It looks like this is a more recent thread on the same issue: https://forum.pfsense.org/index.php?topic=129267.15

I don't use HFSC but I believe this is how you would do it. Probably the best way to do it would be to set a dummynet (limiter) on the network you want to throttle, and then set it to fq_codel (via shellcmd). Then create an HFSC queue with a minimum value only, and set that to 64Kbps.  

@belt9: Exactly what UDP traffic problems are you having? Since PF and consequently pfSense lack limit pps for UDP feature, I had to do it on an upstream router. Well I think, unless proper MAC filtering, NetFlow MAC exporting and UDP PPS limiting is implemented, I cannot use pfSense for my customers (SMB and small enterprises). It has many great features and I really appreciate all work that developers have done.

Okay, I've looked at this again. Interestingly, while my circuit speed is "rated" at 50 Mbps, I found that I was getting more than that. I raised the limits in the wizard to 60 Mbps, and that seemed to help. But my upload speed used to be 58-59 Mbps, but with traffic shaping, it's down to 52 Mbps. That's a 10% hit. What sort of hit should I expect here? I was under the impression that PRIQ shaping would not affect circuit speed at all, but may not guarantee minimum bandwidth for services if there's a lot of demand. I could live with that, but that's not what I'm seeing. Are my expectations unrealistic? Below is the shaper config (the altq sections of /tmp/rules.debug): set loginterface igb1 set skip on pfsync0 scrub on $WAN all    fragment reassemble scrub on $LAN all    fragment reassemble altq on igb0 priq bandwidth 60Mb queue {  qACK,  qDefault,  qP2P,  qOthersHigh,  qOthersLow  } queue qACK on igb0 priority 6 priq (  ecn  ) queue qDefault on igb0 priority 3 priq (  ecn  , default  ) queue qP2P on igb0 priority 1 priq (  ecn  ) queue qOthersHigh on igb0 priority 4 priq (  ecn  ) queue qOthersLow on igb0 priority 2 priq (  ecn  ) altq on igb1 priq bandwidth 62914.56Kb queue {  qLink,  qACK,  qP2P,  qOthersHigh,  qOthersLow  } queue qLink on igb1 priority 2 qlimit 500 priq (  ecn  , default  ) queue qACK on igb1 priority 6 priq (  ecn  ) queue qP2P on igb1 priority 1 priq (  ecn  ) queue qOthersHigh on igb1 priority 4 priq (  ecn  ) queue qOthersLow on igb1 priority 3 priq (  ecn  ) no nat proto carp no rdr proto carp nat-anchor "natearly/*" nat-anchor "natrules/*"

I fixed the issue. The number of slots in the bucket needed to be updated. I set it to 250 and it can handle the full stream at 180M/bit without issue. Thank you :)

Thanks for the help, it seems to be working alot more smoothly.

Here's some more RRUL & DSLReports output using fq_codel without the VPN variable. The DSLReports output and the last two pictures are over wifi, an old crappy Intel 6205 Advanced-N card. I had to limit the dummynet down to 40Mbps to get fq_codel to capture this slow card. I made an alias for all of my slow wifi devices and made a firewall rule to pass their traffic with the Slower dummynet pipe. I am very pleased with the wifi performance, RRUL tests without fq_codel were averaging in the 3-5000ms range, often spiking into the 8000ms range and sometimes more. I tried adjusting txqueuelen and setting SFQ instead of pfifo_fast on the AP (Ubiquiti AP AC Pro) but it didn't improve performance much. Simply setting fq_codel to handle it on pfSense dramatically improved wifi. [image: 21450944.png] [image: wired1.png] [image: wired1.png_thumb] [image: wired2.png] [image: wired2.png_thumb]    

To the OP… just curious did you ever have success on this? I'm also a former Tomato user....

@autotalon: You'd probably want to find out the DNS names of Google/Youtube, and specify an alias with those as a source to set the gateway for that traffic.  Have those rules first on your LAN interface and they will get directed out the proper WAN connection. Thank sideout and autotalon very much, this design has not been done. Because a lot of games use Port 80/443 to launch from before connecting on the gaming ports. I am intending to buy a pfsense router to find the difference between a pfsense router and a computer using pfsense software.

I do have VLAN's running over the LACP and they do show up, just not the non-VLAN. There are some packages on pfSense 2.4.0 that do not work with traffic shaping. I forget what they are? I just ended up using dummynet and fq_codel which is LACP agnostic and it is working well!

Your floating rules should be for WAN, and leave the Source as *****.

Sorry for the late update. Thanks JIM I did as you instructed and it now works great

Yes.  The LAN is set to interface speed with qInternet set to 95% of link speed and WAN set to 95% of upstream.  I have noticed it is partly a software issue, but I still think there is room for this to be improved.

Ok… suggestions on what I should be setting there? Lets say that I want to set a limit of 5 Mbps down and 2 Mbps up for device with IP of 192.168.1.2.  I've created the limiter with the bandwidth parameters set.... now in the firewall rule, it requires me to set both a Source and Destination as well as specifying the In/Out pipes in the Advanced section of the rule. I (wrongly?) assumed that since I was setting both the In and Out pipes, that I would have to specify 192.168.1.2 as both source and destination? EDIT:::  So it appears that setting the device in question (ex. 192.168.1.2) as the Source, and set Destination to "any" does the trick! Thanks to w0w for pointing out my error!