Run the trafficshaper wizard. It has exactly the option you need. You can enter a VOIP IP or an alias. You also have the option to select Vonage as VOIP Povider. Either should work. The choppyness was surely related to the issues the shaper had these days. Give it a go. It should be fine now.

I guess you have to just test it out for yourself then.

Do not try to import my original config file into your system.  It was only posted so as to help others understand a little bit better how the traffic shaper works and what was working for me at that time.  If it is too confusing for you to decipher, then you probably need to learn more about TCP/IP, ports, and protocols.

This isn't pfSense, so you don't have fancy hostgroupaliases, queuegraphs and so on. You have to set it up and simulate a maxed out line and do phonecalls and terminalsessions under that condition and tweak it until you are happy with it.  ;)
I'll pm you something later when I'm at home. I don't think it makes sense to discuss that public as the m0n0 shaper is completely different compared to pfSense. I suggest closing this thread.

@mentalinc:

and an lil extra questionL: shaping will only work on upstream data as by the time downstream gets to my box its far to late as the pipe has been saturated and my HTTP traffic for example is sitting at the ISP waiting its turn. is that correct?

Yes, the traffic shaper in pfSense can only shape packets exiting an interface but it can also shape downlaods by shaping the traffic exiting lan card to your pc (you can look at it from the perspective of your box uploading to your pc). In other words, download shaping isnt dependent on your isp alone, pfsense actively shape downloads just the same as uploads.

However if you saturate your link traffic will be queued up in your box and possible at your isp as well (or your isp will drop extra traffic), so its a good idea to set ur max download & upload speed to a fraction below what your isp advertised, that way your box will limit the traffic before your isp policing or shaping kicks in, you sacrifice some bandwidth to gain better control over your traffic.

(ab-)use the voip queue for that. run the shaper and add an IP for the voip queue. after it has finsihed edit the queue and set the traffic limit at upper limit and dump the realtime value. set the priority lower. that's it. then copy these for as many clients as you need. however you have to keep the math in mind or you'll get an alert because of assigning more bandwidth than you have.

Possibly.  Try it in beta2

–Bill

@rexster:

in addition to many known ports,
it'll be great if we can add our own custom ports for traffic shaping.

tia
rex

Copy an existing rule.

–Bill

@sullrich:

Not at this time.  Patches accepted.

Patches accepted (although I know exactly what needs to be done, I backed out the code for this back in June due to other issues) - but be warned the shaper is under heavy development, you will want to coordinate any work you do with me.

Or again, donations are accepted - at this point a quiet machine with Intel FXPs would be appreciated.  I can no longer do shaper development on my (silent) Soekris as there's an OS level bug that affects the NICs on this machine.

–Bill

cant wait any longer :)

so i get the testing snapshot 2-19-06 iso and do clean install.

then trying traffic shaping again.

still… same error.

tnx&rgds,
rex

Here is another thing I observed today.. This rule:

pass out on  dc0 from any to 192.168.1.7  keep state tagged unshaped tag qHighDownL            (subset of rules posted earlier)

dc0 - LAN interface

Does not work for traffic originating from the firewall itself. Squid and ssh traffic to 192.168.1.7 for example would fall into the default queue instead of qHighDownL, so does all traffic to any ip whos traffic originated at the firewall. It only works for traffic comming through WAN.

Squid is boud to lo 127.0.0.1 while ssh is bound to the any address *. Is there any reason why this rule don't work for such traffic? I though about it and still can figure out why.

EDIT:

tried iperf from firewall to lan pc with ip address 192.168.1.7 -> the traffic found its way into the correct queue. however the others stated above still don't get queued properly. Could it have have something to do with the direction in which the connections were establish?

Sure, that's what this forum is meant for  ;D

Wow, I don't think you'll be able to do this very easily.

That would require a lot of rules…

@Leoandru:

Well Its killing my upload shaping see thread: http://forum.pfsense.org/index.php?topic=630.0

I understand that when the packet is nat'd u no longer know where its from.. But doesn't the filter policy sort that out, I mean once the packet comes in on lan its tagged and the filter policy will take care of the queuing. so the any -> any rule wouldn't be needed.

when I get time I gonna manually modify /tmp/rules.debug and test that theory. I really need to get upload shaping working by ip addresses.

Actually, you may be on to something, I'll have to think about it a little more.  We might not need the "pass out" rules at all as tags are sticky.  Looks like a case of overthinking.  I'll ponder removing that and if it makes sense (and works) this might see an MFC to 1.0.

–Bill

Sorry about that :-/  I'm working on something to make this situation a little better and introduce a little more visibility into bandwidth reservations.

–Bill

Until all the bugs and issues are resolved in the current code I'm not making any other changes, it's too difficult to troubleshoot.  And no-one has convinced me that the last changes I made have fixed the issues (nor have I been convinced that they haven't).

–Bill

The one rule has to be set to source any, destination IP of LAN-Client, the other rule has to be source IP of LAN-CLient, destination any. just like the VOIP-Rule is.

One major bug that was just discovered was the shaper no longer subtracted 20% from the upload and download values.  If anyone is having trouble with the shaper please re-run the wizard again and subtract 20% from the upload and download values.

Search.  There are atleast 10+ discussions about this.