Interesting reading. I have a nominal 150/20 line with Comcast and a DOCSIS 3.0 modem (Netgear CM600/Broadcom chipset). FWIW, I setup my limiters according to the pfSense doc, left the Queue Length blank and ECN checked and get this result on a Sunday evening when things should be pretty busy. Not really sure why the "Gaming" category would warn, as it's often A+/A+. ¯_(ツ)_/¯

Anyway, seems to work pretty well and just posting this should it help anyone with a similar setup.

03755792-2b1c-4048-9b98-a62fedcbbb6e-image.png

@HLPPC

I appreciate the responses here but I am still kind of lost on finding a solution. Please allow me to rephrase the question and scenario.

My Switch is set to Trust DSCP, my clients properly tag DSCP values to packets like Zoom & Teams etc. On the PFSense side I have Codel Limiters in place to combat bufferbloat and those are working nicely see below.

What I would like to do achieve next is some kind of simple rule that simply tells PFSense to Trust DSCP, aka prioritize the packets accordingly if there is a DSCP value, i.e. DSCP Value 46 would get high priority. I would rather not have to create a rule for every single DSCP value, is there any way to plug an play this. Much like when one configures a CISCO switch and issue AUTO QOS and all the DSCP value and queues get populated for you. Keep in mind the solution has to also be compatible with the existing Codel lmiiter.

169af373-b621-4150-abed-cf649da37784-image.png

@georgeberz said in ISP oversold my bandwidth I need to shape VOIP:

@Mission-Ghost I live on an Island covered w trees I am surrounded by 80-100' trees no clear line of site. thank you though I have tried. :)

Frustrating. Maybe put up a tower? Given the difference in our lives between DSL and Starlink, I think it'd be TOTALLY worth it to put up a tower.

For added detail, I use PRIQ shaping. Works well.

@ViciousXUSMC

Thank you for your post.
Yes, please do share. I really look forward to reading it, if you do decide to post a new thread.

@Fry-kun said in Queues show NaN values, why?:

] || 0);

Thanks for this! Setting up HFSC is not quick and easy on 7 WAN connections.

Working fine!

@RN222 Okay, I know the SANS guide says to make these rules "quick" but as far as I know, they actually do not work when they're quick. I'm not sure if that was considered a bug, and/or if it still applies, but it was definitely true at one point. And My floating rules that assign traffic to limiter queues are just normal floating rules (i.e. not quick). Mine are also match rules, not pass, which I also believed was necessary at least at one point.

So I would advise that you first make all four of these rules "normal" (i.e. non-quick) floating rules. And if that still does not work, try making them all match rules as well.

Using just the conservative setting for the firewall and giving the ip phone static ports, has always worked for me. You should not have to change TCP/UDP settings specifcally. Just the firewall optimaztion. see the pic for the detales of the differances.

Screenshot from 2025-01-07 07-22-08.png

@Mission-Ghost never mind...I just found:

https://forum.netgate.com/topic/195386/after-update-4200-to-24-11-queues-status-page-no-longer-works/7

Apparently it's a bug that turned up in beta and has a redmine ticket. From the topic cited, there's a method to check that it's working. I'll do that.

@bipton said in The traffic download limit only applies half of what I give it. why?:

rules used default gateway

There is this, scheduled for 2.8...?

https://redmine.pfsense.org/issues/14854
"...if the gateway is left to default the limiter works as expected but if a specific gateway or a gateway group is specified the limiter [drops by half]."

Same Report...
I am sure it would be a bug.
The only temporary fix I did is to Increase twice the value and add +2 to be sure...