To begin with, Bandwidth Limiter is not QoS. Bandwidth Limiter limits the bandwidth used by one or more client devices on the network. Bandwidth Limiter does not prioritize one type of traffic over another type. It prioritizes one client device or group of client devices over others.

By contrast, QoS analyzes all traffic and follows rules for prioritizing one type of traffic over another, based on all clients on the network. In a sense, Bandwidth Limiter is a more crude tool, whereas QoS might be considered a little more refined.

Confusingly, Bandwidth Limiter shares a few settings with QoS. When Bandwidth Limiter is enabled, QoS should be disabled, and vice versa. If both are enabled, they will conflict with each other and neither will work.

The Bandwidth Limiter menu is divided into sections. These sections typically include:

• Bandwidth Limiter for LAN (br0)
• Default Class for unlisted MAC / IP's in LAN (br0)
• Default Class for LAN1 (br1)
• Default Class for LAN2 (br2)
• Default Class for LAN3 (br3)

Your menu may have different options, depending on your hardware.

An easy way to learn which clients are “guilty” of using too much bandwidth is to check the IP Traffic/View Graphs menu. There, a pie chart clearly indicates the bandwidth used by each address. If you're not sure whether the guilty client is active now, check the history using the Last 24 Hours, Weekly or Monthly menus.

Enable Limiter: This enables the Bandwidth Limiter function for the main LAN. Rules in each table can be enabled/disabled invidually.

Max Available Download: Here enter the Maximum Available Download speed of the network's Internet connection. This is not literal.

Calculate the number using the following steps:

• Run a minimum of 3 download speed tests, done at different times of day. Record the results.
• Disable QoS when these speed tests are run.
• Ensure no other significant traffic occurs while these tests are run.
• Take the average of these 3 numbers.
• Then take 85% of this number (multiply by 0.85).

The resulting number will be a realistic estimate of your download bandwidth. Doing this increases the chances Bandwidth Limiter works properly.

Max Available Upload: Here you enter the Maximum Available Upload speed of the network's Internet connection. This is not literal.

Calculate the number using the following steps:

• Run a minimum of 3 upload speed tests, done at different times of day. Record the results.
• Disable QoS when these speed tests are run.
• Ensure no other significant traffic occurs while these tests are run.
• Take the average of these 3 numbers.
• Then take 85% of this number (multiply by 0.85).

The resulting number will be a realistic estimate of your upload bandwidth. Using this increases the chances Bandwidth Limiter works properly.

Enable | IP | IP Range | MAC:

Checking the the Enable checkbox enables the rule for that row in the table.

At that point, you can enter enter either:

• The IP address of ONE network client you want to limit.
• A Range of client IP addresses to limit. Use the syntax: “starting address-last octet of ending address“ .
  • For example, enter: 192.168.1.4-7 to cover the range: 192.168.1.4 - 192.168.1.7 .
• The 12-character MAC address of ONE client device you wish to limit.

This field is shared. Only one address type can be entered in a row at a time. See NOTE below.

There's a quicker, easier way to enter individual IP or MAC Addresses. In Device List, click on [bwlimit] for each client you wish to limit. Device List will then take you back to the Bandwidth Limiter menu to enter the settings for the address.

Remember that if you enter client IP addresses, they should be specified using a static IP, or DHCP Reservation. If they're not, the clients might be assigned a different IP address each time. Bandwidth Limiter will not not work with clients whose addresses changed from what you originally configured. Entering MAC addresses instead will avoid that problem. After all, MAC addresses generally don't change.

DLRate: This is the minimum download speed FreshTomato will try to allocate to the client when other clients on the list are also downloading. The total of this column for all clients on the list should not overcome the total “Download Bandwidth.” If the amount exceeds “Download Bandwidth”, the entered data will serve no purpose when all network clients are downloading data.

DLCeil: This is the maximum download speed FreshTomato will allocate to the client when more bandwidth is available. The conditions include when other network clients are off, or using less bandwidth than normal. The less bandwidth they use, the more is available to allocate to the specified clients, especially those categorized as higher priority.

Priority: This sets the position of the bandwidth rule (relative to other clients) in the netfilter module. FreshTomato has five priority settings. The higher the setting, the more preference will be given to that client's allocated bandwidth, relative to other clients. Clients with higher priority settings will also experience lower latency, but only as a side effect of being earlier than other clients in netfilter's priority list.

TCP Limit: This is the maximum number of active connections for this IP address. Limiting active TCP connections is particularly useful for avoiding network saturation due to download utilities, or p2p programs, such as BitTorrent.

UDP Limit: Here, specify the maximum UDP connections that can be opened per second for the specified address. This can be helpful in limiting network saturation due to download utilities, and P2P programs like BitTorrent.

Description: In this optional field you can add a label to the rule in that row (for reference purposes only).

Clients with a compatible static IP address could still gain network access. FreshTomato needs a mechanism to ensure clients not inlcuded in the DHCP Reservation list are also categorized for bandwidth limiting. The Default Class for unlisted MAC / IP's in LAN (br0) function does this. It lets you set the default Class (bandwidth priority) for MAC or IP addresses on the main LAN for clients not listed in the DHCP Reservation table. It will ensure Bandwidth Limiter manages the bandwidth of static clients. These settings apply to the main LAN (bridge 0).

Note that the other sections below (for example, Default Class for unlisted MAC / IP's (LAN1 (br1) with similar names this are analogous to this. The same principles still apply, except to a different (virtual) interface.

Enable: Checking this box enables Bandwidth Limiter.

Download rate: This is the minimum download speed the router will try to allocate to the client while when other clients on the list are also downloading. The total of this column for all clients on the list should not exceed the total “Download Bandwidth.” If the amount exceeds “Download Bandwidth”, the entered data will serve no purpose when all network clients are downloading data.

Download ceil: Download Ceiling is the maximum download speed FreshTomato will allocate to the client when more bandwidth is available. Such conditions include when other network clients are off, or using less bandwidth than normal. The less bandwidth they use, the more becomes available to allocate to the specified clients. This is especially true for those clients categorized with higher priority settings.

Upload rate: This is the minimum upload speed the router will try to allocate to the client when other clients on the list are downloading. The total of this column for all clients on the list should not exceed the total “Upload Bandwidth.” If the amount exceeds “Upload Bandwidth”, the entered data will serve no purpose when all network clients are uploading data.

Upload ceiling: Upload Ceiling is the maximum download speed FreshTomato will allocate to the client when more bandwidth is available. Such conditions include when other clients are off, or using less bandwidth than normal. The less bandwidth they use, the more becomes available to allocate to specified clients. This is especially true for those clients categorized with higher priority settings.

Priority: This sets the position of the bandwidth rule, relative to other clients, in the netfilter module.

FreshTomato has five priority settings:

• Highest
• High
• Normal
• Low
• Lowest

The higher the setting, the more preference will be given to the client's allocated bandwidth, relative to other clients. Higher priority clients will also experience lower latency - a side effect of being earlier in netfilter's priority list.

TCP Limit: This is the maximum number of active TCP connections for this IP address. Limiting active TCP connections can help avoid network saturation due to download utilities or P2P programs, such as BitTorrent.

UDP Limit: Here, specify the maximum UDP connections per second that can be opened for the specified address. This can help limit network saturation due to download utilities or P2P programs like BitTorrent.

As mentioned above, these settings are analogous to the Default Class for LAN0 (br0) section above, but apply to clients on VLAN1 [ also known as LAN1/(bridge 1) ] . The same principles apply here as with the Default Class for LAN (br0) section, but to the LAN known as: LAN1/(br1). These settings will be explained againhere for your convenience.

Clients with a compatible static IP address could still gain network access. FreshTomato needs a mechanism to ensure clients not inlcuded in the DHCP Reservation list are also categorized for bandwidth limiting. The Default Class for unlisted MAC / IP's in LAN (br1) function does this. It lets you set the default Class (bandwidth priority) for MAC or IP addresses on the main LAN for clients not listed in the DHCP Reservation table. It will ensure Bandwidth Limiter manages the bandwidth of static clients. These settings apply to the main LAN (bridge 1).

Enable: Checking this box enables Bandwidth Limiter.

Download rate: This is the minimum download speed the router will try to allocate to the client while when other clients on the list are also downloading. The total of this column for all clients on the list should not exceed the total “Download Bandwidth.” If the amount exceeds “Download Bandwidth”, the entered data will serve no purpose when all network clients are downloading data.

Download ceil: Download Ceiling is the maximum download speed FreshTomato will allocate to the client when more bandwidth is available. Such conditions include when other network clients are off, or using less bandwidth than normal. The less bandwidth they use, the more becomes available to allocate to the specified clients. This is especially true for those clients categorized with higher priority settings.

Upload rate: This is the minimum upload speed the router will try to allocate to the client when other clients on the list are downloading. The total of this column for all clients on the list should not exceed the total “Upload Bandwidth.” If the amount exceeds “Upload Bandwidth”, the entered data will serve no purpose when all network clients are uploading data.

Upload ceiling: Upload Ceiling is the maximum download speed FreshTomato will allocate to the client when more bandwidth is available. Such conditions include when other clients are off, or using less bandwidth than normal. The less bandwidth they use, the more becomes available to allocate to specified clients. This is especially true for those clients categorized with higher priority settings.

Priority: This sets the position of the bandwidth rule, relative to other clients, in the netfilter module.

FreshTomato has five priority settings:

• Highest
• High
• Normal
• Low
• Lowest

The higher the setting, the more preference will be given to the client's allocated bandwidth, relative to other clients. Higher priority clients will also experience lower latency - a side effect of being earlier in netfilter's priority list.

WAN Reboot: Bandwidth Limiter should reboot the WAN interface only when Captive Portal is enabled. However, with releases 2020.8 and earlier, Bandwidth Limiter will reboot the WAN interface even if Captive Portal is disabled. The router will drop the Internet connection until the WAN interface is reinitialized and the WAN connection is renegotiated. This was fixed in release 2022.1.