[SOLVED] traffic shaper queues bug
-
so that makes 2 of us then, mayb if Ermal could look into it
-
Im having a similar problem here http://forum.pfsense.org/index.php/topic,36766.0.html devs should open a ticket for this…
-
I upgraded to RC2 last week. I only have traffic shaping for WAN. Everything seems to work fine except for VoIP. The traffic originating from my VoIP phone's IP should go to the VoIP queue but ends up in the default queue. I'm pretty sure the exact same setup worked with a previous snapshot (March or may April).
-
to narrow it down further, i think its got to do with selecting UDP as protocol coz i created new rules under floating tab and assigned same queue and those work fine for some reason, image below
![CropperCapture[1].jpg](/public/_imported_attachments_/1/CropperCapture%5B1%5D.jpg)
-
Is definitely something with UDP traffic, i opened a ticket on the bug tracker. http://redmine.pfsense.org/issues/1546
Lets wait for a answer.
-
this issue still remains, i cleared all rules and recreated them along with queues based on the reply i got
http://redmine.pfsense.org/issues/1582 -
any1 willing to have a look at my config file in order to help me sort out this issue if it is really config related coz my voip phone seems to be almost unusable at high traffic and might have to switch to a old snap to make the queues work properly?
-
You seem to be having the exact behavior I see. Unfortunate the ticket just got closed, but this is supposedly be addressed by a pre-GA change (or so I seem to recall reading…)
-
Some peoples prefer to call it a feature or config issue, not a bug. In my view this should be termed a design bug/error as this violates the principle of stateful traffic processing.
In a stateful firewall/router/shaper users must be able to filter/route/shape traffic simply by specifying the behavior with respect to the session-initiating packet. Take for example NTP, the administrator must be able to pass, to route and to shape incoming NTP requests to the correct NTP server and the outgoing NTP replies from that server as well without special care of the 'outgoing' direction.
-
can u plz elaborate whats wrong as having a UDP queue which as a matter of fact used to work perfect earlier but something broke it, if i only knew which commit was it then would manually revert those changes on my box.
-
I can't tell. I just guess that it cannot be undone simply by reverting a single patch.
-
wouldnt it be possible to edit the config file manually to change the behavior temporarily till its fixed?
-
I have no clue on manual config file editing. A temporary workaround (that appears to work for me) is to simply ignore the Floating tab and to select queues directly on LAN, WAN and all OPTx tabs. It is not comfortable, but doable.
-
i have the below rule which i tried match as well as pass but still download traffic doesnt go to the proper queue
<rule><id><type>pass</type> <tag><tagged><direction>out</direction> <quick>yes</quick> <floating>yes</floating> <max><max-src-nodes><max-src-conn><max-src-states><statetimeout><statetype>keep state</statetype> <os><protocol>udp</protocol> <source> <any><destination><address>mysip</address></destination> <defaultqueue>qVoIP</defaultqueue></any></os></statetimeout></max-src-states></max-src-conn></max-src-nodes></max></tagged></tag></id></rule> <rule><id><type>pass</type> <tag><tagged><direction>in</direction> <quick>yes</quick> <floating>yes</floating> <max><max-src-nodes><max-src-conn><max-src-states><statetimeout><statetype>keep state</statetype> <os><protocol>udp</protocol> <source> <address>mysip</address> <destination><any></any></destination> <defaultqueue>qVoIP</defaultqueue></os></statetimeout></max-src-states></max-src-conn></max-src-nodes></max></tagged></tag></id></rule>can u plz mention this above rules how do i recreate using wan and lan tabs to make it work
-
Following is my config for a teleconference device that use TCP for control channels and UDP for data channels. Not sure if it works for you.
– on the LAN interface add new pass rules before the default rule with source IP = any, destination IP = any, destination port = 1720 TCP and 3230-3279 UDP. Select queue = qVoIP.
– repeat the same procedure on the WAN and OPTx interfaces. (Note: my WAN + OPTx are all connected to Internet. I've started setting up the shaper using the single-LAN-multi-WAN wizard.)
I've configured the shaper this way only for teleconference. In my system there are so many Internet links and so many types of traffics that I must rely on the (now unreliable) Floating Tab for the other traffic types. At least untill we replace pfsense with an other shaper.
-
i think it wont work as im using rules that match based on the server ip rather than any particular or range of ports but ill still give it a try
-
I am posting here but this is in general.
Traffic shaper behaviour should be ok on latest snapshots. -
@ermal:
I am posting here but this is in general.
Traffic shaper behaviour should be ok on latest snapshots.I updated to the latest available (built on Mon Jul 4 16:48:37 EDT 2011) but didint change nothing to me.
-
Thanks, Ermal. I will try to update tonight after my wife goes to bed :) Currently running snap from June 22nd. This is one reason I love having pfsense virtualized on my ESXi server.
1. Take snapshot of virtual machine on the ESXi box.
2. Do the upgrade, and reboot pfsense.
3. Test things out.
4a. If all is well, delete the snapshot.
4b. If something is pooched, roll back to the snapshot and reboot pfsense. -
@Ermal: I updated to Mon Jul 4 16:48:37 EDT 2011 snapshot but still it does not seem to work. I have an NTP server for testing. With the Floating Tab alone using pass out on any interface rules (with queueing), only NTP requests to my server are shaped, NTP replies are not.