equally.

https://forum.opnsense.org/index.php?topic=39651.msg194464#msg194464

Regards,
S.

HansJ · May 19, 2024, 02:31:24 PM

Thank you for the repley and the links,

I think im doing it this way, but still not working the way I like it to,
I dont have Codel or anything enabled.

I have a theoretical WAN speed of 100Mbps, I get realy about 95Mbps

I created one download pipe of 95Mbps

than I created a Que with mask set as destination and a weight of 30 on that pipe (not sure about those yet, I suppose it means it will guarantied get 30% of the bandwith if it needs it ?)

than I created rules on all 3 of my vlans setting source and destination to any and using that que with the weight of 30

the way I understand it this should mean that if for instance all 3 vlans are downloading and requesting ALL bandwith, all 3 get 30% + some leftovers of the last available 10% ??

And if only one is downloading, the others should not have affected internet speed (using a little bit just watching youtube for instance) and all remaining bandwith goes to the vlan thats downloading.

However, this is not happening,
With this setup it "is" better as without it, but still if I go full out downloading on my vlan without limits , than my son's youtube stream drops to lowest quality and if he's playing a game he instantly gets the "low bandwith, packet loss crap,...)

I just cant get it to work the way I want and I dont know what im doing wrong :(

I actualy think I might be doing something wrong with the "mask" types ???
Can anyone explain this to me in "dummy" words :)

Seimus · May 23, 2024, 10:47:33 AM

If I understand it correctly,

You created 1 Pipe for 95M and only one Queue weight of 30 in which are all VLANs/Devices?

Regards,
S.

HansJ · May 27, 2024, 02:40:15 PM

Quote from: Seimus on May 23, 2024, 10:47:33 AM
If I understand it correctly,

You created 1 Pipe for 95M and only one Queue weight of 30 in which are all VLANs/Devices?

Regards,
S.

oh, no I actualy created 3 que's in that pipe for all 3 vlan's ,

So I gues this might be my fault !!!!

Thanks alot, I will be trying this out and I will let you know.

Seimus · May 27, 2024, 03:39:26 PM

You should have,

1 Pipe and a separated queue with a weight for each individual host/VLAN you want to allocate BW

This setup can not use CODEL or FQ_Codel AQM. Otherwise weights will not be honored.

https://docs.opnsense.org/manual/how-tos/shaper_limit_per_user.html

Regards,
S.

HansJ · June 01, 2024, 10:37:11 PM

Quote from: Seimus on May 27, 2024, 03:39:26 PM
You should have,

1 Pipe and a separated queue with a weight for each individual host/VLAN you want to allocate BW

This setup can not use CODEL or FQ_Codel AQM. Otherwise weights will not be honored.

https://docs.opnsense.org/manual/how-tos/shaper_limit_per_user.html

Regards,
S.

Ah, that is what I had I think,

I have one pipe of 95Mbps

1 que's with a weight of 30

3 Rules for each VLAN that uses that Que of a weight of 30
No CODEL or anything enabled.

but its not working like that :( :(

Seimus · June 02, 2024, 01:10:27 AM

Yea well you need to separate the specific host/subnets into specific "unique queues" that are binded to the same Pipe.

You have 3 separate host lets say. And you want to give those hosts different BW and guarantees so you need to:

1. Create 1 Pipe
2. Create 3 queues, each host will get 1 of these queues with specific weight
3. Rules that will direct a specific host to a specific queue

Did you try to read thru the documentation? Its pretty good explained there.

P.S. try set the "MASK" per queue not per Pipe, or not at all. Per documentation if you want to use weight based queues prioritization the MASK should be not set
https://docs.opnsense.org/manual/how-tos/shaper_limit_per_user.html#prioritize-using-queues

Regards,
S.

HansJ · June 03, 2024, 07:16:51 PM

Thanks for your continued help with this noob,

I found one error, I only had 1 que and used it for all 3 rules,

I have now 1 pipe with the full available bandwith, (without MASK set)
3 queues with 30 weight (without MASK set)
3 rules , one for each VLAN and each using a different Que

When I download full speed on one VLAN, it looked ok, when I than start a download also on a second VLAN that son's VLAN was also still ok, but my 3th VLAN for the other son got hammered :( (noticed by the screams that he was "going to die" :) :) )

So still dont know what is wrong,

I read the documentation again tho, and the problem is, in that documentation I do NOT find what I actualy need.
All I find there is to set a MAX bandwith per VLAN , I also find the option to set a MINIMUM bandwith per VLAN, but nowhere there I find the ability to set a MINIMUM bandwith per VLAN but also give any VLAN the MAX bandwith if the other VLAN's are NOT using there minimum bandwith :(

and online I only ever found guides to do this specific thing for PFsense and its from years ago and the terminology is not the same on OPNsense today :(

I am stumped, especialy since exactly this is what I wanted to do with OPNsense and is the biggest reason for starting it :) (loving all the other features also afcourse)

any more tips or stuff to try is appreciated.

Seimus · June 03, 2024, 11:04:16 PM

So basically,

now you got into the point where 2 of the 3 VLANs work as expected. But when 3rd VLAN tries to eat its pie it will not get any?

Code Select

also give any VLAN the MAX bandwidth if the other VLAN's are NOT using there minimum bandwidth

This you don't set, you set weights you say how much each of them eats if all eat. If there is BW to spare it should be divided automatically.

Regards,
S.

Shaper - minimum bandwith on VLAN, but use all remaining bandwith on other VLANs

HansJ

April 03, 2024, 10:17:24 PM

Founding9371

April 04, 2024, 04:43:24 PM #1

HansJ

April 04, 2024, 05:36:36 PM #2

HansJ

April 06, 2024, 10:36:13 AM #3

HansJ

April 24, 2024, 06:07:10 PM #4

HansJ

May 09, 2024, 10:07:41 PM #5

Seimus

May 12, 2024, 12:44:30 PM #6

HansJ

May 19, 2024, 02:31:24 PM #7 Last Edit: May 19, 2024, 02:35:59 PM by HansJ

Seimus

May 23, 2024, 10:47:33 AM #8

HansJ

May 27, 2024, 02:40:15 PM #9

Seimus

May 27, 2024, 03:39:26 PM #10

HansJ

June 01, 2024, 10:37:11 PM #11

Seimus

June 02, 2024, 01:10:27 AM #12 Last Edit: June 02, 2024, 01:21:49 AM by Seimus

HansJ

June 03, 2024, 07:16:51 PM #13

Seimus

June 03, 2024, 11:04:16 PM #14