QoS missunderstanding of limiting bandwidth usage?


I use a QoS rule to limit the max upload bandwidth usage for our vpn connections.
For this i have a rule with a limited upload speed and the VPN ports for IPSec and OpenVPN.

The tunnels are working fine but what i can see is that if our backup is running over the IPSec connection, it uses the max bandwidth and is not detected as VPN traffic in the upload rule.

We have a 40Mbit/s Upload connection and my limit is set to 32000 in the config.

My questions:

  • Where is my missunderstanding in QoS rules/traffic handling and VPN?
  • Do I have to create additional rules for every single service and if yes how does QoS know how to handle the same service for different rules? → Then i have to limit every possible service for the VPN connections with a own rule …

Thanks for your ideas and hints



Good morning,

as I wrote in
qos bandwidth limiting question
do i have a problem with the QoS detection of VPN traffic.
In my mind the QoS was working with this traffic correct in the past so i checked the backup if something changed on my configuration and nothing changed.

For your understanding.
We have a backup system in another serverroom which backups the local data over the ipsec vpn connection. To avoid problems with local processes we limited the max usage of the out bandwidth to 75% (30 from 40Mbit/s).
Here the graph from the last day:

If i look into the past then I can see that this works correct until ~ dec last year

So I think something changed with Release 161 what brings Ipfire to misdetect VPN traffic as webtraffic.

Edit VPN rules:

Can someone give me a hint how to solve this and how to bring QoS to work as expected?