I recently posted the some updated config files for the pfSense QoS box. For those of you who want to read the old post, here is the permalink.
Last time we had a LAN party, we had a small problem. The problem was that folks who legitimately needed HTTP for things like signing into Steam and the TF2 Item Server, were fighting over an HTTP queue that was way full and dropping thousands of packets per second, mostly because a few people had very large download streams going. So I am going to try to solve contention in the subprime queue with a TCP traffic limiter on each IP address that gets a DHCP address. I made 2 rules on the LAN interface for every IP in the range 10.0.0.50-10.0.0.254. If you don’t like that IP range, well then it should be easy enough for you to do a find and replace on the firewall rule config download.
Rule #1 (Disabled by Default): Sad Panda Penalty Box: Limits all traffic from that particular IP address to 200Kbps/100Kbps
Rule #2 TCP Download Ceiling: Limits all TCP traffic from that particular IP address to 500Kbps/250Kbps
With these 410 different rules in place, you ensure that anyone who gets a DHCP address is at individually limited to .5Mbps TCP download speed, which can be controlled with the limiter config. Also, you now have a method of identifying who is sucking up all the bandwidth, and putting them in the bandwidth naughty corner. Check out the embedded Vimeo demonstration for a better look at what’s up.