2020 pfSense 2.4 Limiter Tutorial: Limiting bandwidth per-IP on your network devices

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
hey everybody we're gonna do a pretty short and sweet if you have sense limiter tutorial today I'm just gonna briefly go over how to create limiters and how to sign traffic to those limiters and then test the limiter to make sure that it's working so first thing we can do is have a look at the pfSense documentation provided by net gate this is pretty detailed goes over basically everything you need to know it's very dense but hopefully the steps today will be very short and easy to understand so the next thing I would do is just gather some information about your network connection if you don't already know it you can do this by running a speed test this is one that I ran earlier you can also go to your internet service provider and they may or may not have some information buried on their web page that will give you clues as to what speeds that you should be getting we currently have the NBN tier 100 so basically it's saying download speeds 88 megabits per second upload speeds 20 megabits per second with this little asterisk we're actually getting pretty good speeds as you can see here 87 that goes up into the 90s usually and then 33 this is around usually around 35 or so it never actually gets up to a hundred and a hundred down and forty up as the plan is actually advertised so once you've gathered that information you kind of have an idea of just how much you want to limit your devices on your network so what we want to do next is create the limiter so we can go to firewall and then traffic shaper and then limiters so here what we want to do is create a new limiter make sure this is checked here this has got me a few times as I forget to check enable that and then after I get done doing all the configuration I realized that it's not enabled so what we'll do is we'll create the download limiter first so I'll just set this up so basically the name I'll just say download limit 50 megabits so roughly half of the connection so it dropped this type down 2 megabits and we'll do 50 there so you can scroll this down all this information can stay the same this is where some of the more configurable algorithms and schedulers and everything are located but we're just going to take the defaults so hit save there you don't have to immediately hit apply changes this will queue your changes and then you once you make all your changes you can hit apply there so what we'll do is create a second limiter for our upload again make sure to enable that and then we'll create an upload limit of 10 megabits so we'll again select this 10 megabits there all the default values hit save and then we can go ahead and apply our changes there the next thing we can do here and this is kind of an optional step if you just only want to limit one device but I found that you know I have multiple devices on my network that I want to limit so what we'll do is we'll actually create an alias so you can go into fire wall and then aliases and you want to be on the IP tab here you can create aliases for all sorts of other things here but what we'll do is go ahead and click Add and so in this we'll do speed limited hosts for the name you can name this whatever you like we'll keep it on hosts so this will make an alias for a list of hosts so just to make it easy I'll put the Machine that I'm currently on and we'll go ahead and create that alias it applied there you can see we have the name speed limited hosts and the Machine that I'm on now we can create multiple if you go ahead and hit add host down here you can actually put multiple in there and they will be there so what we want to do now is create our rule to assign traffic to the limiter so we can go to firewall and then rules you want to make sure in this instance that you are on the land tab go ahead and click Add here so you won't pass you want it on the land interface I'm using ipv4 you can use ipv6 if you like we want to select the protocol to be any to catch all protocols in this rule under source we want to select single host or alias this is where you can either put the actual IP address of the ship machine or device or you can but in the alias this can be dynamically populated as soon as you start typing in the the name it will pull out the potential alias and you can just click on it there so you can put a description here I'll just leave that blank for now but you want to click on display advanced or Advanced Options all of this is going to be defaults but we're going to scroll all the way down to input/output pipe now this is where it gets a little interesting as it says here I'll try to explain it a little better it's it's kind of unintuitive the way that it works depending on the interface that you are setting this up on so from the PF sense documentation it says as a note remember that in and out are from the perspective of that interface on the firewall when choosing limiters on the LAN interface out is download and in is upload so if you were on the when interface it would be the opposite so download would be in an upload would be out but since we're configuring this on the LAN interface the end pipe is actually going to be set to upload so this is where the limiters are here you can see the two that we created earlier so we select upload or the end pipe this is in here and this is out over here so for the out pipe we will correct we'll select the download limit and that's pretty much it basically what this is going to do is any packet that is caught by this rule is going to be passed through that limiter so we'll just go ahead and save this here we can see our our newly created rule there you want to have that up toward the top like it says here you know you can drag these to change the order but think of it as all of your packets and everything everything traversing your network actually goes through at least on this inner particular interface of the land will go through top down so it will hit this rule if you have any rule that's above another rule that it it gets actioned on you it might not go to the other any other rule below that so you it's very important to kind of keep your hierarchy here your order so we can go ahead and hit apply there so basically now that we have our limiter setup and we have our rule set up we really just need to check to see if the rule is actually working on the limiter is actually working so how we can do that as a couple different ways one the easiest way is just to run another speed test here so I'll keep this one open and I'll run a second speed test here you so you can see for being limited and you can see we're being limited there as well so you know if you remember we set up a 50 megabit download and we set up a 10 megabit upload so that is working there and you can also test it once you've once you've confirmed that's working you could also go in here and actually disable this rule and apply and once again run your speed test so now we should actually be getting our full bandwidth you it looks like we're back to normal there so that pretty much covers it I know that was very simple there's a there's a lot more that you can do a lot more advanced things you can do that's just the really short and sweet version if there's something I didn't cover or there are any questions that you have just leave a comment and I will try to get to that I plan on doing more of these tutorial videos in the future so there's anything that you want to see if you're curious about pfSense and and how to configure it I like to say it's like the Swiss Army knife of networking there's so much that you can do with it it's it's really open-ended so yeah just let me know and I hope this was helpful I'll see you guys on the next one
Info
Channel: DATApush3r
Views: 9,113
Rating: undefined out of 5
Keywords: pfsense, networking, homelab, router, switch, traffic shaping, traffic shaper, network, computers, home network, tech, technology, server, netgate, opnsense, unifi, qotom, mikrotik, sophos, firewall, openvpn, iptables, fortinet, windows, linux, ubuntu, cisco, pfsense nat, internet, pfsense limiter, pfsense 2.4.4, pfsense 2.4, lag, ping, bandwidth, tutorial, limiter, traffic, internet traffic, pfsense (software), Level1Techs, Level1Linux, LawrenceSystems, Lawrence Systems, Linus Tech Tips
Id: gIvc1qZn5dc
Channel Id: undefined
Length: 10min 53sec (653 seconds)
Published: Sat May 30 2020
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.