📘 1. Objective
We have three major outbound traffic types:
| Application | Direction | Max Bandwidth | Priority |
|---|---|---|---|
| Web (HTTP/HTTPS) | Download | 2 Mbps | Medium |
| FTP | Download | 1 Mbps | Low |
| VoIP (SIP + RTP) | Download | 2 Mbps | High |
Goal:
- All traffic shares one WAN interface.
- Total available bandwidth = 5 Mbps.
- Prioritize VoIP > Web > FTP.
⚙️ 2. Configuration Steps
Step 1️⃣ Create Pipes
Navigate to:
Firewall → Traffic Shaper → Pipes
| Name | Bandwidth | Description |
|---|---|---|
| pipe_web | 2 Mbps | Web browsing and downloads |
| pipe_ftp | 1 Mbps | File transfer |
| pipe_voip | 2 Mbps | VoIP traffic |
Step 2️⃣ Create Queues
Firewall → Traffic Shaper → Queues
| Name | Pipe | Weight | Description |
|---|---|---|---|
| q_voip | pipe_voip | 100 | Highest priority |
| q_web | pipe_web | 50 | Medium priority |
| q_ftp | pipe_ftp | 10 | Lowest priority |
Step 3️⃣ Create Rules
Firewall → Traffic Shaper → Rules
| Name | Interface | Direction | Protocol | Port(s) | Queue | Description |
|---|---|---|---|---|---|---|
| rule_voip | WAN | out | UDP | 5060, 10000-20000 | q_voip | SIP + RTP |
| rule_web | WAN | out | TCP | 80, 443 | q_web | HTTP / HTTPS |
| rule_ftp | WAN | out | TCP | 21 | q_ftp | FTP control and data |
After saving, click Apply to activate.
Step 4️⃣ Observe Results
Check:
Firewall → Traffic Shaper → Status
During congestion:
- VoIP flows remain smooth and low latency.
- Web traffic remains responsive.
- FTP sessions slow down gracefully.
| Traffic Type | Available Bandwidth | Priority | Latency |
|---|---|---|---|
| VoIP | 2 Mbps | High | Low |
| Web | 2 Mbps | Medium | Moderate |
| FTP | 1 Mbps | Low | May queue |
✅ 3. Summary
This shaping setup effectively enforces bandwidth fairness and QoS priorities across different traffic classes.
By giving higher weight to time-sensitive VoIP traffic, OPNsense ensures real-time services stay smooth even when total bandwidth is limited.