Mini pfsense project

wallabybob

Yes you need a second NIC (unless you have a VLAN capable switch).

You suggest the Linksys runs out of gas with its current load. I don't see how your proposed configuration reduces the load on the Linksys. Maybe you should look at something like this:

–> broadband ---> pfSense --> switch --> Linksys --> wireless LAN
                                 |
                          PC <---|---> PC
                           PC <---|---> PC

8 port 10/100 switches are pretty cheap these days.

It would probably be useful to have the pfSense box act as the DHCP server for the whole LAN.

common

wallabybob, thank you greatly.

I will look into the config you propose.  You are ofcourse correct - my original config would not help me at all since the bottle neck would still be the linksys.

Fantastic diagram - very helpful.

wallabybob

Are you sure the Linksys is the bottle neck? If you are streaming videos while online gaming it may be that the video downloads introduce noticeable delays in the gaming responses and using a faster firewall won't help because the problem occurs "upstream" of your gateway/firewall. Anyway, would you accept video "stutters" to improve the gaming response?

The pfSense traffic shaper might help (I don't have any experience with it) but I don't know there is much it can do about the incoming traffic. If its important to download videos while online gaming it might be more effective to have separate links, one for the video, one for the gaming. If you can download the videos (rather than stream) another alternative might be to use the pfSense traffic shaper to limit the bandwidth used for video downloads in order to allow idle channel time for prompt gaming responses.

common

I came to the conclusion that the linksys was the bottleneck since lag is experienced when the pc's are streaming video from some internet sites e.g. megavideo (I suspect some sites take advantage of clients' bandwith and p2p to other clients watching the same video - in which case it is similar to torrenting live).

My bb is 10meg and lag is experienced when I get 'traffic managed' by the provider to 2meg.  But, 2meg should still be enough I feel for 2 pc's and 2 consoles (even if the pc's are watching online video).  During this time, the pc's don't suffer and still manage to load a large amount into the buffer.  I tried prioritising the consoles to high and the rest to low without success.

Any thoughts?  Have I got it wrong?

wallabybob

The higher the proportion of your available download bandwidth is used for chunks of video the more likely it is that a gaming response will have to wait behind a chunk of video. The ordering of gaming responses and video chunks in the data stream the ISP sends you is out of your direct control - its decided by the upstream router.  As discussed earlier, the most you could do is (possibly) control the bandwidth used for video by traffic shaping. Controlling the bandwidth used for video could help reduce the usage of the communications channel by video traffic thus giving more opportunity for a gaming response to experience minimal delay.

That your Linksys handles the traffic when your download speed is 10Mbps suggests to me the problem is not that the Linksys is running out of gas but that at the lower speed the communications channels is so busy that there are noticeable delays to the gaming response.

I don't know what facilities the Tomato has for logging traffic patterns. pfSense has a number of tools and graphs that may help you better understand what going on in the router and on the communications channels.

Efonnes

If your issues have anything to do with the size of the states table (which they might not), using the Linksys as a switch instead of a router (most likely disabling its DHCP server and not using its WAN port) and using a different router could probably help there at least, because I don't think it will be tracking connections on the LAN in the states table, even between wireless and wired.  It could also possibly help if the issue has anything to do with how your router is prioritizing traffic.

If you are wanting to save some money if possible, you could try it out without a separate switch first.  Unless you really care about shaving off less than a millisecond of latency from your wired PCs to the router, it should be fine with the Linksys router's internal switch.  If you frequently do file transfers between the PCs, it might help to have a separate switch to separate the traffic, depending on how well the Linksys is able to handle it or whether gigabit networking is involved.

common

This is a little puzzling.  I got traffic managed again and the console connections suffered when the pc's were using the internet. I would have thought getting traffic managed to 2meg should still be sufficient for the consoles if they were prioritised - but obviously doesn't seem so.  Is there a way I can surmount this problem?

wallabybob

What do you mean by "traffic managed to 2Meg"?

How would this help if you are "traffic managed" by your ISP to 2Meg?

Is the console traffic within the 2Meg?

common

Traffic management is the term used by my bb supplier.  I have a 10meg line and if I download around 1 gig during peak hours 3-9pm then my speed gets throttled to 2 meg for the next 5 hours.

I used to be on 1 meg download years before and never had problems playing online.  But with these new watch-on demand sites I find I'm having problems.

So, as it stands I don't appear to have problems when the throughput limit is 10meg, only when it goes down to 2meg.  I originally thought my QoS on my router was struggling, but having read the posts above, I don't know if this is still the case.    what to do?

wallabybob

@common:

what to do?

I find that facts are often a useful basis for deciding what to do.

How much download bandwidth is required for the gaming consoles?

How much bandwidth does a single video on demand require? Do the gaming consoles get adequate response then?

How much bandwidth do two videos require?

If you are using pfSense from the web GUI Status -> RRD graphs, click on the Traffic tab to get an indication of the download bandwidth you are using.

What QoS have you configured?

I don't see how prioritizing the gaming traffic will help since as best I can tell, it will affect upstream traffic but not downstream traffic. According to how you have characterized your traffic, your problem is getting snappy interactive traffic concurrent with at least two streams of time critical bulk data. As described earlier, these aren't going to coexist happily when your communications channel is heavily utilized.

I expect you are probably demanding more of the communications channel that its capable of giving and you will probably have to reduce your demands. But it would be better to see some data before rushing to a
conclusion.

common

Yes, I need to do some fact-finding before I can understand better.  Which probably means I need to get pfsense running in the first place replacing my router anyways :) !

I'll report back findings/progress when I've got it together (might take some time).

Thanks wallabybob and everyone for your help.