3 Bugs Found in March 4th Release

absoffthewake

Hello there,

First of all, I have to say 2.0 is freaking awesome! Thank you for adding QOS to IPSec traffic!!!!

I found a 3 bugs, the first 2 are serious, the others not so. I have 2 wan, 1 lan, gateway with failovers in the advanced-routing.

Bug #1
I was trying to add some queue rules to the Floating Rules for traffic shaping. The system allows you to add a "PASS" rule, with a queue assigned to it. I didn't realize I had to set it to "QUEUE" the first time I configured it.

I wanted to add a schedule to the P2P Catch all, so I changed the default queue from P2P to OtherDefault, and added a rule in the floating rules with any set to protocol source/dest etc., a schedule, set to P2P queue , with the type mistakingly set to pass. Filter reload showed no errors.

After a reboot, the Traffic shaper started sending everything to the high priority queue, ignoring my configuration. Deleting the rule I added did not help. The only way I was able to go back to the original behavior was to remove the traffic shaper and any leftover floating rules, backup, then restore, then added the shaper back via the wizard.

Bug #2
When you configure a Floating Queue rule with a schedule, it prioritizes it above all other rules when the schedule is activated. I tried to create P2P catch all that runs only during certain times of the day with a floating queue rule, placed it as the last rule, but all traffic went the P2P queue anyway when it was active. It should prioritize according to the placement when active.

Bug #3
The system allows you to set more than 1 default queue, and the error message on filter reload is not obvious.

Other than that, everything else seems to work flawless. Great job!

absoffthewake

Another thing,

Bug #4
VOIP calls are properly sent to the VOIP queue both ways in IPSEC, and for incoming calls from the VOIP carrier via WAN or OPT1. But for outgoing calls it goes to the default queue.

I have multiwan (happens with both gateway & failover gateways), & multiple IPSEC connections.

absoffthewake

and another,

Bug #5
If you check "Apply the action immediately on match", the rule is ignored, and it goes to the default queue.

absoffthewake

For some reason now it's sending the VOIP calls to the high priority queue.  :'(
Outgoing still going to default.

jlepthien

It would be wise to post those on the bugtracker…

redmine.pfsense.com

absoffthewake

Didn't know I could do that. Thanks!

eri--

Please upgrade to the latest snap for all you say here.

The only one that hsould remain valid is the default queue issue that i have in plan to solve soon.