Goals: Ensure enough room for ACKs, single destination IP has lowest priority.
-
I'm using pfSense 2.4.2. I'm completely new to traffic shaping but I understand the basic concepts. My current setup:
50Mbps down/5Mbps up WAN connection. I have a couple of VPN clients on the router, and I have rules to router local traffic out of WAN, VPN1, or VPN2 depending on which VLAN it came from. I There are a couple of exceptions to this, so I have an alias for "always route out WAN" listing particular statically assigned IPs.
I'm got several machines doing backups on various VLANs. If there happens to be a large differntial backup, it swamps the upload connection and lots of other things that normally only downloading start performing poorly. I suspect this is because the backups aren't leaving enough room for the ACKS on applications that are otherwise using very little upload.
So, what I would like to do is something like this:
- Across WAN, VPN1, and VPN2 always leave enough room for ACKs.
- Somehow classify the backup traffic exiting WAN, VPN1, VPN2, as the lowest priority.
- All other traffic can be "the rest".
I don't care enough to create more classes than "backups are lowest", "ACKs are highest", "everything else is the same". I only want this to apply to the WAN, VPN1, VPN2.
Is this easy to do? Any ideas on how to identify the backup traffic, it'll be https to a specific domain (I can get the current set of IPs but it can change over time), on my LAN, it could originate from different VLANs, but I could maybe limit this traffic to originate from fixed set of source IPs.
Thanks for any advice or help.
-
The simplest setup would be FairQ shaper with Codel as a child queue discipline. If you want something easy to manage but keeps latency down, look into fq_Codel (https://forum.pfsense.org/index.php?topic=126637.0).
-
The simplest setup would be FairQ shaper with Codel as a child queue discipline. If you want something easy to manage but keeps latency down, look into fq_Codel (https://forum.pfsense.org/index.php?topic=126637.0).
Thanks for the reply. I like simple. Is there documentation on setting this up? Can I just worry about the WAN interface for now? Do I do this thru one of the wizards or some other way?
-
No wizard. Just go to WAN, set the bandwidth at the interface to ~90% of your effective upload bandwidth with FairQ as the scheduler, and check the box in the Default Queue to enable Codel…. I think.
-
Thanks for the reply, but I don't understand enough about setting up Traffic Shaping to make sense of your answer. Is there a step-by-step document somewhere? Or something with screenshots?
-
Ignore all of my other queues. All you care about is "Default".
-
Thanks! I'll try this tonight.
Ok, so from scratch I go to:- Traffic Shaping by Interface -> WAN
- I select FAIRQ and put in my 90% upstream bandwidth number.
- qDefault then automatically shows up? How do I get to the per-queue settings?
-
Click on the queue.