How to setup a “fair use” bandwidth limiter for pfSense.  What I mean by “fair use” is as follows.

  • If there is only one user downloading, give them the full download speed available
  • If another user starts to download, then dynamically throttle the existing user and share the bandwidth approximately 50/50
  • As other users join in, throttle all connections to provide equal bandwidth to all users.

 

Overview

This example uses pfSense 2.1

  • Create a Download Limiter (a Fake Pipe) (name it something like DownloadLimit)
    • Set the total Download Bandwidth such as 10 Mbps, enable it and save
    • Create a Child Queue under the Download Limiter and name it something like Queue_OUT
      • set the slots to “Destination addresses”, enable it and save
  • Creat a Upload Limiter (a Fake Pipe) (name it something like UploadLimit)
    • Set the total Upload Bandwidth such as 1 Mbps, enable it and save
    • Create a Child Queue under the Upload Limiter and name it something like Queue_IN
      • set the slots to “Source address”, enable it and save
  • Create a new Firewall Rule under LAN
    • Action: Pass
    • Protocol: TCP/UDP (or any)
    • Source: Lan subnet
    • Advanced Features -> In/Out: Queue_IN / Queue_OUT
    • Save and activate this rule
  • Reload the state table by Diagnostics -> States -> Reset States
  • Refresh your browser becuase resetting the states kills all existing connections
  • Monitor the Limiters or the Traffic Graph to see the new limits in place