Pfsense users - how do you prioritise rclone traffic?

Any other pfsense users out there? How do you traffic shape your rclone traffic?

My setup is I use rclone to stream from gdrive and to backup files off my local server. I want to be able to prioritise my rclone traffic but I can't figure out how to include it in my traffic shaping rules.

At the moment I'm just using simple PRIQ shaping and assigning traffic to queues.

How are others tackling this?

You need to be more specific as the shaping would relate to what backend you are using.

What more info do I need to post?

Are you running it all from the same machine?

Are you trying to prioritize the streaming traffic which is download?

Are you trying to shape the upload?

Are you running the upload from the same machine/IP?

Are you hitting a specific issue you are trying to solve now?

What version of rclone are you running?

What's your mount setup now?

if you have a spare IP: use a second dedicated IP address and bind rclone to it. prioritize the said IP in your rules.

1 Like
  • Same Machine - unRAID
  • I'm curious to see what others do, but my priority is streaming - both down and up (to remote users)
  • no (i.e. rclone move)
  • All on unRAID with one external IP available (although can use VPN but shaping gets harder then)
  • No, just want to ensure streaming prioritised in pfsense and want to see what approach others have taken....
  • rclone v1.50.2, os/arch: linux/amd64, go version: go1.13.4

rclone mount --allow-other --buffer-size 256M --dir-cache-time 720h --drive-chunk-size 512M --log-level INFO --vfs-read-chunk-size 128M --vfs-read-chunk-size-limit off --vfs-cache-mode writes tdrive_vfs: /mnt/user/mount_rclone/tdrive_vfs

I don't have access to an external IP address. I have been considering seeing if I can run rclone in a docker so I can assign an internal IP address to it to shape

you can setup your computer with another local ip address on the network card and use this flag
--bind string Local address to bind to for outgoing connections, IPv4, IPv6 or name
and have your router prioritize that local ip address

on windows, it would look like this:

Wireless LAN adapter BUILTIN.WIFI:
Physical Address. . . . . . . . . : D8-F2-CA-55-53-ED
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . :
Subnet Mask . . . . . . . . . . . :
IPv4 Address. . . . . . . . . . . :
Subnet Mask . . . . . . . . . . . :
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . :

1 Like

In my opinion the most important thing for a home connection is not to fill up your upload and download 100%.

If you do you'll be creating queues in the ISP's router and your router which will kill interactivity and blocks ACKs for downloads and generally kills connectivity.

I do this by capping the upload and download at 90% (say) of their maximum rate, and I also prioritise small packets to keep the ACKs flowing through the local queues and to keep interactive sessions low latency.

I do this in my linux gateway box with the script.

I tune it by running a big upload and a big download together and use ping to find the rates where the latency drops back to normal even though you are filling the pipe in both directions.

I imagine you can do exactly the same things with pfsense :slight_smile:


Not sure you need to assign it per se. It depends on what is causing you problems. You can prioritize Google API traffic if you want to go that route.

I do it a little different as I downgrade traffic that would have a chance to fill up my upload so torrents all get downgraded.

That leaves the rest of my pipe for everything else and it's shaped as well. I've never had issues with my traffic but my setup has evolved over time and is very specific for my environment.

I use OPNSense over PFSense as that gives me a bit more out of the box in terms of shaping I can use FQ-Codel which works better for my use case.

It also depends on what bandwidth you are working with too. If your upload is too low, it's hard to shape it. I have gigabit FIOS so it's much easier to create buckets for the traffic.

Thank you @asdffdsa and @seuffert - I didn't realise (although it's obvious now) now that you can create virtual IP addresses.

A quick google and I learnt about ifconfig (I use unRAID but I'm not technical at all) and I created a new IP, bound one of my mounts to it and now I can see the traffic separated out using --bind.

I'm going to create a few more IPs so I can shape my streams, backups and uploads differently.


1 Like

Totally agree and I prioritise my ACKs as well - amazing the difference this makes to traffic

is deprecated. You should use

ip add



1 Like

Thanks - I'm new to this. Updated my scripts.

Update on shaping: working perfectly so far. I've bound my mounts to a high-priority IP and my uploads to a low priority IP, even lower than torrents etc as there's no rush to upload them and over the course of a day my transfer is high enough

Any UBNT users here?

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.