Help me Fine Tune my Shaper?

Nullity

Remember, you can only prioritize something by deprioritizing something.

Games should be allocated fast per-packet delay. Put simply, all your bandwidth (aka, best transmission delay possible). At worst, this will delay other traffic by milliseconds since gaming traffic demands very low link utilization.

Browsing, since it will most likely be saturating your bandwidth when active, is NOT something you want to prioritize.

This is a complicated topic. Use something aside from HFSC unless you enjoy reading dozens of white-papers. Just use PRIQ or FAIRQ and put gaming at highest priority.

Network monitoring (tcpdump/wireshark maybe netflow) is needed to determine what packets are causing cascading delays.

Do not expect miracles. QoS is meant to guarantee service for a few delay-sensitive services. 20ms here, 50ms there, I doubt you would notice such smalk changes with something like HTTP.

Derelict

qGayming

lulz

Harvy66

Can we see your configuration on your WAN and LAN interfaces?

This kind of stuff

gratis.obake

am really sorry :(, almost forgot my post :(

here is my screenshot similar to the one you posted


Harvy66

The hierarchy of the queues look fine, although technically you don't need a qInternet on your WAN except in strange cases. Do you have your WAN interface rate limited? I rate limit my LAN interface also, but if you're using HFSC, you should be able to apply an upper limit on qInternet. Do not use RealTime with HFSC if you're not rate limiting the interface, it will mess things up.

gratis.obake

I believe so that I have them limited, honestly am confused a bit but please see below what I have for my shaper values.
note: "Real time" values are all blank and both "Upperlimit" and "Link share" are identical and (m1 &d) are all blank also.

–----------------
all HFSC

qinternet
wan = 768Kb
lan = 3891Kb

qACK
wan/lan = 5%

qDefault
wan/lan = 50%

qGayming
wan/lan = 20%

qDNS
wan/lan = 10%

qICMP
wan/lan = 1%

qLink
lan = 994Mb

on the LAN side, if I need to disable my limit for download, I switch the "default queue" from qDefault to qLink to have it to full speed and switch back to qDefault to limit it again if I'm finished.

one reason I have with 'wan' being "limited" is that I have placed qDefault to 50% and qGayming to 20% as there are instances that if I don't limit wan itself and someone uploads something... (i.e. like picture uploads to facebook or something similar), it will saturate/suck up the entire upload line and kills both Browsing and Gaming sessions == bad.

Harvy66

I didn't notice your putty screenshot before. The values look correct. The only other thing I can think of is to make sure CoDel is checked for each of your subqueues. Are you having any issues or just asking for someone to look over your setup? The only thing that stands out is DNS has a few packets dropped, you may want to give it a bit more bandwidth. ACK also seems a little low, possibly move some from default to ACK and DNS. Unused bandwidth gets shared anyway. Best to have too much for your important stuff than too little.

edit: You don't need upper limit set on any queues except qInternet. In the case of your WAN, qInternet really isn't needed, so you don't need upperlimit, it's redundant. Be careful about qLink, if you have internet traffic getting in these queue, it'll break the usefulness of your download shaping.

gratis.obake

Codel is indeed selected on all sub queue.

my traffic shaping configuration seems fine…, just that I find it still not that optimal.

anyways,

I seem to notice with my current configuration, specially with the LAN side, when I access the pfsense GUI is too sluggish. It seems that inter LAN communication seems to be limited?, is this due to my qInternet and qDefault on LAN limiting it? (qInternet upperlimit is 3891Kb and is the parent queue on LAN then its sub queue is qDefault which is 50%)

Derelict

Accessing the GUI generates hardly any traffic. You would have to really have things hosed to have the shaper influence that. I think you're confusing GUI performance with a shaping issue.

gratis.obake

Am really sorry sir, here is my explanation on this one.

scenario #1 (pfsense gui gets super slow response)
LAN side:
qinternet = 3891Kb
    qACK = 5%
    qDefault = 50% [set as default queue]
    qGayming = 20%
    qDNS = 10%
    qICMP = 1%
qLink = 994Mb

scenario #2 (pfsense gui very responsive)
LAN side:
qinternet = 3891Kb
    qACK = 5%
    qDefault = 50%
    qGayming = 20%
    qDNS = 10%
    qICMP = 1%
qLink = 994Mb [set as default queue]

for scenario #1, if I put the default queue to qDefault, pfsense gui response is slow
for scenario #2, if I put the default queue to qLink, pfsense gui response is fast

if you can explain this one and have a good solution to this, I would highly appreciate it.

Derelict

Your firewall rules should not be placing local, LAN traffic into anything other than qLink.  I have qLink as the default queue.

Since you want to shape traffic only for flows using WAN, you usually set queues using match rules on WAN out.  That way only traffic having something to do with WAN is put through the shaper, leaving local traffic in the default queue, qLink in my case.


gratis.obake

am trying to digest this, but honestly still striving to understand.

if you may sir, can you also post your shaper screen?

Harvy66

This is my current setup

Derelict

My shapers don't matter.  Your problem is getting traffic into the correct queues.  Until you can do that your shaper config doesn't matter.

gratis.obake

hello again to all,

as far as I can see from my configuration, it seems that I am limiting my LAN speeds but how can I fix it?

I seem to have seen post on: https://forum.pfsense.org/index.php?topic=99529.0
one of Harvy66 comment was:

Of course you may want to communicate with PFSense without consume your Internet bandwidth, so create a default queue, place it under qInternet, and create a rule that drops all LAN traffic into qLink

what I see missing is the "how to create a rule that drops all LAN traffic into qLink"?
anyone can give floating rule example how to do that?

anyways…, I'll try to read the article pointed to by Nullity: http://www.linksysinfo.org/index.php?threads/qos-tutorial.68795/

thanks in advance for any replies

KOM

Harvy, I was trying to duplicate your config to play around with but I keep getting the dreaded the sum of the child bandwidth higher than parent error.  I set my queues exactly as you specified.  Checked it thrice.  Did the math and all my child queues seem to add up to or less than 100% of their parent queue so I'm stumped.  I tried playing around with qACK and setting it to just 20% RT (removing the 20% LS) but no change.  Am I correct in understanding that each queue level must add up to no more than 100%, and each level is distinct from the others?  Here is what I have that is failing:

WAN
–qACK (20% RT)
--qUnclassified (30% LS)
----qDefault (45% LS)
----qUDP (55%/5/45% LS)
--qClassified (50% LS)
----qNormal (45% LS)
----qHigh (55%/5/45% LS)

Harvy66

I don't immediately see any issues with that you're showing. Are you sure the error is for the WAN interface and not the LAN interface for some reason?

Otherwise, for S&Gs, just subtract 1% from all of the values. Maybe there is a rounding issue with translating percentages to the bandwidth values?

KOM

I don't have a LAN queue defined just yet, only WAN. I'll fiddle with the numbers to see if I can get it to work.  Thanks for the confirmation.

Ugh, I give up.  Now I'm reminded why I stopped frustrating myself with HFSC many months ago.  I went and set every queue option to 10% and it's STILL giving me the same damned error.  The error is referencing my vmx0 NIC which is WAN.

Weird that when I shell in and run pftop, the Queues view is empty.  I remember (vaguely) that there were some places in the shaper GUI that didn't like percentages, and I'm wondering if I've stumbled on that again.

I blew it all away and only created 3 WAN queues and used absolutes instead of %:

WAN (80Mbps)
–qACK (15 Mb RT)
--qUnclassified (30 Mb LS)
----qDefault (15 Mb LS)

Same %#$^# thing.  I really give up.

Harvy66

BTW, make sure you set the bandwidth parameter. It's still required even though "LinkShare" technically overrides whatever is set in bandwidth. Could be realted to that. Anyway, about to post all of my stuff in pics.

Harvy66

Here's my current setup in exactness.