QOS over NFTables for an interface

I have Guest VLAN, and want to limit the internet speed for it.
So, every person who connects to the network, their internet speed is immediately limited.

I have installed "Luci qos over nftables",
But the is no options for an interface.
Only for ip address and mac address and traffic priority.

Setting them one by one via ip address and mac address, I think is very ineffective.
And if there is new user, must be added again.

So, is there a way for setup it using interface?

You can probably use CIDR IP address types like 192.168.1.0/24 to define all IP addresses in a interface.

You can also use SQM instead, it works on all networks wan or lan and you define the interface in that config.

You need to examine like piece of cake qos script and set bandwidth with tbf qdisc both ways.
tc qdisc replace dev br-guest root tbf help

If you want to control the upload and download rate, you will need to address the ingress shaping issue, with the traditional solutions being an IFB or a veth pair with selective routing.
sqm-scripts will automatically set up an IFB for you.
Keep in mind that for LAN-directed interfaces the sqm meaning of upload and download flips (not really the meaning stays the same, up- or download from the perspective of the interface, but users typically assume ingress == download direction, and egress == upload direction, but that only is true for WAN-directed interfaces).

Also if you put a shaper on br-lan, that will also shape traffic between LAN and WiFi which might or might not be what you are after.

Last note, cake allows per-IP fairness, that is often configuring the WAN-side cake for this fairness mode makes it hard enough for any device (guest or not) to hog too much capacity. At which point some users consider the isolation to be 'good enough' and move on...

In the end I used sqm qos because it was easier.
But I want to ask, if I use both, is it okay?
So for general I use sqm qos for the interface,
and to whitelist I use qos over nftables using mac address for exluding a client,
will it work?

I think your solution too hard for me, i am a newbie, it seems complicated

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.