• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Bufferbloat not always working

Traffic Shaping
2
5
507
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • R
    RN222
    last edited by Jan 3, 2025, 11:40 PM

    Hi All! After seeing Tom Lawrence's video on Bufferbloat

    I've tried to set this up on my Netgate 2100 but I can't get consistent results.

    I've followed his video exactly and still get a loaded ping of 32ms (unloaded is 5ms).

    The download speeds themselves don't actually reflect the new value I've put into the limiter either.

    I've then deleted that config and followed the Sans guide

    This guide has much more detail. But I'm still having issues.

    Is anybody able to assist? I know there's not much detail but I have followed both guides exactly and double checked everything. My setup isn't even that complicated.

    Let me know if anything is needed.

    Thanks!

    R 1 Reply Last reply Jan 10, 2025, 1:09 AM Reply Quote 0
    • R
      RN222 @RN222
      last edited by Jan 10, 2025, 1:09 AM

      @RN222 So I've tried this on my other network with a 1100 and get the same issue.

      I've narrowed it down. When doing a speed test my phone obeys the limits, however my laptop does not. I've tried a Windows and Linux laptop - the laptops don't obey the limits.

      This is a simple network I've tried WiFi and Ethernet. Is something strange happening here? Any ideas?

      T 1 Reply Last reply Jan 10, 2025, 7:38 PM Reply Quote 0
      • T
        TheNarc @RN222
        last edited by Jan 10, 2025, 7:38 PM

        @RN222 That's curious, because the client devices get no say in whether they obey the limits. When you have limiters set up, you can have firewall rules that do one of three things with them:

        1. Put all clients' traffic in the limiters
        2. Put none of the clients' traffic in the limiters
        3. Put some clients' traffic in the limiters, and not others.

        From the behavior you describe it sounds like you've got #3, but it's also not clear how that would happen "by accident". Because the "default" is #2 (i.e. nothing gets put into limiters unless and until you create firewall rules to do so).

        Can you provide any details of the firewall rule(s) you made to assign traffic to the limiters?

        R 1 Reply Last reply Jan 12, 2025, 9:40 AM Reply Quote 0
        • R
          RN222 @TheNarc
          last edited by Jan 12, 2025, 9:40 AM

          @TheNarc These are the floating rules I'm using.

          login-to-view

          It was taken from the SANS guide

          I've triple checked all settings and followed it exactly as the SANS guide outlines.

          T 1 Reply Last reply Jan 13, 2025, 3:12 PM Reply Quote 0
          • T
            TheNarc @RN222
            last edited by Jan 13, 2025, 3:12 PM

            @RN222 Okay, I know the SANS guide says to make these rules "quick" but as far as I know, they actually do not work when they're quick. I'm not sure if that was considered a bug, and/or if it still applies, but it was definitely true at one point. And My floating rules that assign traffic to limiter queues are just normal floating rules (i.e. not quick). Mine are also match rules, not pass, which I also believed was necessary at least at one point.

            So I would advise that you first make all four of these rules "normal" (i.e. non-quick) floating rules. And if that still does not work, try making them all match rules as well.

            1 Reply Last reply Reply Quote 0
            2 out of 5
            • First post
              2/5
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.