@akuma1x many many thanks for your help :) I'm a newbie and users support its very useful in my case. I will take a look at th delinks you provided and I will try.

Just found another issue related to DSCP rules. It seems that the rule will match TOS value instead of DSCP value. For example, I originally set CS1 (DSCP value 8, equal to TOS value 32) in the rule, right now I need to set to CS4 instead to match the packet with DSCP value 8 (TOS value 32)

So I know now that it is not solved. It might not be dropping pings during speed tests but tracroute output still doesn't make sense. So I'm going back to having fq_codel limiter on LAN in.

@sotirone I'd say if it's working then roll with it. :) Besides the traffic graph, Diagnostics/Limiter Info should show the relevant info. The router we have with limiters doesn't have floating rules, we have them on LAN to capture the outbound connections from certain IPs.

@steveits it worked. Thanks for the help. [image: 1644624171006-screenshot_20220211-190050.png]

@serbus Hi John, since I cannot delete the limiter right now, I would try to "delete" it within the XML file. I will be on-site on Friday and give it a try... Has anyone else any other suggestions?

I've partially discovered a solution more elegant than using Bash & SED to edit config.xml directly. instead, I created files in /etc/phpshellsessions called 'throttleon' and 'throttleoff'. Contents: require_once("config.inc"); require_once("filter.inc"); global $config; parse_config(true); $config['filter']['rule']['0']['disabled'] = false; write_config("throttleon"); throttleoff is exactly the same, but 'disabled' = true; instead. I checked in the shell first to get the index of the rule i wanted to enable ( and it's rule '0', so that is why it's referenced in the code above ). These can now be called via pfSsh.php playback throttleon ( or off ). Interestingly, I tried to use the pfsense PHP shell record feature to do this, but it just created 0 byte files for some reason ( even though the commands in the session worked fine ). It seems I don't need to call rc.filter_configure either, as playing back these files updates the rule enable/disable status ( maybe a feature of the shell? )

@ads76 entirely coincidental but I'm glad it helped you too.

By coincidence, this post resurfaced just 3 hours after I posted this. It appears to be the same issue. I just had to fudge my bandwidth allocations on the LAN queues to be able to set the interface bandwidth correctly. For me, I set the same value as allocated to the WAN queue (19200 Kbs) to qInternet on each LAN interface, rather than using 2%. I also set all the other LAN interface sub-queue percentages down to like 10% though I'm not sure that was necessary, saved and applied. Then I could set the LAN interfaces to what I wanted (96% of 1Gb = 960000 Kbs). Annoying to figure out but at least it's possible to workaround. Thanks to @seijirou for either deliberately or coincidentally resurfacing that post which helped me out.

@steveits said in Maximum Bandwidth Value for Limiters: @tman222 That would be 409610241024 = 2^32 = 4294967296 so max unsigned 32 bit integer. Can't help with how to change it. :) It presumably depends on how it is being handled in the upstream code. But, with all new routers 64 bit and Netgate releasing 10 Gbit connections it seems logical to make it higher. I'd say go ahead and make a redmine entry. It could just be old input validation. BTW, nice bandwidth. Thanks @SteveITS - that makes a lot more sense now. Unfortunately no multi-gig internet access here just yet, but there have been rumors that it may be coming this year (fingers crossed).

@daddygo Hey, just seeing this.. thanks for the reply. interestingly enough, i came across the whole "fq_codel" thing and started messing around with it. low and behold, it (seemingly, at least to my novice senses) made a very significant difference with my latency. going through the bufferbloat test from waveform, initially my unloaded ping was about 10-12ms, and once it started the upload and download tests, my latency was up around 60+ms and i was graded as a C.. i followed some instructions and then messed around with it to adapt it to my particular internet speed (120x6) and my upload/download latency dropped to about 5ms for both upload and download. I can definitely tell the difference (no lagging) when someone else is video conferencing while i'm on my workstation, streaming whatever.. anywho, are you saying that disabling the hn(4) ALTQ support will improve it further?

@cnicules ggrrr wife problem :) "the net was working bad so i went directly on the ISP modem wifi", all day sort of wasted. putting CODEL, make the setup works, i only get a slight 2-3-4ms increase on ping. ok, logic is good, so far. HFSC also looks, good, selecting icmp works. good, now i can move to more complex stuff thanks,