Goals: Ensure enough room for ACKs, single destination IP has lowest priority.

gertty · Dec 19, 2017, 12:21 AM

I'm using pfSense 2.4.2. I'm completely new to traffic shaping but I understand the basic concepts. My current setup:

50Mbps down/5Mbps up WAN connection. I have a couple of VPN clients on the router, and I have rules to router local traffic out of WAN, VPN1, or VPN2 depending on which VLAN it came from. I There are a couple of exceptions to this, so I have an alias for "always route out WAN" listing particular statically assigned IPs.

I'm got several machines doing backups on various VLANs. If there happens to be a large differntial backup, it swamps the upload connection and lots of other things that normally only downloading start performing poorly. I suspect this is because the backups aren't leaving enough room for the ACKS on applications that are otherwise using very little upload.

So, what I would like to do is something like this:

Across WAN, VPN1, and VPN2 always leave enough room for ACKs.
Somehow classify the backup traffic exiting WAN, VPN1, VPN2, as the lowest priority.
All other traffic can be "the rest".

I don't care enough to create more classes than "backups are lowest", "ACKs are highest", "everything else is the same". I only want this to apply to the WAN, VPN1, VPN2.

Is this easy to do? Any ideas on how to identify the backup traffic, it'll be https to a specific domain (I can get the current set of IPs but it can change over time), on my LAN, it could originate from different VLANs, but I could maybe limit this traffic to originate from fixed set of source IPs.

Thanks for any advice or help.

Harvy66 · Dec 19, 2017, 8:24 PM

The simplest setup would be FairQ shaper with Codel as a child queue discipline. If you want something easy to manage but keeps latency down, look into fq_Codel (https://forum.pfsense.org/index.php?topic=126637.0).

gertty · Dec 19, 2017, 8:48 PM

@Harvy66:

The simplest setup would be FairQ shaper with Codel as a child queue discipline. If you want something easy to manage but keeps latency down, look into fq_Codel (https://forum.pfsense.org/index.php?topic=126637.0).

Thanks for the reply. I like simple. Is there documentation on setting this up? Can I just worry about the WAN interface for now? Do I do this thru one of the wizards or some other way?

Harvy66 · Dec 21, 2017, 2:33 AM

No wizard. Just go to WAN, set the bandwidth at the interface to ~90% of your effective upload bandwidth with FairQ as the scheduler, and check the box in the Default Queue to enable Codel…. I think.

gertty · Dec 21, 2017, 6:20 AM

Thanks for the reply, but I don't understand enough about setting up Traffic Shaping to make sense of your answer. Is there a step-by-step document somewhere? Or something with screenshots?

Harvy66 · Dec 21, 2017, 5:42 PM

Ignore all of my other queues. All you care about is "Default".

gertty · Dec 21, 2017, 5:47 PM

Thanks! I'll try this tonight.
Ok, so from scratch I go to:

Traffic Shaping by Interface -> WAN
I select FAIRQ and put in my 90% upstream bandwidth number.
qDefault then automatically shows up? How do I get to the per-queue settings?

KOM · Dec 21, 2017, 6:33 PM

Click on the queue.