Sorry about that :-/ I'm working on something to make this situation a little better and introduce a little more visibility into bandwidth reservations.
Until all the bugs and issues are resolved in the current code I'm not making any other changes, it's too difficult to troubleshoot. And no-one has convinced me that the last changes I made have fixed the issues (nor have I been convinced that they haven't).
The one rule has to be set to source any, destination IP of LAN-Client, the other rule has to be source IP of LAN-CLient, destination any. just like the VOIP-Rule is.
One major bug that was just discovered was the shaper no longer subtracted 20% from the upload and download values. If anyone is having trouble with the shaper please re-run the wizard again and subtract 20% from the upload and download values.
Correct. NAT occurs before filter policy (which is what classifies traffic). There are alternatives, but we're not geared up to use them (and using them isn't terribly scalable at this time).
–Bill
OK.. policy filtering works fine. just wanted to be sure that if NAT was enabled that the packets were translated before (NAT always sees the packet first right?). I wouldnt worry about alternatives to something that aint broken, and its not limiting in any way as far as I can see.
been doing some reading on altq and came upon this:
http://www.benzedrine.cx/ackpri.html
Finally, the rules passing the relevant connections (statefully) are extended to specify what queues to assign the matching packets to. The first queue specified in the parentheses is used for all packets by default, while the second (and optional) queue is used for packets with ToS (type of service) 'lowdelay' (for instance interactive ssh sessions) and TCP ACKs without payload.
not sure if it has the same binings to the gui in pfSense. but my guess is that its related.
We invisibly create the ACK queue. ALTQ only shapes outbound on an interface, we create rules for BOTH interfaces and that's what the queues relate to. An inbound (on the internal interface) and an outbound (on the external interface).
Bill is working on the issues. Everyone stay calm.
Wait for B2 - I just fixed another old bug and have had some reports of better performance already. There's more coming, but I'm trying to keep those changes out of 1.0.
If you are still having problems, make sure your specifying one protocol per rule. For example, if you are shaping both TCP and UDP traffic for a specific port, use a rule for each protocol.
No kidding…it's bad when the person who probably understands our shaping code the most gets it wrong half the time. ALTQ is a real pain in the &&^% to set up right with the design requirements we put down. It was certainly easier to punt to ipfw to assign traffic to queues, but in reality, it never worked quite right (and we want to pull ipfw from base).
The speed at the interface setting should be the physical linespeed of your interface, NOT the speed something is limiting you to by throtteling bandwidth. The Trafficshaper will create queues that go inside that bandwidthsetting.
There's a note at the interface bandwidth option:
"The bandwidth setting will define the speed of the interface for traffic shaping. Do not enter your "Internet" bandwidth here, only the physical speed!"