Traffic shaper with vlans and lagg is not working

geminux

Hi,

I encounter issue configuring traffic shaper on a pfsense box (2.2.2 nanobsd)

• I have 2 WAN and 4 LAN

• Each LAN is actually a vlan on top of a LAGG (2 Gbps NIC w/ LACP).

• All NICs are Intel chipsets.

I tried the "traffic_shaper_wizard_multi_all.xml" wizard many times with the following parameters :

BANDWITH AND ALTQ

• WAN#1 and WAN#2 = up 800kbps / down 13000 kbps

• Both LANs and WANs in HFSC

VOIP

• Prioritize Voice over IP traffic = enabled

• Provider = generic

• Upstream SIP Server = none

• Connection WAN#1 = 200kbps(up)

• Connection WAN#2 = 200kbps(up)

• Connection LAN#1 = 100kbps(down)

• Connection LAN#2 = 100kbps(down)

• Connection LAN#3 = 100kbps(down)

• Connection LAN#4 = 100kbps(down)

OTHERS

• Penalty Box = disabled

• P2P = disabled

• Games = disabled

• Others applications = disabled

Even after a reboot :

• there is no floating rules

• 'pftop -s1 -v queue' is empty

• Status > Queues says "No queue statistics could be read."

• Status > RRD graphs > Queues show queues list but graphs are empty

I tried some variations of this configuration :

• HFSC, PRIQ, CBQ -> no effect, same behavior, still not working

• enable P2P in the traffic shaper -> Floating rules for P2P only are added  but this is still not working since I can download some torrents at full speed(even after flushing states)

No idea of what to do… Is there a known altq issue about stacking Physical NIC, bonding, and vlan ??? And how to debug ?

Thanks !

geminux

UP!

Some other informations :

• I tried the same setup using physical nics only (NO VLANS and NO LAGG) -> Same issues (see my previous post)

• When I go to Status > Queues, it says "No queue statistics could be read -> And I also have the following entry in the logs : "pfsense php-fpm[54131]: /status_queues.php: XML error: no altqstats object found!"

• It was a different configuration but we used to have a traffic shaping setup on this hardware with pfsense 2.1 ~1year ago and it was working. So I think I can exclude any hardware/driver ALTQ incompatibility

No one ? No idea ?
Did I miss something ?

Thanks

geminux

Hi all,

After further investigation, it seems that pf/altq is unable to autodetect the bandwith/speed of a link if that link is a lagg w/ LACP. This is a reproductible bug :

Reproduce it

• Remove the shaper config

• Run the multilink wizard

• Add a lagg interface as one of your lan iface during the wizard (In my case it's a vlan on top of a lagg - it does not matter).

• Finish the wizard with any config

Now login with ssh and run :

pfctl -v -f /tmp/rules.debug

you will have the following error :

altq on lagg0_vlan11 hfsc tbrsize 6000 queue { qLink qInternet }
queue qLink on lagg0_vlan11 bandwidth 20% qlimit 500 hfsc( red ecn default ) 
bandwidth for qInternet higher than interface
queue qLink on lagg0_vlan11 bandwidth 2Mb qlimit 500 hfsc( red ecn default ) { qACK qP2P qVoIP }
/tmp/rules.debug:131: errors in queue definition
parent qInternet not found for qACK

pf/altq tries to calculate a percentage of the bandwidth but the bandwidth value is null

Fix it

• Go to Traffic Shaper > By Interface

• Select the LAGG interface and force the "Bandwidth" value

• Save, Apply

Now, pf/altq will be able to calculate a percentage of the bandwidth.

Checks

• Re-run "pfctl -v -f /tmp/rules.debug"    –-> No error

• Go to Status > Queues    –-> It works. No more errors

A LAGG w/ LACP link may have variable bandwidth depending on the number of links available (up) but if it is not possible to determine the link speed during the shaper wizard, we should ask the user for a manual value
It seems to be a bug… Should I report it on redmine ?

A Former User

Ran into this bug today on 2.2.5. Still an issue.

dasti

my informations are maybe out of date but as far as I know, due to a limitation in FreeBSD, lagg does not support altq

Harvy66

LAGG really isn't a single interface, there is no good way to traffic shape it like one. It is entirely possible that all traffic will go out one of the two links.

One way it could be implemented is if you could shape the individual interfaces that comprise of a LAGG group.

sepp_huber

Hm,

I must use LAGGS because I use a failover setup with different hardware`(different device names for the NICS).
Is there any other way to do a QoS/Trafficshaping for my VOIP packets with this setup?