Bug? Traffic Shaper Wizard not working on SG-1000

TauCeti

Hi,

I've been trying to get traffic shaping working on the SG-1000 since finding out that the NIC drivers do not support ALTQ. It's been mentioned on these forums that this can be worked around using VLANs (for example: https://forum.pfsense.org/index.php?topic=122798.0). I've managed to get the following setup running:

                  SG-1000 
ISP <--PPPoE--> | WAN LAN | <--VLAN--> Switch <--> LAN

The PPPoE and the LAN_VLAN adaptors show up in the Traffic Shaper Interfaces list and I am able to go through the traffic_shaper_wizard_multi_all.xml wizard no problems. However when the rules go to be loaded this error message is given:

There were error(s) loading the rules: pfctl: cpsw1_vlan10: driver does not support altq - The line in question reads [0]

To see whether this was port specific or not, I then reconfigured my network in the following way:

                                   SG-1000
Internet <--> Switch <--VLAN--> | WAN  LAN | <--VLAN--> Switch <--> LAN

But I get a near identical error message:

There were error(s) loading the rules: pfctl: cpsw0_vlan20: driver does not support altq - The line in question reads [0]

I'm guessing that the rules for cpws0 are just executed first, hence the different message.

Is this a bug? Or some subtle setting I'm missing when using VLANs? Or contrary to some of the forum posts do VLANs just not support ALTQ?

I'm currently running: 2.4.0.b.20170129.1734

Cheers

EDIT:
Just been browsing the 2.4 tickets and found a ticket with similar symptoms:
https://redmine.pfsense.org/issues/7066

doktornotor

https://forum.pfsense.org/index.php?topic=122798.0

TauCeti

Well yes … I link to that thread in my post  ::)

That very thread (and others) suggest you can use VLANs to as a workaround which is what i am doing. But it still does not work. That fact that you can select the interfaces on the Traffic Shaper page is also odd as it is not meant to display unsupported interfaces.

doktornotor

So why are you starting a new duplicate thread? Won't get anything fixed any sooner.

TauCeti

Well the earlier thread dealt with limitations of the cpsw NIC driver. This problem is with the vlan driver. It seemed logical to separate the two.

Derelict

Merged same topic.

oben

@TauCeti:

Hi,

I've been trying to get traffic shaping working on the SG-1000 since finding out that the NIC drivers do not support ALTQ. It's been mentioned on these forums that this can be worked around using VLANs (for example: https://forum.pfsense.org/index.php?topic=122798.0). I've managed to get the following setup running:

                  SG-1000 
ISP <--PPPoE--> | WAN LAN | <--VLAN--> Switch <--> LAN

The PPPoE and the LAN_VLAN adaptors show up in the Traffic Shaper Interfaces list and I am able to go through the traffic_shaper_wizard_multi_all.xml wizard no problems. However when the rules go to be loaded this error message is given:

There were error(s) loading the rules: pfctl: cpsw1_vlan10: driver does not support altq - The line in question reads [0]

To see whether this was port specific or not, I then reconfigured my network in the following way:

                                   SG-1000
Internet <--> Switch <--VLAN--> | WAN  LAN | <--VLAN--> Switch <--> LAN

But I get a near identical error message:

There were error(s) loading the rules: pfctl: cpsw0_vlan20: driver does not support altq - The line in question reads [0]

I'm guessing that the rules for cpws0 are just executed first, hence the different message.

Is this a bug? Or some subtle setting I'm missing when using VLANs? Or contrary to some of the forum posts do VLANs just not support ALTQ?

I'm currently running: 2.4.0.b.20170129.1734

Cheers

EDIT:
Just been browsing the 2.4 tickets and found a ticket with similar symptoms:
https://redmine.pfsense.org/issues/7066

The ESXi driver was having the same issue and was fixed by changing multiqueue support that is baked in to FreeBSD 11 apparently.

The SG-4860 VLAN also doesn't work with the shaper due to this altq incompatibility.

I'm surprised Netgate/Rubicon whatever they're called these days hasn't prioritised getting this right on their own hardware!?

gsiemon

@oben:

The ESXi driver was having the same issue and was fixed by changing multiqueue support that is baked in to FreeBSD 11 apparently.

The SG-4860 VLAN also doesn't work with the shaper due to this altq incompatibility.

I'm surprised Netgate/Rubicon whatever they're called these days hasn't prioritised getting this right on their own hardware!?

Different issue I think.  VMXNET3 nics in ESXi always had support in ALTQ.  The nic driver in the SG1000 doesn't have a driver that supports ALTQ yet.  Refer to the second post in this thread.

@jimp:

The cpsw NICs in the SG-1000 do not support ALTQ shaping currently. No ETA on that.

You could use VLAN tagged interfaces, as those do support ALTQ, but it's a little more to setup on the firewall and switch.

eri--

Missing skills i would suggest, but i am biased :).

loos

no pun intended… sure :)

Jimp just brought this to my attention today.

Please, let's open an issue to properly keep all this information.

Thanks.

gsiemon

@loos:

Please, let's open an issue to properly keep all this information.

Thanks.

Done: https://redmine.pfsense.org/issues/7199

eri--

@loos:

no pun intended… sure :)

Jimp just brought this to my attention today.

Please, let's open an issue to properly keep all this information.

Thanks.

Nothing personal loos but just above your paygrade, really!

Keep until the next one.

jwt

Ermal,

Having employed both you and Luiz, allow me to make one thing perfectly clear.

By every measure, Luiz is a better engineer, a better employee, and a better individual.

To be clear, his "skills" (technical chops) surpass yours.

I am not alone in this position. One need only reflect on the simple fact that you are not yet a full committer to FreeBSD.  Luiz is.  Why is that, Ermal?

Another point, Why hasn't Chris hasn't employed you at Ubiquit?i

I know the answers to these questions, and so do you.

There are many reasons why your employment here was terminated.  While I have thus far refused to disclose these, mostly to protect your ability to find employment, I do have limits, and you are quite near to exceeding same.

Your actions here and on Twitter can be compared to those of a petulant chilld. I suggest you reconsider the potential consequences of continuing your current path.

Nullity

Similarly, I miss you around here ermal.

Good luck with whatever you are doing. You're too smart to let these little mistakes lead you down a path you can't return from.

doktornotor

maverick_slo

@doktornotor:

Ummm yeah…
This is no place to discuss such matters.

We don`t care.

eri--

Nothing personal loos but just above your paygrade, really!

Keep until the next one.

This just means he should not get involved into this since its not his call…..
I just use this to push things to get fixed since i know i am a sensitive topic ;)

@jwt:

Ermal,

Having employed both you and Luiz, allow me to make one thing perfectly clear.

By every measure, Luiz is a better engineer, a better employee, and a better individual.

To be clear, his "skills" (technical chops) surpass yours.

I am not alone in this position. One need only reflect on the simple fact that you are not yet a full committer to FreeBSD.  Luiz is.  Why is that, Ermal?

Another point, Why hasn't Chris hasn't employed you at Ubiquit?i

I know the answers to these questions, and so do you.

There are many reasons why your employment here was terminated.  While I have thus far refused to disclose these, mostly to protect your ability to find employment, I do have limits, and you are quite near to exceeding same.

Your actions here and on Twitter can be compared to those of a petulant chilld. I suggest you reconsider the potential consequences of continuing your current path.

I was not commenting Luiz in any sense since i do not have anything against him.
I wish him best of luck and have him enjoy what he works on!

Commenting on my involvement with FreeBSD is not something you can evaluate or even understand.I
ts just nothing i have pushed for long since it really has never been considered to bring added value to me, but that is a topic for myself and FreeBSD project and how they handle some things.
Just to remind, you do not know me you just met me for a period of time!

Surely, you just throw the best of you to the worst when time comes.
I know you for this and i am not alone in this reasoning but unlike you i do not bitch around just to show off and just to come up first in every next topic.
While about you Jim, thank you for your appreciation and valuing my contribution to the project!

Bringing Chris into the matter is not good its just your way, though good to see you guys are still in touch.
Also, employing me or not is a matter of the employer not Chris, I value equal opportunity companies and you clearly make a bad case for the company at hand and most surely Chris, which i respect as a friend, accusing him of breaking company policies!
This is who you are i cannot change that, do not forget that even knowing this i asked you to still work on pfSense since its a partial time of my life you still refused!

While my technical skills are something depending on time you evaluated differently, they just show up on my contribution to pfSense and what i made it be during this time.
My employer or any future employers have nothing to do with any of our discussion, its just some fuzzing pressure from you for whatever reason.
Child or not i have still to see my copyrights restored wherever they were.

Finally, I really have no consideration for you or how you do business,
the most funny part is that i came here to check the forum and could not resist to make the comment, innocently, since i see shaping something left over in general on the project.
Still, You have my contacts and can bring with me up any concerns on your side as i have tried doing so far in private.

Take care grown up.

strimmer

first post

I was also having issues with the Traffic Shaper Wizard not working on the SG-1000 because ALTQ wasn't supported on the cpsw NICs.

Just wanted to direct folks to: https://redmine.pfsense.org/issues/7199

True to this post, on the build I tried after 20170211, I was able to go through the traffic shaper wizard successfully.

Yay!

Unfortunately I experienced 3 issues with the wizard:
1. When choosing PRIQ, the wizard never made the VOIP queue, when entering the VoIP server IP.  Even after running the wizard multiple times  (Choosing HCSF, the wizard DID make the VoIP queue).
2. When choosing PRIQ, despite my best (admittedly NOOB) efforts to have all traffic to/from a single IP (say 192.168.1.50) put to the qOthersHigh queue, all traffic shows on the qLink and qDefault queues.  Nothing is routed to other queues.
3. When choosing HFSC, despite my best (admittedly NOOB) efforts to have all traffic to/from a single IP (say 192.168.1.50) put to the qOthersHigh queue, all traffic shows on the qLink and qDefault queues.  Nothing is routed to other queues.

I'm not familiar with pfsense forum etiquette, should I create a new thread for these issues with the Traffic Shaper Wizard, or is it appropriate for me to outline my separate issues with the wizard on this existing thread?

Thanks for any assistance or requests for additional information.

-S

w0w

You need to create an own topic in "traffic shaper".
Wizard created shaper needs manual tune. You need to create or use exciting firewall rules to assign your desired queues to traffic. Fo example you have utorrent running on 192.168.1.10 port 1111 (port forwarded), you need to find wizard created p2p floating firewall rule and manually assign IP and port.