Traffic Shaper issue related to Battle.net

mcwtim

You might want to take a look at this thread and sideout's config for LAN party use.

https://forum.pfsense.org/index.php?topic=99503.0

albert001

I have been reading Sideouts config. Looks promising but I have a few questions about it. I hope Sideout takes a peek at this page to help answer some questions.

I am running:
Version 2.2.4-RELEASE (i386)
built on Sat Jul 25 19:56:41 CDT 2015
FreeBSD 10.1-RELEASE-p15

4 - Netgear ProSafe 24-Port Gigabit Rackmount Switch, Model: JGS524  (not sure if this is a an issue because I went with cheap gigabit switches)
Verizon Fios connection 300mbps/65mbps…..soon to be 300mbps/300mbps because boneheads never told me they lowered price and increased upload speed.

A separate server for running diskless OS DHCP, mysql database, windows server 2012 file storage with 8 hard drives for supporting diskless OS.

I cant use pfsense as my DHCP. I hope thats not an issue.

Sideout has 4 files in the zip. aliases, filter, shaper, and system.

I assume I dont need to import the system config since I dont need DHCP or DNS changes. I have them right where I need them.

What is the filter file supposed to be imported too?
Shaper and aliases is pretty self explanatory.

and nobody answered my last question. Whats the difference between qACK/qGames and just using qGames or just using qACK. Please advise. Thank you!

albert001

I realized what filters was…..the firewall rules. So i imported those and am conducting a test now with proper rules applied.

albert001

Sideout. Great job on those configs. I didnt even need to import your system file in your zip.

Ping is great all around. youtube movies stream with no pauses
I am sure netflix shouldnt pause either. But will run full test later on today when we open.
Wow- low ping at 32 for home and world
LoL - Low ping at 66ms
CSGO - Real low ping
BF4- real low ping as well

while playing 2 separate computers streaming movies

Would still like some suggestions on my diskless OS loaded through network. I need my LAN more speed. Will it affect overall latency in games if we increase LAN speed? It takes 7 minutes to load when it used to load in 1 minute.

Please advise.

albert001

Never mind I stand corrected…..its only when loading up 68 at the same time when this happens.  :o

sideout

The system file is not needed if you have PFSense built to your liking.  I just included it in case people wanted restore over a clean system.

qACK is only used for TCP streams.  If you choose UDP for the protocol then use qGames.  Some games use strictly UDP  , some games use TCP and UDP.

Nullity

@albert001

QoS/traffic-shaping only makes a difference when a connection is over ~80% utilized. Below ~80%, the bufferbloat/queueing delay is negligible. (Edit: spelling)

Unless you are saturating your 300Mbit download or 65Mbit upload, QoS/traffic-shaping/traffic-policing will make little/no difference.

Are you saturating your connection? From what I read, you should be far from saturating your connection.

albert001

@sideout:

The system file is not needed if you have PFSense built to your liking.  I just included it in case people wanted restore over a clean system.

qACK is only used for TCP streams.  If you choose UDP for the protocol then use qGames.  Some games use strictly UDP  , some games use TCP and UDP.

Problem with the qACK…..i dont understand what its purpose. Why are some firewall rules qACK/qGames and why are some just qGames or just qAck? How does that part work. Thats the only part that I missing on understanding this traffic shaping

albert001

@albert001:

@sideout:

The system file is not needed if you have PFSense built to your liking.  I just included it in case people wanted restore over a clean system.

qACK is only used for TCP streams.  If you choose UDP for the protocol then use qGames.  Some games use strictly UDP  , some games use TCP and UDP.

Problem with the qACK…..i dont understand what its purpose. Why are some firewall rules qACK/qGames and why are some just qGames or just qAck? How does that part work. Thats the only part that I missing on understanding this traffic shaping

With my clientele that insist on streaming HD movies. Either by netflix or youtube. To the others that want to download brand new games. And to those customers who want to do both at the same time. Now multiply that by 68….heck even half would congest my 300 connection easy. Its just the nature of the business. So thats why traffic shaping is so crucial. But I am happy to say customers are very happy with Sideouts config! 60ms home 65 world. Considering we came from 2000ms on just Battle.net games. Huge improvement.

albert001

@sideout:

The system file is not needed if you have PFSense built to your liking.  I just included it in case people wanted restore over a clean system.

qACK is only used for TCP streams.  If you choose UDP for the protocol then use qGames.  Some games use strictly UDP  , some games use TCP and UDP.

Oh and last question. Why did you block Steam P2P voice. I would think it would take minimal bandwidth.

sideout

I am running at LAN parties where we have @160 people and using 2 or 3 modem's  for access.  Given that you cannot "bond" these modems together and we have to use the round robin load balancing , and that a P2P or torrent will suck all bandwidth , I choose to block things like that since we run an internal voice server at the LAN.

These configs are geared toward LAN parties.  If you want to allow the Steam P2P for voice then just remove the rule.

Thank you for the feedback on the config!!!!  It is good knowing that it is helping someone else out.

albert001

@sideout:

I am running at LAN parties where we have @160 people and using 2 or 3 modem's  for access.  Given that you cannot "bond" these modems together and we have to use the round robin load balancing , and that a P2P or torrent will suck all bandwidth , I choose to block things like that since we run an internal voice server at the LAN.

These configs are geared toward LAN parties.  If you want to allow the Steam P2P for voice then just remove the rule.

Thank you for the feedback on the config!!!!  It is good knowing that it is helping someone else out.

You da man! No more issues! But nobody has explained how the ack queues work. Can somebody explain? lol

Nullity

@albert001:

You da man! No more issues! But nobody has explained how the ack queues work. Can somebody explain? lol

http://www.benzedrine.ch/ackpri.html
http://doc.m0n0.ch/handbook/faq-ackprio.html

Not trying to be a jerk but you could answer your question much quicker by searching this forum or Google.

albert001

@Nullity:

@albert001:

You da man! No more issues! But nobody has explained how the ack queues work. Can somebody explain? lol

http://www.benzedrine.ch/ackpri.html
http://doc.m0n0.ch/handbook/faq-ackprio.html

Not trying to be a jerk but you could answer your question much quicker by searching this forum or Google.

No offense taken but understanding the precise explanation of ACK's functions is not really what I meant. I understand the basics but as it relates to pfsense GUI and how applying to the configuration. I have yet to comprehend. So let me me rephrase my question:

In the pfSense GUI firewall rules section. How does the qACK and qACK/qGames differ? Does the qACK take priority? Does the qACK/qGames take more of a priority. That sort of explanation. I honestly am not doing this to understand the complete language behind it just enough to understand which setting or settings help to improve traffic shaping.

Even sideouts config has aliases…..I would like to know how assigning aliases helps this config. But i understand it may take too long so I figure the one thing I would like to understand how to apply is the qACK's section. Thanks.

KOM

How does the qACK and qACK/qGames differ? Does the qACK take priority? Does the qACK/qGames take more of a priority.

TCP requires an ACK to initiate the sending of the next packet from the source.  You generally want to prioritize ACKs because that is what TCP uses to help it's flow rate calculations.  UDP does not use ACK since it's a connectionless protocol.  That's why you see TCP rules direct ACKs into qACK and UDP rules don't.  In most shaper configs I've seen, you want to put ACK and DNS in the top queue, VoIP is next, HTTP/S next and everything else last.

I would like to know how assigning aliases helps this config.

It makes the ruleset both easier to rad and maintain.

albert001

@KOM:

How does the qACK and qACK/qGames differ? Does the qACK take priority? Does the qACK/qGames take more of a priority.

TCP requires an ACK to initiate the sending of the next packet from the source.  You generally want to prioritize ACKs because that is what TCP uses to help it's flow rate calculations.  UDP does not use ACK since it's a connectionless protocol.  That's why you see TCP rules direct ACKs into qACK and UDP rules don't.  In most shaper configs I've seen, you want to put ACK and DNS in the top queue, VoIP is next, HTTP/S next and everything else last.

I would like to know how assigning aliases helps this config.

It makes the ruleset both easier to rad and maintain.

Thanks!