Help with PFSense and Limiting Bandwidth

i have excede Satellite Internet and it limits bandwidth allowed in a month to 10GB, but it also gives me "unmetered" bandwidth between midnight and 5AM. 

I already have my PFSense computer running and am using it for the Squid Caching Proxy to help the bandwidth. 


what i am wanting to be able to do is limit the bandwidth during the 5AM - Midnight to around 20-30Kbps (or even lower) and during the midnight to 5AM unmetered have it unlimited Speed (which tops out around 25Mbps. 

is there a setting for throttling speed?


Under the Firewall -> Rules on the LAN you can create a filtering rule for the subnet.

Under the advance features section of editing a rule, there is and In/Out option for capping bandwidth. (Create these under Firewall->TrafficShaper->Limiter)

There is also the schedule option (create these in Firewall->Schedules) which allows you to make the rules only take effect within the scheduled time.

so far i have a Firewall > Schedules  set up for Mon-Sun   5:00 - 23:59. 

also Firewall > Traffic Shaper > Limiter with a new limiter.  
with Bandwidth > i have Bandwidth Set to 20, Burst Left Blank, Bw Type set to Kbit/s and the schedule set to the one i created above. 


Questions i have:

1. what does the Burst Setting do?  found on FW>TS>Limiter>bandwidth

2. What should the Mask be set to if i am wanting every one to limited to the slower speeds?  found in FW>TS>Limiter>Mask.  currently i have it left alone with none, which i think it should be changed but i do not know to what. 

3. what should i set up in the Firewall> Rules > Lan to? 


i can provide screen shots of what i have so far if it will help. 

Burst speed is like a short data transfer of high bandwidth. Sometimes (for example) You have a 2Mbit download, it can sometimes burst upto a higher value, like 2.5Mbits.

I would set the burst the same as your limit if you are doing this for usage purposes.

A Mask within the limiter doesn't need to be set.

You also require two limiter rules, one for inbound traffic (down) and one for outbound traffic (up). Name them something like InLimit and OutLimit. So they are easy to identify.

Note: Be sure at the top of the limiter setup, to check "Enable limiter and its children" (otherwise you cant use it)

In the LAN section of Firewall  -> Rules click the small + symbol.

Once in there, change your "source" to "LAN Subnet"

Below that in the advance options. Just select your schedule.

For the In/Out. The left box should be the OutLimit and the right the InLimit. (Don't ask me why they are reversed when it says In/Out..... should be Out/In). Save, Apply and test that it is working.

Hope this helps.

 - zanginator

thanks for the help so far, but it still is not working yet.

here is what i got so far and at the bottom is the graph of me opening a 40second Video on youtube.


I do not know if i did any thing wrong :'(

ps. if i would of scrolled down a little more i would of found those advanced features on the firewall rules. 

I can't tell if anything from that image, it is of such a low res. Could you please re-upload it somewhere like imgur.

sorry when i looked at it, i thought it was fine, did not realize that Facebook scaled the image so bad. 

here it is on my oneDrive, i do not have imgur!1244&authkey=!ABI0Q7vwk0IPawQ&v=3&ithint=photo%2c.jpg


ps. if you hit the view folder button on the top right it will have a excel spreadsheet i worked on GPU performance.  you do not have to look if you do not want to. 


Righto, You have the schedule set within both the rule definitions and the limiter setup. It could be conflicting, so remove the schedule rule from within the limiter.

Should fix the issue.

PS. Interesting to see how close the 780 and Titan are to each other

sorry this took so long to get back, i have been changing out an engine on a small backhoe and did not even check this until a little earlier today and just now had time to do any thing with it. 

i have the Firewall > Firewall: Traffic Shaper: Limiter  >bandwidth : Schedule set to none.  i will have to check tomorrow if it works because other people at my house are doing things right now with the un-metered internet connection. 

Question, instead of doing this on the LAN couldn't this be applied to the WAN?  the PFSense box has the Squid cache installed on it could 'instantly' send the cached files while waiting on the limited WAN, just changing the Interface and Source to WAN and WAN Subnet should be all i would need to change. 


PS.  the 780 and Titan are the same GPU so it is expected for gaming for them to be the same (along with the 780Ti and Titan Black).  the difference between the cards is for doing double precision Computing, which is were the titans shines.  


:(  still not working. 

i loaded a 1:40 video on youtube and it fully buffered in about 20 seconds, which by my calculation is about 5MB and would be some were around 250KB/s or 2Mb/s and that is well above the 10Kb/s limit i have