*RANT* Why pfsense is popular
-
https://flyovercountry.org/2014/02/google-fiber-gigabit-speeds-your-router-part-1-vlans/
Looks like those guys have done most of your research for you.
pfSense can NOT set DSCP bits. It can only match on them. You will likely need to do that in a switch between your fiber and the WAN interface as outlined in that blog.
Your RANT against pfSense is misplaced.
ETA:
You might be able to get closer tagging VLAN 2 with VLAN Priority 3 set. https://forum.pfsense.org/index.php?topic=71806.msg619859#msg619859
-
https://flyovercountry.org/2014/02/google-fiber-gigabit-speeds-your-router-part-1-vlans/
Looks like those guys have done most of your research for you.
pfSense can NOT set DSCP bits. It can only match on them. You will likely need to do that in a switch between your fiber and the WAN interface as outlined in that blog.
Your RANT against pfSense is misplaced.
ETA:
You might be able to get closer tagging VLAN 2 with VLAN Priority 3 set. https://forum.pfsense.org/index.php?topic=71806.msg619859#msg619859
Which btw is exactly how I have it set up. I might be a pfsense newb, just not networking technology hardware know just a little bit what i'm talking about newb. Which is why I had explained before that my speed test were normal, sinse with out the VLAN 2 and the VLAN 802.1p bit set to 3, i would get exactly ZILCH.
RANT still firmly in place.
-
Must be you. And your RANT would be better directed at google fiber - you know, the entity you are actually PAYING - for demanding you use their device with zero documentation regarding using others.
Merry Christmas.
-
So are you saying you don't have the switch in front of pfsense like the article Derelict linked to setting the dscp?
-
Merry Christmas!
First, some of this is over my head… but...
Please don't forget - did OP ever provide the sniff of where pfSense injects the additional 300ms packets as requested by Johnpoz (post #27)? Why not?
Derelict IMHO is correct, you need to direct your RANT elsewhere and away form pfSense. You won't as you think it's a pfSense issue. It's not. What about the "other firewall/router x64 solutions", did you RANT at them like you have at pfSense? So far you've indicated the issues are with GFiber and/or the switch you currently have in place.
OP - I think it could have greatly help everyone trying to help you if you indicated your setting of DSCP bits in your original post rather than waiting until post #34. Why now vs the very beginning?
If you want to rant/bitch/complain/whatever, great, but do it with all facts presented vs presenting half facts (waiting until #34 to state DSCP setting).
If you want to flame me - do it, I don't care and won't care for the following reasons:
1. Until you honor Johnpoz's request for info requested in post 27 request. If you ever do.
2. You are now a moving target. The people trying to help you make request, maybe you provide info, maybe not. The when VERY convenient to you, you inform everyone this is how I have it set up - post #34. Where was that detail prior?
3. Did you get on ALL the other boards for the "other firewall/router x64 solutions" (post #1) indicating your RANT with them for the same reasons you gave about pfSense? Again, where was that ever mentioned?
4. Most of my questions are rhetorical as if you truly wanted to help yourself you would have provided info to get to a resolution rather than wait to cherry pick responses or provide (additional) info.
5. Accept the blame yourself as it falls squarely on your shoulders.Personally, I can't take you seriously until ALL the information requested of you IS provided by you. Now just to be sure, don't forget to add the part about - no need now as you have resolved the problem OR how you believe pfSense just doesn't measure up blah blah blah, as now it's convenient time to do so.
-
He seem to attempt to show the latency of pfsense pinging 8.8.8.8 but he did not run the sniffs at the same time, and it seems he has something else pinging 8.8.8.8 as well… But his sniffs the time nor the seq numbers clearly show they were not sniffed at the same time... So from those its not even possible to calc what latency is being added by pfsense for the routing and natting and evaluation of the firewall rules.
-
Must be you. And your RANT would be better directed at google fiber - you know, the entity you are actually PAYING - for demanding you use their device with zero documentation regarding using others.
Merry Christmas.
Never ever did I say I might not be them, I just hadn't gotten to calling local cable company and signing up for a month and remove that possible variable.
Merry Christmas
-
So are you saying you don't have the switch in front of pfsense like the article Derelict linked to setting the dscp?
No i do not have the managed switch sitting in front of the router like the articale from flyovercountry, I have the setup like the KingViper has in the pfsense forum post ( https://forum.pfsense.org/index.php?topic=71806.msg619859#msg619859 ) .
-
Merry Christmas!
First, some of this is over my head… but...
Please don't forget - did OP ever provide the sniff of where pfSense injects the additional 300ms packets as requested by Johnpoz (post #27)? Why not?
Derelict IMHO is correct, you need to direct your RANT elsewhere and away form pfSense. You won't as you think it's a pfSense issue. It's not. What about the "other firewall/router x64 solutions", did you RANT at them like you have at pfSense? So far you've indicated the issues are with GFiber and/or the switch you currently have in place.
OP - I think it could have greatly help everyone trying to help you if you indicated your setting of DSCP bits in your original post rather than waiting until post #34. Why now vs the very beginning?
If you want to rant/bitch/complain/whatever, great, but do it with all facts presented vs presenting half facts (waiting until #34 to state DSCP setting).
If you want to flame me - do it, I don't care and won't care for the following reasons:
1. Until you honor Johnpoz's request for info requested in post 27 request. If you ever do.
2. You are now a moving target. The people trying to help you make request, maybe you provide info, maybe not. The when VERY convenient to you, you inform everyone this is how I have it set up - post #34. Where was that detail prior?
3. Did you get on ALL the other boards for the "other firewall/router x64 solutions" (post #1) indicating your RANT with them for the same reasons you gave about pfSense? Again, where was that ever mentioned?
4. Most of my questions are rhetorical as if you truly wanted to help yourself you would have provided info to get to a resolution rather than wait to cherry pick responses or provide (additional) info.
5. Accept the blame yourself as it falls squarely on your shoulders.Personally, I can't take you seriously until ALL the information requested of you IS provided by you. Now just to be sure, don't forget to add the part about - no need now as you have resolved the problem OR how you believe pfSense just doesn't measure up blah blah blah, as now it's convenient time to do so.
First off dude whatever you are smoking, stop its screwing with your brain. LITERALLY the first paragraph of the first post:
"In my quest to increase my networking knowledge and to have control of my own equipment, I had decided to remove my Google Fiber network box from my network and decided with a single box solution. Yes you can guy a managed switch like the edge router and stick a consumer router behind it (this is a need of having GFiber as you have to set your WAN to VLAN 2 with a 802.11q bit of 3) and be done with it. But after reading and watching many many youtube videos about rolling your own router and most of them were about pfsense, I then focused my video watching to pfsense related videos. "
Yes I realize that I mistype the 802.1p part, but its still in the first part.
Secondly, I honestly have not gotten to the sniff as my weekends are more hectic then a normal work week.
Thrid, my normal access flows just fine, streaming works, live tv works, speed tests are 850-950 Mbps which is normal using the GFiber network box. The ONLY noticeable effect is in game latency in World of Warcraft which can be 300-2500ms, which a normal range of 300-650ms . That being said I have seen it at 50 ms latency in game.
One curious thing, IF i start the game using the GFiber box, then move the cable to the pfsense box my latency in game stays right at 70-80 ms until i log out of the game and come back to play later.
Again please stop smoking whatever dope you are on, since once again you have completely missed the fact I have tried other router software solutions and they do not offer the ability to set the 802.1p bit at all. And yes I have had a conversation with one of the engineering techs and he has submitted a feature request to the coders to add the ability to set that bit. Whether that happens is beyond my control but it is something I've tried to do to remove pfsense as the variable, there just isn't anything I have found that will do that. And sticking a managed switch in the front of pfsense box does NOT remove that variable, just highlights the fact pfsense may not be processing the switch properly.
5. Accept the blame yourself as it falls squarely on your shoulders.
WTF are you smoking.
-
He seem to attempt to show the latency of pfsense pinging 8.8.8.8 but he did not run the sniffs at the same time, and it seems he has something else pinging 8.8.8.8 as well… But his sniffs the time nor the seq numbers clearly show they were not sniffed at the same time... So from those its not even possible to calc what latency is being added by pfsense for the routing and natting and evaluation of the firewall rules.
Holy hell I simply used the same commands that where provided in the examples you all posted in the forum, nothing more nothing less.
-
And sticking a managed switch in the front of pfsense box does NOT remove that variable, just highlights the fact pfsense may not be processing the switch properly.
A packet capture can quickly determine if those bits are set on your traffic.
-
Contrary to some misguided beliefs you all have I really want pfsense to work, the GFiber box is garage for doing any advanced networking in the form of AV and VPN at the router level. I have done what I could before coming to the forums as I knew there would be fan boys of pfsense that would be upset that I challenged the functionality of pfsense. I was merely looking for ideas as to why there would be that much of a difference in in game latency.
I wholeheartedly accept the fact I have done something wrong, I know next to nothing about pfense. Can you say the same about yourselves and pfsense, there is a reason that the current version is 2.4.2-RELEASE-p1 cuz they fk'd up 2.4.2.
I'm trying to create a "general" profile that any GFiber/WOW user can load into pfsense and it just works.
-
And sticking a managed switch in the front of pfsense box does NOT remove that variable, just highlights the fact pfsense may not be processing the switch properly.
A packet capture can quickly determine if those bits are set on your traffic.
From the few help sections I have read there are a couple of ways to do it in pfsense, is there a method you would prefer to see?
-
Diagnostics > Packet Capture
WAN
Generate some traffic.
See if the proper priority is set.
If so, call google. If not, open a bug report.
-
https://flyovercountry.org/2014/02/google-fiber-gigabit-speeds-your-router-part-1-vlans/
Looks like those guys have done most of your research for you.
pfSense can NOT set DSCP bits. It can only match on them. You will likely need to do that in a switch between your fiber and the WAN interface as outlined in that blog.
Your RANT against pfSense is misplaced.
ETA:
You might be able to get closer tagging VLAN 2 with VLAN Priority 3 set. https://forum.pfsense.org/index.php?topic=71806.msg619859#msg619859
I think what he's getting at is he's ranting about the situation and seeing if someone may have some ideas, not so much him being critical.
-
https://flyovercountry.org/2014/02/google-fiber-gigabit-speeds-your-router-part-1-vlans/
Looks like those guys have done most of your research for you.
pfSense can NOT set DSCP bits. It can only match on them. You will likely need to do that in a switch between your fiber and the WAN interface as outlined in that blog.
Your RANT against pfSense is misplaced.
ETA:
You might be able to get closer tagging VLAN 2 with VLAN Priority 3 set. https://forum.pfsense.org/index.php?topic=71806.msg619859#msg619859
I think what he's getting at is he's ranting about the situation and seeing if someone may have some ideas, not so much him being critical.
Thank you Harvey for undestanding
-
I suddenly remembered that WoW measures latency as an aggregate sliding window and the RTT is measured as the time it takes to get a response over TCP. This is a high level "ping". I've seen it report as high as 9,000ms latency, when I knew I had maybe 100ms, but high packet loss. Your latency spikes may not actually be delayed packets, but dropped packets and TCP taking time to resend.
Are you doing any traffic shaping? I ask because pfSense defaults to 50 packet queues when you enable shaping, and 50 may be too small and may cause lost packets under certain loads.
-
deleted because of personal insults
-
Please back off the hostility and profanity.
-
"Holy hell I simply used the same commands that where provided in the examples you all posted in the forum, nothing more nothing less."
I understand that - but you have to run them at the same time ;) Open 2 ssh sessions to pfsense, and run the commands at the same time.. Then ping 8.8.8.8 from a client behind pfsense..
Are you using 8.8.8.8 as a monitor IP for one of your gateways?
If you provide the actual sniff we can see if any dscp is set.. But from the info linked to.. if your not setting dscp then your upload is limited to 10mbps.. Or in other terms watching paint dry.. So yeah if anything else is going on at the time your playing games.. Your upload pipe could get full and latency increase..
You need to set the dscp that your isp requires if you want to remove your isp device.. This has ZERO to do with pfsense.. And no p1 is not because they f'd up 2.4.2.. Such a statement really is not something that will help you get help with your problem.. Is sp1 because they f'd up windows 7? what about sp2 is that because they 'f''d up 7 and sp1 release?
