Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Be aware: HFSC QoS

    Scheduled Pinned Locked Moved 2.0-RC Snapshot Feedback and Problems - RETIRED
    2 Posts 2 Posters 1.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      toomeek
      last edited by

      Hello,

      I'm writing this, but I didn't discovered this in pfSense… yet.
      Recently, one of our routers using HFSC script for 2 x WAN config had huge problem.
      Rules are simply based on ports. There are: interactive, voip, browsing classes.
      This was working config a looong time, ping from both WANs was 5-20 ms, but recently we received it's growing up to 2000 ms.
      I discovered that this was caused by some client application hitting SSH port "22" which was in Interactive class (like some download manager). This caused queue to be full, resoulting in high latency times.
      I'm just wondering.. how pfSense matches connections for QoS engine? Is it port-based?
      I remember that Layer7 protocol definition files can do this, but someone told me this isn't always working.

      I don't know exacly how to do this, but in my opinion matching should be done using port+layer7 definitions.. to avoid situations like this.

      1 Reply Last reply Reply Quote 0
      • E
        eri--
        last edited by

        You can test yourself.
        The wizards match based on ports.

        The layer7 matching cannot be made to be the same for 2 installations so you can do it yourself.
        AFAIK layer7 shaping works!

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.