Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Traffic Shaper not behaving – qHigh not working

    Scheduled Pinned Locked Moved Traffic Shaping
    22 Posts 6 Posters 3.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • DerelictD
      Derelict LAYER 8 Netgate
      last edited by

      Quick does nothing on match rules. I don't think it'll break them but I'd uncheck it because it's wrong.

      Certainly looks like it should be properly queueing the traffic to me.

      Chattanooga, Tennessee, USA
      A comprehensive network diagram is worth 10,000 words and 15 conference calls.
      DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
      Do Not Chat For Help! NO_WAN_EGRESS(TM)

      1 Reply Last reply Reply Quote 0
      • L
        lastb0isct
        last edited by

        It looks like some traffic is passing through the qHigh queue now.  But not much…only a few bps.

        1 Reply Last reply Reply Quote 0
        • KOMK
          KOM
          last edited by

          Quick does nothing on match rules.

          Setting Quick changes the floating rule behaviour from last-match to first-match.  Quick is the default for all non-floating rules, but it is optional here.

          1 Reply Last reply Reply Quote 0
          • DerelictD
            Derelict LAYER 8 Netgate
            last edited by

            I don't think that's true on Match rules. I think match rules are always last match wins.

            Give the floating rule set posted it shouldn't matter either way in this case.

            Chattanooga, Tennessee, USA
            A comprehensive network diagram is worth 10,000 words and 15 conference calls.
            DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
            Do Not Chat For Help! NO_WAN_EGRESS(TM)

            1 Reply Last reply Reply Quote 0
            • DerelictD
              Derelict LAYER 8 Netgate
              last edited by

              I just looked and pfSense happily sets quick on match rules and the pf man pages don't say anything about it that I can see.

              I'm probably thinking about the last line (outdated) here:

              https://doc.pfsense.org/index.php/What_are_Floating_Rules

              Chattanooga, Tennessee, USA
              A comprehensive network diagram is worth 10,000 words and 15 conference calls.
              DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
              Do Not Chat For Help! NO_WAN_EGRESS(TM)

              1 Reply Last reply Reply Quote 0
              • D
                doktornotor Banned
                last edited by

                Match rules do not work with quick selected.

                1 Reply Last reply Reply Quote 0
                • L
                  lastb0isct
                  last edited by

                  Still does not seem to be working.  Any other ideas with what could be wrong on my config?

                  1 Reply Last reply Reply Quote 0
                  • KOMK
                    KOM
                    last edited by

                    Match rules do not work with quick selected.

                    Is that by design?  The pfSense book seems to imply that it should:

                    12.6.5 Quick
                    The quick controls whether rule processing stops when a rule is match. The quick option is added to all Interface rules
                    automatically, but on Floating rules it is optional. Without quick checked, the rule will only take effect if no other
                    rules match the traffic. It reverses the behavior of “first match wins” to be “last match wins”.
                    In most situations, it is advised that you always leave quick selected. There are certain specific scenarios where leaving
                    quick unchecked is necessary, but they are few and far between. For most, the only rules they would have without
                    quick selected are traffic shaper rules.

                    1 Reply Last reply Reply Quote 0
                    • D
                      doktornotor Banned
                      last edited by

                      @KOM:

                      Is that by design?  The pfSense book seems to imply that it should:

                      Try 12.6.4

                      1 Reply Last reply Reply Quote 0
                      • KOMK
                        KOM
                        last edited by

                        Gah.  They are confusing things by using Match in two contexts, as Action and as criteria-based candidate.

                        1 Reply Last reply Reply Quote 0
                        • L
                          lastb0isct
                          last edited by

                          Do you guys have any idea why my setup would not be working still? I am seeing no traffic pass through my qHigh queue.

                          1 Reply Last reply Reply Quote 0
                          • DerelictD
                            Derelict LAYER 8 Netgate
                            last edited by

                            Because your rules don't match the traffic you're trying to queue. Doublecheck everything.

                            Not that you'd want to leave it that way but you might try a pass rule on LAN from the source addresses that sets the queues.

                            You might also want to try explicitly setting the interface on the floating rules to LAN in.

                            Chattanooga, Tennessee, USA
                            A comprehensive network diagram is worth 10,000 words and 15 conference calls.
                            DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
                            Do Not Chat For Help! NO_WAN_EGRESS(TM)

                            1 Reply Last reply Reply Quote 0
                            • F
                              FireBean
                              last edited by

                              You could just say the hell with it all and just use CoDeL. In a home environment with Voip (Ooma and cell phone based voip) heavy downloads and a 1 person playing an online game (CS:GO), no one saw any problems at all and the call quality was better than with my last setup using HFSC.

                              1 Reply Last reply Reply Quote 0
                              • First post
                                Last post
                              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.