Traffic Shaper Priority Field
-
I'm having some issues with the Priority field in the GUI. Could be my limited understanding of the tool.
tl;dr - The GUI doesn't seem to be saving Priority=0 to the config file
Primary Issue:
1.1) When the parent is set to CBQ (or even PRIQ), I can set the Priority of the child to 0, but it is not saved to the config file.*Note that 1.1 also applies to HFSC, but that's a moot point since HFSC doesn't use Priority per smarter people on this forum.
Secondary Issues:
2.1) When the parent is set to PRIQ, and one child is set to Priority 1, and one child is set to Priority 0, I get the following error:
"There were error(s) loading the rules: pfctl: qDefault and qMail have the same priority"2.2) When the parent is set to CBQ, and one child is set to Priority 1, and one child is set to Priority 0, I don't get any errors, however pfTop does not show 1 or 0 in the PRIO column.
2.3) When the parent is set to PRIQ, I cannot set the Priority of the child higher than 7. PRIQ's priority range is 0 to 15, yet it seems to be limited to 0 to 7 in the GUI.
Tertiary Issue:
3.1) The GUI says "For hfsc, the range is 0 to 7. The default is 1. Hfsc queues with a higher priority are preferred in the case of overload."
Shouldn't this be "For cbq, the range is 0 to 7. The default is 1. cbq and priq queues with a higher priority are preferred in the case of overload." ?Can anyone enlighten me or point me to a bug report if this is already in plan to be fixed?
pfSense 2.3.3
-
There is a bug report to remove priority from the HFSC GUI piece:
https://redmine.pfsense.org/issues/1994
Which one are you trying to use?
If you are using PRIQ, you can really just 0-7 unless for some reason you are trying to get more than 8 buckets to drop traffic in.
The 15 thing seems to be a bug to:
https://redmine.pfsense.org/issues/6904It's probably helpful to figure out your use case and what you are trying to do. So far, I've found that a simple setup for Traffic Shaping seems to be most efficient.
-
Thanks for the links Animosity022.
That first one for HFSC GUI appears to have been rejected. Probably needs to be re-opened.I'm trying to use CBQ - specifically 8 separate queues under 1 parent. For some reason, the GUI won't save Priority = 0
-
I could never really got CBQ working the way I wanted to I ended up just pushing on using HFSC as that seemed to address my scenario.
8 Queues is a lot of breaking out traffic though.
I have a very simple HFSC setup with 3 queues and I basically just drop my Plex server 'other' traffic:
pfTop: Up Queue 1-8/8, View: queue QUEUE BW SCH PRIO PKTS BYTES DROP_P DROP_B QLEN BORROW SUSPEN P/S B/S root_em0 300M hfsc 0 0 0 0 0 0 qDefault 100M hfsc 46284 28356529 0 0 0 qHigh 150M hfsc 284640 340702K 0 0 0 qLow 50M hfsc 181303 12315551 0 0 0 root_em1 300M hfsc 0 0 0 0 0 0 qDefault 100M hfsc 127503 160061K 0 0 0 qHigh 150M hfsc 68358 4982426 0 0 0 qLow 50M hfsc 1075125 1509902K 0 0 0
I have 300/300 Link so it's a bit easier. I have Codel Active Queue setup on all 3 on each queue and keep a queue limit of 1000 on each, which was my balance between extremely minimal bufferbloat and still keeping my B/W high.
My rules look like:
Speedtest:
I found if I play around with my queue limits, it reduces my B/W since I'm dropping some packets and I get a bit more retransmits, but I improve my bufferbloat. That's where I ended up with my balance of not dropping and doing some queuing on my pfsense so I only get a few more ms of delay and my quality/bandwidth remain very good.
I tested my config with maxing my upload/download with numerous things going from my plex server (iperf and various download/uploads) and I'm very happy with that config.
Also, I do all my floating rules with 'pass' and 'quick' so I can validate all the traffic is going into the right queue easier so you do have to be careful you don't open something up to the outside world by mistake.
-
Wow Animosity022, that usage scenario is very close to mine (VoIP, XBoxes, PS4, Rokus, Plex, NAS, PCs (inluding Android/iOS Phones), LAN Printers, Guests). My connection is 130/10.
I tried HFSC on the VLANs, but lost too much speed on the download, so I'm trying CBQ to get the full bandwidth sharing (since I don't know enough about HFSC yet).
I am successfully using HFSC on the 10Mb WAN uplink so that I can guarantee the real-time and near-real-time traffic.My queues are;
7 - Real Time Traffic - VoIP/NTP
6 - Near Real Time Traffic - Videoconferencing Traffic through work VPN
5 - Signalling Traffic - Ack/DNS/ICMP
4 - Interactive Traffic - Gaming/Chat (XB1, PS4)
3 - Streaming Traffic - Music/Video (Rokus)
2 - Web Traffic - HTTP/HTTPS
1 - Default Traffic
0 - Mail & Guests TrafficOn the VLANs, I have two main "parents" - qLocal 850Mb & qInternet 125Mb. I send all local LAN traffic (ie. Plex, NAS, Printers) through qLocal, and all Internet traffic through qInternet. The qInternet has the 8 "children" queues above.
Hence why I'm trying to get Priority 0 to work in CBQ.
-
I am a bit confused about this 'quick' option thing —
https://doc.pfsense.org/index.php/What_are_Floating_Rules
"Floating Rules are parsed before rules on other interfaces. Thus, if a packet matches a floating rule and the Quick option is active on that rule, pfSense will not attempt to filter that packet against any rule on any other group or interface tab.Rules using the Queue action do not work with quick checked."
What I have in my HFSC shaper is that I've never got the floating rules work on VoIP traffic. Instead of this I use queues on NAT generated rule for VoIP port forwarding and this really works, I can see some moving in VoIP queue.
But I am not sure if I need to delete automatically NAT generated rule and process only floating one, I've tried both variants with no luck, but it was year ago and may be something changed since. -
I'm using action "Pass" and quick checked.
My theory was to make sure I had my rules from top down in terms of what I wanted to match first and in the proper order. I'm sure there are multiple ways to do the same, but that was were I landed.
If I make a test call, I can see the VOIP rule pickup and sessions get created.
To the best of what I can see, quick is dropping things in the right queue based on the order I have specified.
I'm not sure if I'm lucky or I actually have it right :)
-
I've tested it again, removed NAT created firewall rules by selecting just "none" for associated firewall rule, but I wonder why we can't create or select exciting floating rule, is there some security or safety reason for it?
Anyway looks like everything works with floating rules also, even when "quick" is enabled.
The question remains what rules are really needed for queuing NAT — both, on WAN "pass" and floating "match" or only floating one with "pass".Double K
I would recommend you to re-open https://redmine.pfsense.org/issues/1994 posting the same information you provided about rejected priority or create a new one issue. -
@Double:
I'm having some issues with the Priority field in the GUI. Could be my limited understanding of the tool.
tl;dr - The GUI doesn't seem to be saving Priority=0 to the config file
I thought I was alone in this, I also noticed that a priority of 0 cannot be saved, even though the GUI attempts to. would be great if a priority of 0 could be saved because it would allow us one more bucket/level of shaping