Playing with fq_codel in 2.4
-
https://github.com/pfsense/pfsense/pull/3941
And happiness ensued…
:)
-
https://github.com/pfsense/pfsense/pull/3941
And happiness ensued…
:)
Fired up about it. Looking forward to this addition.
-
;D ;D ;D ;D
-
Great news!!!
I wonder if it's a good idea to clear the current fq_codel config before upgrading to 2.4.4 and rebuild it using the GUI after the upgrade? Otherwise, maybe things might not upgrade correctly? Does anyone have any thoughts on that?
Thanks in advance.
-
https://github.com/pfsense/pfsense/pull/3941
And happiness ensued…
:)
Fired up about it. Looking forward to this addition.
Me too! I submitted that PR after working on it this week, actually got the idea from reading this thread. I'm testing it on my own right now; I have multi-LAN and multi-WAN, and I needed something to be able to classify traffic coming from WAN A / WAN B out LAN A/B and WAN B out the same LAN paths. Dummynet works awesome for this, and I've gone from a Bufferbloat score of C to A with the patch. If you want to load the patch, you just have to make a queue under the limiter, and assign it with a floating rule on the WAN interface (out direction).
Gripes about Traffic Shaper right now that the Limiter PR seems to help out with:
-
Not enough parameter configuration for FQ_CODEL on the GUI (default FQ_CODEL target is 5000 on my install)
-
Couldn't get traffic shaper (altq) to bind to LAGG interfaces
-
Couldn't get traffic shaper (altq) to work with a multi-LAN setup for download classification
-
PIE support
For those of you interested, here's a SS: https://i.imgur.com/N36gpXF.png
If anyone has any suggestions for changes or notices any problems, I'd be happy to factor them into my fork (and therefore the PR). Full disclosure, I am by no means an expert on dummynet/ipfw. I just have a lot of free time on my hands…
-
-
Really appreciate the work Matt!
-
@matt, why is the interval so large? The interval should be roughly equal to your upper typical RTT. 100,000ms is a pretty big RTT.
-
@matt, why is the interval so large? The interval should be roughly equal to your upper typical RTT. 100,000ms is a pretty big RTT.
Not sure. I'm loading these params in from sysctl upon save, so it's set to whatever is default. I did think that was odd, also. Maybe I have the units wrong and```
targetEDIT: You're exactly right on this! I make a sysctl call to load in defaults but it seems the units used on the sysctls are definitely not milliseconds! Looks like microseconds to me. I'm fixing the PR. Also, I've got a patch for 2.4.3 as well on my repository which will get this change, too. EDIT 2: All fixed! And, here is the applicable DIFF file for the repository should anyone want to load the patch into their 2.4.3 install. I run pfSense at home, on the stable release, so I'm using this branch and copying changes to the PR (which is ahead in terms of code). Definitely don't use the PR's diff on a stable 2.4.3 install, since they've got some wonky PHP 7 stuff going on that causes some really weird behavior in the whole shaper module. This diff doesn't have those changes (main reason for two heads) https://github.com/pfsense/pfsense/compare/RELENG_2_4_3…mattund:RELENG_2_4_3.diff If they accept this PR after reviewing it -- and I can almost guarantee they'll have critique -- I'll turn my attention to Limiter Info and work on a PR for that, too. IMHO we desperately need a better status page for dummynet if FQ_CODEL/FQ_PIE are gonna be in use more. -
won't lie I am super excited about this !!!!!!!
-
Applied this diff https://github.com/pfsense/pfsense/compare/RELENG_2_4_3…mattund:RELENG_2_4_3.diff
Adding new queue by pressing button on limiter settings page opens new page and you can add new queue save and apply it, but it does not appear in the list and I don't see it anywhere. But it can be only in my case, just because I have some April version of 2.4.4, before PHP7 preparations were made. -
That is really strange. Do you still have your old shaper.inc, or could revert back to it? Perhaps what commit ID you were at for your 2.4.4 install? I can try to factor the changes in appropriately for you.
Although, just a guess, if it was pre-PHP7 compliance it might be more likely that the 2.4.4 code has a bug somewhere. Can't be sure, though.
-
I will do some tests later this week, but if this bug only applicable to my 20 April snapshot then it's not a big problem. I just waiting they fix all broken php7 ready code, thats why I am sitting on this april version. I want to say thank you for the great work you have done!
-
So I have found what was the problem — I have been applied this patch on already configured limiters and queues. Now I removed all queues, leaved limiters and applied patch again and then recreated queues — all went OK.
It looks like we have problems with parsing old config? Tried also latest 2.4.4 and behavior is the same.BTW, That's what I'm trying to achieve https://forum.pfsense.org/index.php?topic=63531.0
-
That may require more testing from me, then, if it is ignoring or otherwise not parsing those limiters once the patch is applied. I'll have to take a look some time
-
Config.xml parts with ipfw configuration
Original, before applying patch:<dnshaper><queue><name>Upload</name> <number>1</number> <bandwidth><bw>265576</bw> <bwscale>Kb</bwscale> <bwsched>none</bwsched></bandwidth> <enabled>on</enabled> <mask>none</mask> <maskbits></maskbits> <maskbitsv6></maskbitsv6> <delay>0</delay> <queue><name>UploadQueue</name> <number>1</number> <enabled>on</enabled> <mask>srcaddress</mask> <maskbits>32</maskbits> <maskbitsv6>128</maskbitsv6></queue></queue> <queue><name>Download</name> <number>2</number> <bandwidth><bw>275576</bw> <bwscale>Kb</bwscale> <bwsched>none</bwsched></bandwidth> <enabled>on</enabled> <mask>none</mask> <maskbits></maskbits> <maskbitsv6></maskbitsv6> <delay>0</delay> <queue><name>DownloadQueue</name> <number>2</number> <enabled>on</enabled> <mask>dstaddress</mask> <maskbits>32</maskbits> <maskbitsv6>128</maskbitsv6></queue></queue></dnshaper>Original after applying patch:
<dnshaper><queue><name>Upload</name> <number>1</number> <bandwidth><bw>265576</bw> <bwscale>Kb</bwscale> <bwsched>none</bwsched></bandwidth> <enabled>on</enabled> <mask>none</mask> <maskbits></maskbits> <maskbitsv6></maskbitsv6> <delay>0</delay> <queue><name>UploadQueue</name> <number>1</number> <enabled>on</enabled> <mask>srcaddress</mask> <maskbits>32</maskbits> <maskbitsv6>128</maskbitsv6></queue> <sched>fq_codel</sched> <param_fq_codel_target>5</param_fq_codel_target> <param_fq_codel_interval>100</param_fq_codel_interval> <param_fq_codel_quantum>1514</param_fq_codel_quantum> <param_fq_codel_limit>10240</param_fq_codel_limit> <param_fq_codel_flows>1024</param_fq_codel_flows> <aqm>codel</aqm> <param_codel_target>5</param_codel_target> <param_codel_interval>100</param_codel_interval> <ecn>on</ecn></queue> <queue><name>Download</name> <number>2</number> <bandwidth><bw>275576</bw> <bwscale>Kb</bwscale> <bwsched>none</bwsched></bandwidth> <enabled>on</enabled> <mask>none</mask> <maskbits></maskbits> <maskbitsv6></maskbitsv6> <delay>0</delay> <queue><name>DownloadQueue</name> <number>2</number> <enabled>on</enabled> <mask>dstaddress</mask> <maskbits>32</maskbits> <maskbitsv6>128</maskbitsv6></queue> <sched>fq_codel</sched> <param_fq_codel_target>5</param_fq_codel_target> <param_fq_codel_interval>100</param_fq_codel_interval> <param_fq_codel_quantum>1514</param_fq_codel_quantum> <param_fq_codel_limit>10240</param_fq_codel_limit> <param_fq_codel_flows>1024</param_fq_codel_flows> <aqm>codel</aqm> <param_codel_target>5</param_codel_target> <param_codel_interval>100</param_codel_interval> <ecn>on</ecn></queue></dnshaper>New fully working:
<dnshaper><queue><name>Upload</name> <number>1</number> <bandwidth><bw>265576</bw> <bwscale>Kb</bwscale> <bwsched>none</bwsched></bandwidth> <enabled>on</enabled> <mask>none</mask> <maskbits></maskbits> <maskbitsv6></maskbitsv6> <delay>0</delay> <sched>fq_codel</sched> <param_fq_codel_target>5</param_fq_codel_target> <param_fq_codel_interval>100</param_fq_codel_interval> <param_fq_codel_quantum>1514</param_fq_codel_quantum> <param_fq_codel_limit>10240</param_fq_codel_limit> <param_fq_codel_flows>1024</param_fq_codel_flows> <aqm>codel</aqm> <param_codel_target>5</param_codel_target> <param_codel_interval>100</param_codel_interval> <ecn>on</ecn> <queue><name>Upload_Q</name> <number>1</number> <enabled>on</enabled> <mask>srcaddress</mask> <maskbits>32</maskbits> <maskbitsv6>128</maskbitsv6> <aqm>pie</aqm> <param_pie_target>15</param_pie_target> <param_pie_tupdate>15</param_pie_tupdate> <param_pie_alpha>125</param_pie_alpha> <param_pie_beta>1250</param_pie_beta> <param_pie_max_burst>150000</param_pie_max_burst> <param_pie_max_ecnth>99</param_pie_max_ecnth></queue></queue> <queue><name>Download</name> <number>2</number> <bandwidth><bw>275576</bw> <bwscale>Kb</bwscale> <bwsched>none</bwsched></bandwidth> <enabled>on</enabled> <mask>none</mask> <maskbits></maskbits> <maskbitsv6></maskbitsv6> <delay>0</delay> <sched>fq_codel</sched> <param_fq_codel_target>5</param_fq_codel_target> <param_fq_codel_interval>100</param_fq_codel_interval> <param_fq_codel_quantum>1514</param_fq_codel_quantum> <param_fq_codel_limit>10240</param_fq_codel_limit> <param_fq_codel_flows>1024</param_fq_codel_flows> <aqm>codel</aqm> <param_codel_target>5</param_codel_target> <param_codel_interval>100</param_codel_interval> <ecn>on</ecn> <queue><name>Download_Q</name> <number>2</number> <enabled>on</enabled> <mask>dstaddress</mask> <maskbits>32</maskbits> <maskbitsv6>128</maskbitsv6> <aqm>pie</aqm> <param_pie_target>15</param_pie_target> <param_pie_tupdate>15</param_pie_tupdate> <param_pie_alpha>125</param_pie_alpha> <param_pie_beta>1250</param_pie_beta> <param_pie_max_burst>150000</param_pie_max_burst> <param_pie_max_ecnth>99</param_pie_max_ecnth></queue></queue></dnshaper> -
any progress on fixing traceroute?
-
any progress on fixing traceroute?
What is broken? If it's broken where do you have reported it? ???
-
@w0w:
any progress on fixing traceroute?
What is broken? If it's broken where do you have reported it? ???
it was reported on here earlier by someone else: https://forum.pfsense.org/index.php?topic=126637.msg765566#msg765566
could it be issue with the way I have set up the firewall rules as floating (same as person in the post I linked to above)
If I do traceroute I see all the hops show up as the destination ip. -
I am not sure if it's IPFW/dummynet problem, I think it's should be reported on redmine as soon as new Limiters GUI is merged with master branch.
Do you really need this floating rule? -
it was reported on here earlier by someone else: https://forum.pfsense.org/index.php?topic=126637.msg765566#msg765566
could it be issue with the way I have set up the firewall rules as floating (same as person in the post I linked to above)
If I do traceroute I see all the hops show up as the destination ip.It's unclear that this is a problem with limiters themselves. It only happens if you use a floating rule to assign the queue. If you use the default allow rule on the interface to assign the queue, the traceroute problem does not occur.
