@dusan said in Optimizing for video stream: Go to Firewall -> Rules and check out the Floating tab. There should be a rule for RTMP inbound and you should see the queue name. It's probably qOthersHigh and let's assume it is later on. Edit any other rule that use qOthersHigh and change them to use qDefault. Leave the RTMP inbound rule intact. (If there's no RTMP inbound rule, find the RTMP outbound rule instead and, also, make sure it includes WAN Interface and out Direction.) My fault. Sorry. The Direction should be in. But any is also fine.

Hello again, it's my pipes: (coomand result -> ipfw pipe show 00001: 512.000 Kbit/s    0 ms burst 0 q131073  50 sl. 0 flows (1 buckets) sched 65537 weight 0 lmax 0 pri 0 droptail sched 65537 type FIFO flags 0x1 256 buckets 0 active     mask:  0x00 0xffff0000/0x0000 -> 0x00000000/0x0000 00002: 128.000 Kbit/s    0 ms burst 0 q131074  50 sl. 0 flows (1 buckets) sched 65538 weight 0 lmax 0 pri 0 droptail sched 65538 type FIFO flags 0x1 256 buckets 0 active     mask:  0x00 0xffff0000/0x0000 -> 0x00000000/0x0000 00003:  18.000 Mbit/s    0 ms burst 0 q131075  50 sl. 0 flows (1 buckets) sched 65539 weight 0 lmax 0 pri 0 droptail sched 65539 type FIFO flags 0x0 0 buckets 0 active 00004:  2.000 Mbit/s    0 ms burst 0 q131076  50 sl. 0 flows (1 buckets) sched 65540 weight 0 lmax 0 pri 0 droptail sched 65540 type FIFO flags 0x0 0 buckets 0 active 00005:  12.000 Mbit/s    0 ms burst 0 q131077  50 sl. 0 flows (1 buckets) sched 65541 weight 0 lmax 0 pri 0 droptail sched 65541 type FIFO flags 0x0 0 buckets 0 active 00006:  8.000 Mbit/s    0 ms burst 0 q131078  50 sl. 0 flows (1 buckets) sched 65542 weight 0 lmax 0 pri 0 droptail sched 65542 type FIFO flags 0x0 0 buckets 0 active 00007:  4.000 Mbit/s    0 ms burst 0 q131079  50 sl. 0 flows (1 buckets) sched 65543 weight 0 lmax 0 pri 0 droptail sched 65543 type FIFO flags 0x1 256 buckets 12 active     mask:  0x00 0xffffff00/0x0000 -> 0x00000000/0x0000 BKT Prot Source IP/port_ Dest. IP/port Tot_pkt/bytes Pkt/Byte Drp 40 ip      89.40.146.0/0            0.0.0.0/0        2      126  0    0  0 58 ip      216.58.215.0/0            0.0.0.0/0      14    1799  0    0  0 58 ip      216.58.209.0/0            0.0.0.0/0      571    23051  0    0  0 60 ip      185.60.216.0/0            0.0.0.0/0        2      172  0    0  0 134 ip      46.134.210.0/0            0.0.0.0/0        2      172  0    0  0 161 ip      89.161.152.0/0            0.0.0.0/0        9      392  0    0  0 162 ip      52.162.166.0/0            0.0.0.0/0        2      498  0    0  0 184 ip      93.184.220.0/0            0.0.0.0/0        1      52  0    0  0 217 ip      172.217.16.0/0            0.0.0.0/0        5      292  0    0  0 217 ip      172.217.20.0/0            0.0.0.0/0        5      246  0    0  0 233 ip      64.233.162.0/0            0.0.0.0/0        1      99  0    0  0 240 ip      157.240.20.0/0            0.0.0.0/0        2      172  0    0  0 00008:  2.000 Mbit/s    0 ms burst 0 q131080  50 sl. 0 flows (1 buckets) sched 65544 weight 0 lmax 0 pri 0 droptail sched 65544 type FIFO flags 0x0 0 buckets 1 active   0 ip          0.0.0.0/0            0.0.0.0/0    4214  5824241 42 48662  0 00009:  12.000 Mbit/s    0 ms burst 0 q131081  50 sl. 0 flows (1 buckets) sched 65545 weight 0 lmax 0 pri 0 droptail sched 65545 type FIFO flags 0x0 0 buckets 0 active 00010: 512.000 Kbit/s    0 ms burst 0 q131082  50 sl. 0 flows (1 buckets) sched 65546 weight 0 lmax 0 pri 0 droptail sched 65546 type FIFO flags 0x1 256 buckets 2 active     mask:  0x00 0xffffff00/0x0000 -> 0x00000000/0x0000 168 ip      192.168.3.0/0            0.0.0.0/0        2      210  0    0  0 168 ip      192.168.20.0/0            0.0.0.0/0      92    18865  0    0  0 00013:  1.000 Mbit/s    0 ms burst 0 q131085  50 sl. 0 flows (1 buckets) sched 65549 weight 0 lmax 0 pri 0 droptail sched 65549 type FIFO flags 0x0 0 buckets 0 active 00016:  12.000 Mbit/s    0 ms burst 0 q131088  50 sl. 0 flows (1 buckets) sched 65552 weight 0 lmax 0 pri 0 droptail sched 65552 type FIFO flags 0x0 0 buckets 0 active Any ideas? – Regards, Krzysztof

Latency is only affected because of bufferbloat. You could try to limit everyone's bandwidth, but fixing the bufferbloat can get you the 80/20 with little effort, fewer edge cases, and reduced complexity. The currently simplest way is to enable FairQ as the shaper on LAN and WAN interfaces, configure the default queue on the interfaces to have Codel enabled, and to set the bandwidth to some value less than what real bandwidth you have. In the near future, scheduled for 2.4.4, fq_Codel should be superior and easier to setup. This is just an alternative that you may want to try.

Thanks guys for this additional info.  I"d be curious to see if the manual redirect method might work. Hi Matt - if I was to use a floating rule on the WAN interface, what would I use for the source of the traffic? Thanks again.

Anyway, I have to almost times 2 of my actual internet bandwidth for cbq to work to saturate my bandwidth. If I put  below my internet speed, it seems to halve it every time and never saturate

https://redmine.pfsense.org/issues/4405 traffic shaping doesn't work on bridge interfaces.

thanks guys… I think its fixed

Asymmetric routing?

I am now going to follow the guidelines https://forum.pfsense.org/index.php?topic=145255.0

Wow thanks for the reply I'll mess around with the newer version of pfsense and see how far I can go without being a nuisance to anyone. Thanks for the links I'll definitely check it out cheers!

I've got a fq_codel running on a symmetric gigabit fiber connection using a Xeon D-1518 based setup.  Works great (maybe even a bit too much power), so i3/i5 should be fine in your case.  Also make sure you get high quality Intel based network cards/interfaces on the system.  Hope this helps.

Possibly if you had a list of FQDNs to resolve but there is no way to get a list of IP addresses into an alias using just the "domain name"  like "cloudfront.com." Someone would have to do the actual legwork there and keep a URL table alias updated.

Here is opportunity to write your own package.

check : https://forum.pfsense.org/index.php?topic=126637.0 Im trying to do sort of the same thing. although in my case it works but like with yours the queues are not working as my mind thinks they should

This would be great am searching for something like this myself you can do it with schedulers though but its not dynamic. my service has exact times when congestion occurs or the isp starts their throttling so its quite easy to do it this way.

Thanks, I'll give that a go.

Now I have put pfsense to factory default and configured everything new. Unfortunately the Problem is the same. So the fault us not at the traffic shaper. I think I have now solved the problem. I have a Rule: block port xxx (pfsense Port), block RFC1918 Networks and in my allow rule I only accept the internet poRts. When I disabled all Firewall Rules and allow all Ports in the allow rule it is fast again. I have this rules since years and it newer slows my bandwidth. A few days ago I upgrade from 3.8.x to 2.4.2 RELEASE p1. Is it possible to downgrade again?