***Update 2018/09/26 – Although the following information can be effectively used for the purpose of dynamic traffic shaping, it has serious limitations and at times can actually cause overly agressive bandwidth limiting especially when there is a higher number of users (~25+). Please use caution when implementing this solution in a production environment!
How to setup a “fair use” bandwidth limiter for pfSense. What I mean by “fair use” is as follows.
- If there is only one user downloading, give them the full download speed available
- If another user starts to download, then dynamically throttle the existing user and share the bandwidth approximately 50/50
- As other users join in, throttle all connections to provide equal bandwidth to all users.
This example uses pfSense 2.1
- Create a Download Limiter (a Fake Pipe) (name it something like DownloadLimit)
- Set the total Download Bandwidth such as 10 Mbps, enable it and save
- Create a Child Queue under the Download Limiter and name it something like Queue_OUT
- set the Mask “slots” to “Destination addresses”, enable it and save
- Create a Upload Limiter (a Fake Pipe) (name it something like UploadLimit)
- Set the total Upload Bandwidth such as 1 Mbps, enable it and save
- Create a Child Queue under the Upload Limiter and name it something like Queue_IN
- set the Mask “slots” to “Source address”, enable it and save
- Create a new Firewall Rule under LAN
- Action: Pass
- Protocol: TCP/UDP (or any)
- Source: Lan subnet
- Advanced Features -> In/Out: Queue_IN / Queue_OUT
- Save and activate this rule
- Reload the state table by Diagnostics -> States -> Reset States
- Refresh your browser becuase resetting the states kills all existing connections
- Monitor the Limiters or the Traffic Graph to see the new limits in place