The pfSense Store

Author Topic: Disable Traffic Shaping between LAN/DMZ  (Read 3016 times)

0 Members and 1 Guest are viewing this topic.

Offline mete

  • Newbie
  • *
  • Posts: 10
  • Karma: +0/-0
    • View Profile
Disable Traffic Shaping between LAN/DMZ
« on: September 24, 2011, 06:58:03 pm »
Hello world

I used the traffic shaper wizzard from 2.0-RELEASE (i386). As wizzard I've chosen "single WAN multi LAN".
I haven't modded anything after the wizzard, but all traffic from LAN to DMZ and from DMZ to LAN is shaped... That's very bad... How can I disable all shaping thing between LAN/DMZ?

Here are my rules (generated by the wizzard):


Greetings from switzerland
Mete

Offline mete

  • Newbie
  • *
  • Posts: 10
  • Karma: +0/-0
    • View Profile
Re: Disable Traffic Shaping between LAN/DMZ
« Reply #1 on: September 28, 2011, 01:49:11 pm »
Is this such a difficult question that not one has an idea?

Offline mete

  • Newbie
  • *
  • Posts: 10
  • Karma: +0/-0
    • View Profile
Re: Disable Traffic Shaping between LAN/DMZ
« Reply #2 on: October 04, 2011, 11:26:36 am »
Isn't it possible?? omg...

Offline Metu69salemi

  • Hero Member
  • *****
  • Posts: 1564
  • Karma: +0/-0
    • View Profile
Re: Disable Traffic Shaping between LAN/DMZ
« Reply #3 on: October 04, 2011, 02:38:48 pm »
It might be doable if you change all those floating rules to wan rules. then it doesn't "hit" on any trafic. But not sure

Offline dhatz

  • Hero Member
  • *****
  • Posts: 1002
  • Karma: +0/-0
    • View Profile
Re: Disable Traffic Shaping between LAN/DMZ
« Reply #4 on: October 04, 2011, 03:08:28 pm »
Have you considered adding a floating-tab rule LAN->DMZ, with the "quick" option checked, at/near the top, without queuing options?


Offline Liath.WW

  • Full Member
  • ***
  • Posts: 124
  • Karma: +0/-0
    • View Profile
Re: Disable Traffic Shaping between LAN/DMZ
« Reply #5 on: October 07, 2011, 12:19:07 am »
Have you considered adding a floating-tab rule LAN->DMZ, with the "quick" option checked, at/near the top, without queuing options?

I think that it would then just go straight to the default queue, as any traffic not assigned directly ends up there.

The best bet that I know of is to make nested queues, similar to how the traffic shaper wizard does it if you use one particular wizard -- think it was the single wan/mutli-lan wizard.

Can't recall if it used the limiter thing and made pipes, or if it was some other method, but it's worth a try to run the wizards until you find the one that makes nested queues.

Offline dreamslacker

  • Hero Member
  • *****
  • Posts: 808
  • Karma: +0/-0
    • View Profile
Re: Disable Traffic Shaping between LAN/DMZ
« Reply #6 on: October 07, 2011, 03:01:40 am »
You need to raise the root queues bandwidth the to that of the connection bandwidth.  You will also need to set the upperlimits for actual internet traffic in the child queues accordingly.

Then create aliases for each of the interfaces going to the others.

i.e.  Alias LAN_to_TUN and add the TUN subnets into the Alias.

Then add a shaper rule so that all traffic from LAN to LAN_to_TUN alias destinations are forwarded to the root queues instead.

Offline mete

  • Newbie
  • *
  • Posts: 10
  • Karma: +0/-0
    • View Profile
Re: Disable Traffic Shaping between LAN/DMZ
« Reply #7 on: October 07, 2011, 11:06:59 am »
You need to raise the root queues bandwidth the to that of the connection bandwidth.  You will also need to set the upperlimits for actual internet traffic in the child queues accordingly.

Then create aliases for each of the interfaces going to the others.

i.e.  Alias LAN_to_TUN and add the TUN subnets into the Alias.

Then add a shaper rule so that all traffic from LAN to LAN_to_TUN alias destinations are forwarded to the root queues instead.

Hi

Thanks for your description.
So is it right, that I need to do that all by hand, because the "single wan, multi lan" wizzard isn't working correctly?

Thanks
Mete

Offline dreamslacker

  • Hero Member
  • *****
  • Posts: 808
  • Karma: +0/-0
    • View Profile
Re: Disable Traffic Shaping between LAN/DMZ
« Reply #8 on: October 10, 2011, 01:53:55 am »
Hi

Thanks for your description.
So is it right, that I need to do that all by hand, because the "single wan, multi lan" wizzard isn't working correctly?

Thanks
Mete

Yes, by hand since the default shaper wizards are more for actual shaping for LAN->WAN traffic.

You do need to add rules manually for each interface to the other interfaces and place them above the default rule though.

Offline cougarmaster

  • Jr. Member
  • **
  • Posts: 84
  • Karma: +0/-0
    • View Profile
Re: Disable Traffic Shaping between LAN/DMZ
« Reply #9 on: October 27, 2011, 10:06:25 am »
Hi Mete,

    Is it possible to show how you have it setup with screen shot preferably. It would help others too.

Tks
Eric