That’s good news. I still don’t understand why it was not working before, we are basically doing the same thing. I hope you just had some wrong configuration, but if you had everything right, it would be great if you could find out now what the cause of the problem was so that we can find a fix.
Shaping always works on outbound traffic, so for the upload of LAN clients shaping should be applied to your VyOS’ WAN interface.
Note that, when shaping, it is a good practice to set the maximum bandwidth for the whole link a little bit below the expected maximum, so maybe you could set it to 470mbit instead of the 480mbit I see you got on your test.
Let us know if you need help.
Hi @s.lorente
The solution was working fine for download speed, but I still have an issue with the upload speed when I apply the traffic shapping to the WAN Interface via redirect input interface.
This is my configuration for the upload
set traffic-policy shaper IN bandwidth '500mbit'
set traffic-policy shaper IN class 10 bandwidth '25mbit'
set traffic-policy shaper IN class 10 match VLAN10 ip destination address '192.168.10.0/24'
set traffic-policy shaper IN default bandwidth '1kbit'
set traffic-policy shaper IN default ceiling 100%
set interfaces input ifb0 traffic-policy out IN
set interfaces pppoe pppoe0 redirect ifb0
If I apply a limiter directly to the VLAN10 interface, it’s working.
set traffic-policy limiter IN default bandwidth '500mbit'
set traffic-policy limiter IN class 10 bandwidth '25mbit'
set traffic-policy limiter IN class 10 match VLAN10 ip source address '192.168.10.1/24'
set interfaces ethernet eth4 vif 10 traffic-policy in IN
With a SpeedTest, the upload speed is around 21mbps (Why a difference of 4Mbps?)
Is it a good way to apply the speed limit?
Finally the upload shaping doesn’t seems to work well at all. If I put 110mbit as bandwidth, I get 50 from speedtest.
Is there anything that I did not correctly?
Thanks
This configuration seems to work
set traffic-policy shaper DOWNLOAD bandwidth '400mbit'
set traffic-policy shaper DOWNLOAD class 12 bandwidth '21mbit'
set traffic-policy shaper DOWNLOAD class 12 match VLAN12 ip destination address '192.168.12.0/24'
set traffic-policy shaper DOWNLOAD default bandwidth '400mbit'
set traffic-policy shaper DOWNLOAD default ceiling '100%'
set interfaces ethernet eth1 traffic-policy out DOWNLOAD
set traffic-policy shaper UPLOAD bandwidth '50mbit'
set traffic-policy shaper UPLOAD class 12 bandwidth '11mbit'
set traffic-policy shaper UPLOAD class 12 match VLAN12 ip source address '192.168.12.0/24'
set traffic-policy shaper UPLOAD default bandwidth '50mbit'
set traffic-policy shaper UPLOAD default ceiling '100%'
set interfaces input ifb1 traffic-policy out 'UPLOAD'
set interfaces ethernet eth1 redirect 'ifb1'
eth1 is my LAN interface and all VLANs are on this interface. eth1.10, eth1.11, eth1.12,…
Hi @fegauthier,
What version are you using?
I think you are facing again the same bug, aren’t you?
https://phabricator.vyos.net/T2700
It has not been fixed yet.
I’m using the last rolling version. But the config above seems to work. Do you see any issue that I can encountered with this config?
When defining bandwidth on classes (please consider default as any other class), the total amount of all classes’ bandwidth together should not exceed the bandwidth defined for the link (that is, the bandwidth set on the first line of the policy). VyOS will have a little problem to assign 421mbit when it only has 400mbit for the DOWNLOAD policy. And it will also have another little problem to assign 61mbit when it only has 50mbit for the UPLOAD policy.
Fixing that will make your shaping perform more accurately. For the rest, it looks good.
What if I want to do the following:
WAN Download => 400mbps
WAN Upload => 50mbps
8 VLAN
I want every VLAN to be able to get 60 mpbs download and 10 mpbs upload. I know that 60 * 8 is equal to 480 mbps and it’s over the 400 mbps but the odds that the 8 VLAN use full download bandwidth is not going to happen often.
Is it OK to let the config like this if I want the behavior describe above?
It is not. You should use ceiling for that.
With bandwidth you kind of reserve a share of the link for each class. That kind of reservation comes into play when the link is full of traffic.
With ceiling you set a maximum rate for each class.
I guess you meant mbit when you now wrote mbps, so I’ll keep using mbit.
You could configure 50mbit of bandwidth and 60mbit of ceiling per class. That way each class could easily reach 60mbit, but only 50mbit will be guaranteed.
Ok great! I understand now Thanks!
If I understand well, this config
set traffic-policy shaper DOWNLOAD bandwidth '400mbit'
set traffic-policy shaper DOWNLOAD class 12 ceiling '100%'
set traffic-policy shaper DOWNLOAD class 12 bandwidth '10mbit'
set traffic-policy shaper DOWNLOAD class 12 match VLAN12 ip destination address '192.168.12.0/24'
set traffic-policy shaper DOWNLOAD default bandwidth '390mbit'
set traffic-policy shaper DOWNLOAD default ceiling '100%'
Will guarantee 10mbit to the class 12 but if 300mbit is available, the VLAN will be able to get the 300mbit?
Thanks
Yes, that is correct.
If the link is available (that is, every class’ bandwidth is being met for existing traffic and there is still room for more traffic) then ceiling comes into play.
Another technical question.
If I have load balanced 50/50 dual WAN on eth0 and eth1.
eth0 and eth1 speed is 400 mbit in download each and 50mbit in upload each. How can I achieve QoS like above?
Applying traffic-policy to load-balanced interfaces can be problematic.
I think you are shaping traffic for your LAN users. Instead of applying your policies to WAN, you could apply them to the LAN interface. You would have to adapt directions.
Yes that’s what it does because applying traffic shaping to WAN interface doesn’t work.
All my example above is about traffic shaping VLAN interfaces.
Can you give me a good example of traffic shaping WAN interface with bandwidth and ceiling for a specific LAN ?
I tried with PPPoE WAN and DHCP WAN and it’s doesn’t work at all… No errors by the way when I commit config.
There is my main configuration to traffic shape PPPoE WAN
set traffic-policy shaper UPLOAD bandwidth '500mbit'
set traffic-policy shaper UPLOAD class 10 ceiling '21mbit'
set traffic-policy shaper UPLOAD class 10 bandwidth '10mbit'
set traffic-policy shaper UPLOAD class 10 match VLAN10 ip source address '192.168.10.0/24'
set traffic-policy shaper UPLOAD default bandwidth '490mbit'
set traffic-policy shaper UPLOAD default ceiling '100%'
set traffic-policy shaper DOWNLOAD bandwidth '600mbit'
set traffic-policy shaper DOWNLOAD class 10 bandwidth '10mbit'
set traffic-policy shaper DOWNLOAD class 10 ceiling '21mbit'
set traffic-policy shaper DOWNLOAD class 10 match VLAN10 ip destination address '192.168.10.0/24'
set traffic-policy shaper DOWNLOAD default bandwidth '590mbit'
set traffic-policy shaper DOWNLOAD default ceiling '100%'
set interfaces input ifb1 traffic-policy out 'UPLOAD'
set interfaces pppoe pppoe0 redirect 'ifb1'
set interfaces pppoe pppoe0 traffic-policy out 'DOWNLOAD'
Absolutely nothing is shaped…
Your UPLOAD policy does not work because of the mentioned bug.
And your DOWNLOAD policy does not work because you are trying to match as destination addresses your private addresses on the outbound traffic.
So What is the best way actually to limit only WAN speed and not LAN speed? I think that what i’ve done above limit LAN network too.
Can you give me a good example of traffic shaping WAN interface with bandwidth and ceiling for a specific LAN ?
Take this example, being WAN interface eth1:
set traffic-policy shaper UPLOAD class 12 bandwidth '12%'
set traffic-policy shaper UPLOAD class 12 ceiling '10mbit'
set traffic-policy shaper UPLOAD class 12 match VLAN12 ip source address '192.168.12.0/24'
set traffic-policy shaper UPLOAD default bandwidth '1kbit'
set traffic-policy shaper UPLOAD default ceiling '100%'
set traffic-policy shaper UPLOAD default priority '7'
set interfaces ethernet eth1 traffic-policy out UPLOAD
set traffic-policy shaper DOWNLOAD bandwidth '400mbit'
set traffic-policy shaper DOWNLOAD class 12 bandwidth '12%'
set traffic-policy shaper DOWNLOAD class 12 ceiling '60mbit'
set traffic-policy shaper DOWNLOAD class 12 match VLAN12 ip destination address '192.168.12.0/24'
set traffic-policy shaper DOWNLOAD default bandwidth '1kbit'
set traffic-policy shaper DOWNLOAD default ceiling '100%'
set traffic-policy shaper DOWNLOAD default priority '7'
set interfaces ethernet eth1 redirect 'ifb1'
set interfaces input ifb1 traffic-policy out 'DOWNLOAD'