Traffic Shaper: Limiter

n3by

Is only 6 months old bug, whats the rush… it needed > 2 years to fix Schedule States bug and this new one appeared in exchange.  :'(

Derelict

This Limiter thing on 2.2 is a real downer.  It's beginning to feel like they don't know how to fix it.

SamTzu

Still nothing about Bug #4326

https://doc.pfsense.org/index.php/2.2.5_New_Features_and_Changes

Harvy66

It's currently listed under 2.3

https://redmine.pfsense.org/issues/4326

a_null

Wanted to inquire to see if anyone had additional info on this.

https://redmine.pfsense.org/issues/4326

doktornotor

No, it's still broken obviously as you can see from the bug status.

a_null

Yeah - I had that, which is why I asked if anyone had ADDITIONAL info, and not "is it fixed yet?" But thanks for playing.

externalz

@Derelict:

This Limiter thing on 2.2 is a real downer.  It's beginning to feel like they don't know how to fix it.

After almost 12 months, i am starting to get that vibe to brother. Not sure how long i can hold back on security updates for this bug :/

angkotband1996

@SamTzu:

Firewall: Traffic Shaper: Limiter
I rebuilt our firewall because the new pfSense broke our traffic shaping rules.
After export/import ruleset I still can't get traffic shaping to work on firewall WAN rules.
It seems to work fine on outgoing LAN rules though.

Any ideas why it stopped working on WAN side?

This setup used to work before on incoming traffic, now it breaks the rule if I do this.

Derelict

I think if you have port forwards on an interface it makes limiters appear like they're completely bypassed. In other situations, interfaces with limiters simply stop passing traffic.

Not sure if that's what you're seeing since "breaks the rule" is not very descriptive.

a_null

@Derelict:

I think if you have port forwards on an interface it makes limiters appear like they're completely bypassed. In other situations, interfaces with limiters simply stop passing traffic.

Not sure if that's what you're seeing since "breaks the rule" is not very descriptive.

Yeah - not sure about OP, but for me, "stops passing traffic" is a deal breaker.  :(

interkrome

I assigned the IN/OUT limiter to LAN interface instead of WAN. It works which (who ever in my PenaltyBox) it served the speed that I set.

But, i have one doubt on the limit. what is the minimum speed to allow for web access? i set 1024kbps/512kbps still not able to but i managed to access youtube and facebook website.

2.2.6-RELEASE (amd64)

Nullity

@interkrome:

I assigned the IN/OUT limiter to LAN interface instead of WAN. It works which (who ever in my PenaltyBox) it served the speed that I set.

But, i have one doubt on the limit. what is the minimum speed to allow for web access? i set 1024kbps/512kbps still not able to but i managed to access youtube and facebook website.

2.2.6-RELEASE (amd64)

I do not understand precisely what you are asking. Can you rephrase/clarify?

foresthus

@doktornotor:

https://redmine.pfsense.org/issues/4326

Nice to see that there is a ticket, but this ticket is nearly 1 year old. Is that a bug aswell? I hope to see a fix as sson as possible. :-[

interkrome

@Nullity:

I do not understand precisely what you are asking. Can you rephrase/clarify?

What is the minimum speed to set for website access like espn, BBC, nbc, etc. I found out only when I remove the limiter, it allow these page to load. If I set 1024/512 it doesn't load. The weird thing is it loads YouTube (can play the video) and Facebook (can comment, post pic, etc). Google search also loaded but whenever I click the link, the page failed to load ; with limiter enabled. Tested the speed via speedtest.net it shows as what I set.

I set IN/OUT limiter on LAN interface. Tried on WAN interface, limiter not working.

Nullity

@interkrome:

@Nullity:

I do not understand precisely what you are asking. Can you rephrase/clarify?

What is the minimum speed to set for website access like espn, BBC, nbc, etc. I found out only when I remove the limiter, it allow these page to load. If I set 1024/512 it doesn't load. The weird thing is it loads YouTube and Facebook. Google search also loaded but whenever I click the link, the page failed to load ; with limiter enabled.

Rate-limiting should only affect how quickly a page loads, not whether the page will load or not load.

It seems like you are encountering a limiter's bug or an unrelated bug.

interkrome

@Nullity:

Rate-limiting should only affect how quickly a page loads, not whether the page will load or not load.

It seems like you are encountering a limiter's bug or an unrelated bug.

OK. Let say a page should be fully loaded in 10 seconds with total size of 100 mb of data. So it takes around 10 seconds if i set 10mbps. So if I set it less than that, it will takes more time to load. Let say I set 1mbps, it should take 100 seconds or if I set 512kbps then it should take around 200 seconds to get fully loaded. What makes me wondering why page like Facebook and YouTube can be loaded (play video, read comments, etc) when my limit is 1mbps but not other pages. Not even landed to that address except YouTube and Facebook. Only these so far is accessible with the limiter. Weird.

Anyway. Thank you for your respond!

interkrome

It breaks at ipv6 address. That explained my situation

2.2.6-RELEASE (amd64)

SamTzu

High priority bug that has broken a key function in pfSense firewall has been unsolved for over a year now.

No proposals how to fix it. No descriptions on what actually broke, why it broke and what could be the best paths to solving the problem.

What is going on here? My faith in you is fading. Is this how you usually deal with High priority bugs? Who dares to take responsibility for this?

Sam

https://redmine.pfsense.org/issues/4326

killmasta93

Theres a workaround for squid with limiter  But it breaks NAT reflection :(