To begin with, Bandwidth Limiter is not QoS. Bandwidth Limiter limits the bandwidth used by one or more client devices on the network. Bandwidth Limiter does not prioritize one type of traffic over another type. It prioritizes one client device or group of client devices over others.

By contrast, QoS analyzes all traffic and follows rules for prioritizing one type of traffic over another, based on all clients on the network. In a sense, Bandwidth Limiter is a more crude tool, whereas QoS might be considered a little more refined.

Confusingly, Bandwidth Limiter shares a few settings with QoS. When Bandwidth Limiter is enabled, QoS should be disabled, and vice versa. If both are enabled, they will conflict with each other and neither will work.

Bandwidth Limiter may not work if you enable some IPv6 service types that use tunelling, such as 6in4. Their encryption is incompatible with Bandwidth Limiter.

The Bandwidth Limiter menu is divided into sections, including:

• Bandwidth Limiter for LAN (br0)
• Default Class for unlisted MAC / IP's in LAN (br0)
• Default Class for LAN1 (br1)
• Default Class for LAN2 (br2)
• Default Class for LAN3 (br3)

Your menu may have different options, depending on the hardware.

An easy way to find the “guilty” clients using too much bandwidth is to check the IP Traffic/View Graphs menu. There, a pie chart clearly indicates the bandwidth used by each address. If you're unsure whether the guilty client is active now, check its history using the Last 24 Hours, Weekly or Monthly menus.

Enable Limiter: Enables Bandwidth Limiter for the main LAN. Rules in each table can be enabled/disabled individually.

Max Available Download: The Maximum Available Download speed of the network's Internet connection.

This is not literal. Calculate it using these steps:

• Run a minimum of 3 download speed tests, at different times of day.
  Record the results.
• Disable QoS when these speed tests are run.
• Ensure there is no other significant traffic when these tests are run.
• Take the average of these 3 numbers.
• Then take 85% of this number (multiply by 0.85).

The result is a realistic download bandwidth estimate. Using it makes it more likely Bandwidth Limiter works properly.

Max Available Upload: enter the Maximum Available Upload speed of the network's Internet connection.

This isn't literal. Calculate it using using these steps:

• Disable QoS or other QoS-related functions.
• Run a minimum of 3 upload speed tests, at different times of day.
  Record the results.
• Ensure there is no other significant traffic when these tests are run.
• Calculate the average of these 3 numbers.
• Then take 85% of this number (multiply by 0.85).

The result is a realistic upload bandwidth estimate. Using it makes Bandwidth Limiter more likely to work well.

Enable | IP | IP Range | MAC:

Checking the Enable checkbox enables the rule for that row in the table.

At that point, you can enter enter either:

• The IP address of ONE network client you want to limit.
• A Range of client IP addresses to limit.
  Use syntax: “starting address-last octet of ending address“.
  • For example, enter: “192.168.1.4-7” will cover the range:
    “192.168.1.4 - 192.168.1.7” .
• The MAC address of ONE client device you wish to limit.

This field is shared. You can only enter one address in a row at a time. See NOTE below.

There's a quicker, easier way to enter individual IP/MAC Addresses. In Device List, click on [bwlimit] for each client to limit. You'll then be taken back to the Bandwidth Limiter menu to enter settings for that address.

IP addresses entered should be specified using a static IP, or DHCP Reservation. If you don't, clients might be assigned a different IP address each time. Bandwidth Limiter won't not work with clients whose addresses changed from what you first configured. Entering MAC addresses instead will avoid that problem, since generally, they don't change.

DLRate: The minimum download speed the router tries to allocate to a client when other listed clients are downloading.

The total of this column for all clients on the list should not surpass the total “Download Bandwidth.” If the amount exceeds “Download Bandwidth”, the entered data will serve no purpose when all network clients are downloading data.

DLCeil: The maximum download speed FreshTomato will allocate to the client when more bandwidth is available.

The conditions include when other network clients are off, or using less bandwidth than normal. The less bandwidth they use, the more is available to allocate to the specified clients, especially those categorized as higher priority.

Priority: Sets the position of the bandwidth rule (relative to other clients) in the netfilter module.

FreshTomato has five priority settings. The higher the setting, the more preference will be given to that client's allocated bandwidth, relative to other clients. Clients with higher priority will also experience lower latency, but only as a side effect of being earlier than other clients in netfilter's priority list.

TCP Limit: The maximum number of active connections for this address.

Limiting active TCP connections is useful for avoiding network saturation due to download utilities, or p2p programs (BitTorrent).

UDP Limit: The maximum UDP connections that can be opened per second for the specified address.

This can help limit network saturation due to download utilities, or P2P programs like BitTorrent.

Description: An optional field in where you can add a label to the rule in that row (for reference purposes only).

Clients with a compatible static IP address could still gain network access. FreshTomato needs a mechanism to ensure clients not included in the DHCP Reservation list are also categorized for bandwidth limiting. The Default Class for unlisted MAC / IP's in LAN (br0) function does this.

It lets you set the default Class (bandwidth priority) for MAC/IP addresses on the main LAN for clients not listed in the DHCP Reservation table. It will ensure Bandwidth Limiter manages the bandwidth of static clients. These settings apply to the main LAN (bridge 0).

Note that the other sections below (such as Default Class for unlisted MAC / IP's (LAN1 (br1) with similar names are analogous to this. The same principles apply, except to a different (virtual) interface.

Enable: Enables Bandwidth Limiter.

Download rate: The minimum download speed the router tries to allocate to a client when other clients on the list are also downloading.

The column total for all clients on the list shouldn't exceed total “Download Bandwidth.” If the amount exceeds “Download Bandwidth”, data entered will serve no purpose when all network clients are downloading data.

Download ceil: The maximum download speed FreshTomato will allocate to the client when more bandwidth is available.

This includes when other network clients are off, or using less bandwidth than normal. The less bandwidth they use, the more becomes available to allocate to the specified clients. This is especially true for those clients categorized with higher priority settings.

Upload rate: The minimum upload speed the router tries to allocate to the client when other clients on the list are downloading.

The total of this column for all clients on the list should not exceed the total “Upload Bandwidth.” If the amount exceeds “Upload Bandwidth”, the data entered will serve no purpose when all network clients are uploading data.

Upload ceiling: The maximum download speed FreshTomato will allocate to the client when more bandwidth is available.

This includes when other clients are off, or using less bandwidth than normal. The less bandwidth they use, the more becomes available to allocate to specified clients. This is especially true for clients categorized with a higher priority.

Priority: Sets the position of the bandwidth rule, relative to other clients in the netfilter module.

FreshTomato has five priority settings:

• Highest
• High
• Normal
• Low
• Lowest

The higher the setting, the more preference is given to the client's allocated bandwidth, relative to other clients. Higher priority clients will also experience lower latency - a side effect of being earlier in netfilter's priority list.

TCP Limit: The maximum number of active TCP connections for this address.

Limiting active TCP connections can help avoid network saturation due to download utilities or P2P programs, like BitTorrent.

UDP Limit: The maximum UDP connections per second that can be opened for the specified address.

This can help limit network saturation due to download utilities or P2P programs like BitTorrent.

As said above, settings here are analogous to the Default Class for LAN0 (br0) section above, but instead apply to clients on VLAN1 [ also known as LAN1/(bridge 1) ] .

The same principles apply here as with the Default Class for LAN (br0) section, but to the LAN known as: LAN1/(br1). These settings will be explained again here for your convenience.

Clients with a compatible static IP could still gain network access. FreshTomato needs a way to ensure clients not inlcuded in the DHCP Reservation list are also categorized for bandwidth limiting. The Default Class for unlisted MAC / IP's in LAN (br1) function does this. It lets you set the default Class (bandwidth priority) for MAC or IP addresses on the main LAN for clients not listed in the DHCP Reservation table. It will ensure Bandwidth Limiter manages the bandwidth of static clients. These settings apply to the main LAN (bridge 1).

Enable: Checking this box enables Bandwidth Limiter.

Download rate: The minimum download speed the router tries to allocate to a client when other listed clients are also downloading.

The column total for all clients on the list should not exceed total “Download Bandwidth.” If the amount exceeds “Download Bandwidth”, the entered data will serve no purpose when all network clients are downloading data.

Download ceil: The maximum download speed FreshTomato allocates to the client when more bandwidth is available.

Such conditions include when other network clients are off, or using less bandwidth than normal. The less bandwidth they use, the more becomes available to allocate to the specified clients. This is especially true for clients categorized with a higher priority.

Upload rate: The minimum upload speed the router tries to allocate to a client when other listed clients are downloading.

The column total for all clients on the list should not exceed the total “Upload Bandwidth.” If the amount exceeds “Upload Bandwidth”, the entered data will serve no purpose when all network clients are uploading data.

Upload ceiling: Te maximum download speed FreshTomato allocates to the client when more bandwidth is available.

Such conditions include when other clients are off, or using less bandwidth than normal. The less bandwidth they use, the more becomes available to allocate to specified clients. This is especially true for those clients categorized with higher priority settings.

Priority: Sets the position of the bandwidth rule, relative to other clients, in the netfilter module.

FreshTomato has 5 priority settings:

• Highest
• High
• Normal
• Low
• Lowest

The higher the setting, the more preference is given to the client's allocated bandwidth, relative to others. Higher priority clients will also experience lower latency - a side effect of being earlier in netfilter's priority list.

• With Bandwidth Limiter enabled, QoS should be disabled, and vice versa. If both are enabled, they will conflict and neither will work.
• Bandwidth Limiter won't work if you some IPv6 service types enabled, such as 6in4. They use tunneling protocols, incompatible with Bandwidth Limiter.
• Bandwidth Limiter should reboot the WAN interface only when Captive Portal is enabled. However, with releases 2020.8 and earlier, Bandwidth Limiter rebooted the WAN interface even with Captive Portal disabled. The router dropped the Internet connection until the WAN interface was reinitialized and the WAN connection renegotiated. This problem was fixed in release 2022.1.