Playing with fq_codel in 2.4

matt_

@matt, why is the interval so large? The interval should be roughly equal to your upper typical RTT. 100,000ms is a pretty big RTT.

Not sure. I'm loading these params in from sysctl upon save, so it's set to whatever is default. I did think that was odd, also. Maybe I have the units wrong and```
target


EDIT:

You're exactly right on this!  I make a sysctl call to load in defaults but it seems the units used on the sysctls are definitely not milliseconds!  Looks like microseconds to me.  I'm fixing the PR.  Also, I've got a patch for 2.4.3 as well on my repository which will get this change, too.

EDIT 2:

All fixed!  And, here is the applicable DIFF file for the repository should anyone want to load the patch into their 2.4.3 install.  I run pfSense at home, on the stable release, so I'm using this branch and copying changes to the PR (which is ahead in terms of code).  Definitely don't use the PR's diff on a stable 2.4.3 install, since they've got some wonky PHP 7 stuff going on that causes some really weird behavior in the whole shaper module.  This diff doesn't have those changes (main reason for two heads)

https://github.com/pfsense/pfsense/compare/RELENG_2_4_3…mattund:RELENG_2_4_3.diff

If they accept this PR after reviewing it -- and I can almost guarantee they'll have critique -- I'll turn my attention to Limiter Info and work on a PR for that, too.  IMHO we desperately need a better status page for dummynet if FQ_CODEL/FQ_PIE are gonna be in use more.

grandrivers

won't lie I am super excited about this !!!!!!!

w0w

Applied this diff https://github.com/pfsense/pfsense/compare/RELENG_2_4_3…mattund:RELENG_2_4_3.diff
Adding new queue by pressing button on limiter settings page opens new page and you can add new queue save and apply it, but it does not appear in the list and I don't see it anywhere. But it can be only in my case, just because I have some April version of 2.4.4, before PHP7 preparations were made.

matt_

That is really strange. Do you still have your old shaper.inc, or could revert back to it? Perhaps what commit ID you were at for your 2.4.4 install? I can try to factor the changes in appropriately for you.

Although, just a guess, if it was pre-PHP7 compliance it might be more likely that the 2.4.4 code has a bug somewhere. Can't be sure, though.

w0w

I will do some tests later this week, but if this bug only applicable to my 20 April snapshot then it's not a big problem. I just waiting they fix all broken php7 ready code, thats why I am sitting on this april version. I want to say thank you for the great work you have done!

w0w

So I have found what was the problem — I have been applied this patch on already configured limiters and queues. Now I removed all queues, leaved limiters and applied patch again and then recreated queues — all went OK.
It looks like we have problems with parsing old config? Tried also latest 2.4.4 and behavior is the same.

BTW, That's what I'm trying to achieve https://forum.pfsense.org/index.php?topic=63531.0

matt_

That may require more testing from me, then, if it is ignoring or otherwise not parsing those limiters once the patch is applied. I'll have to take a look some time

w0w

Config.xml parts with ipfw configuration
Original, before applying patch:


 <dnshaper><queue><name>Upload</name>
			<number>1</number>

			 <bandwidth><bw>265576</bw>

					<bwscale>Kb</bwscale>
					<bwsched>none</bwsched></bandwidth> 
			<enabled>on</enabled>

			<mask>none</mask>
			<maskbits></maskbits>
			<maskbitsv6></maskbitsv6>
			<delay>0</delay>
			 <queue><name>UploadQueue</name>
				<number>1</number>

				<enabled>on</enabled>

				<mask>srcaddress</mask>
				<maskbits>32</maskbits>
				<maskbitsv6>128</maskbitsv6></queue></queue> 
		 <queue><name>Download</name>
			<number>2</number>

			 <bandwidth><bw>275576</bw>

					<bwscale>Kb</bwscale>
					<bwsched>none</bwsched></bandwidth> 
			<enabled>on</enabled>

			<mask>none</mask>
			<maskbits></maskbits>
			<maskbitsv6></maskbitsv6>
			<delay>0</delay>
			 <queue><name>DownloadQueue</name>
				<number>2</number>

				<enabled>on</enabled>

				<mask>dstaddress</mask>
				<maskbits>32</maskbits>
				<maskbitsv6>128</maskbitsv6></queue></queue></dnshaper>

Original after applying patch:

 <dnshaper><queue><name>Upload</name>
			<number>1</number>

			 <bandwidth><bw>265576</bw>

					<bwscale>Kb</bwscale>
					<bwsched>none</bwsched></bandwidth> 
			<enabled>on</enabled>

			<mask>none</mask>
			<maskbits></maskbits>
			<maskbitsv6></maskbitsv6>
			<delay>0</delay>
			 <queue><name>UploadQueue</name>
				<number>1</number>

				<enabled>on</enabled>

				<mask>srcaddress</mask>
				<maskbits>32</maskbits>
				<maskbitsv6>128</maskbitsv6></queue> 
			<sched>fq_codel</sched>
			<param_fq_codel_target>5</param_fq_codel_target>
			<param_fq_codel_interval>100</param_fq_codel_interval>
			<param_fq_codel_quantum>1514</param_fq_codel_quantum>
			<param_fq_codel_limit>10240</param_fq_codel_limit>
			<param_fq_codel_flows>1024</param_fq_codel_flows>
			<aqm>codel</aqm>
			<param_codel_target>5</param_codel_target>
			<param_codel_interval>100</param_codel_interval>
			<ecn>on</ecn></queue> 
		 <queue><name>Download</name>
			<number>2</number>

			 <bandwidth><bw>275576</bw>

					<bwscale>Kb</bwscale>
					<bwsched>none</bwsched></bandwidth> 
			<enabled>on</enabled>

			<mask>none</mask>
			<maskbits></maskbits>
			<maskbitsv6></maskbitsv6>
			<delay>0</delay>
			 <queue><name>DownloadQueue</name>
				<number>2</number>

				<enabled>on</enabled>

				<mask>dstaddress</mask>
				<maskbits>32</maskbits>
				<maskbitsv6>128</maskbitsv6></queue> 
			<sched>fq_codel</sched>
			<param_fq_codel_target>5</param_fq_codel_target>
			<param_fq_codel_interval>100</param_fq_codel_interval>
			<param_fq_codel_quantum>1514</param_fq_codel_quantum>
			<param_fq_codel_limit>10240</param_fq_codel_limit>
			<param_fq_codel_flows>1024</param_fq_codel_flows>
			<aqm>codel</aqm>
			<param_codel_target>5</param_codel_target>
			<param_codel_interval>100</param_codel_interval>
			<ecn>on</ecn></queue></dnshaper>

New fully working:

	 <dnshaper><queue><name>Upload</name>
			<number>1</number>

			 <bandwidth><bw>265576</bw>

					<bwscale>Kb</bwscale>
					<bwsched>none</bwsched></bandwidth> 
			<enabled>on</enabled>

			<mask>none</mask>
			<maskbits></maskbits>
			<maskbitsv6></maskbitsv6>
			<delay>0</delay>
			<sched>fq_codel</sched>
			<param_fq_codel_target>5</param_fq_codel_target>
			<param_fq_codel_interval>100</param_fq_codel_interval>
			<param_fq_codel_quantum>1514</param_fq_codel_quantum>
			<param_fq_codel_limit>10240</param_fq_codel_limit>
			<param_fq_codel_flows>1024</param_fq_codel_flows>
			<aqm>codel</aqm>
			<param_codel_target>5</param_codel_target>
			<param_codel_interval>100</param_codel_interval>
			<ecn>on</ecn>
			 <queue><name>Upload_Q</name>
				<number>1</number>

				<enabled>on</enabled>

				<mask>srcaddress</mask>
				<maskbits>32</maskbits>
				<maskbitsv6>128</maskbitsv6>
				<aqm>pie</aqm>

				<param_pie_target>15</param_pie_target>
				<param_pie_tupdate>15</param_pie_tupdate>
				<param_pie_alpha>125</param_pie_alpha>
				<param_pie_beta>1250</param_pie_beta>
				<param_pie_max_burst>150000</param_pie_max_burst>
				<param_pie_max_ecnth>99</param_pie_max_ecnth></queue></queue> 
		 <queue><name>Download</name>
			<number>2</number>

			 <bandwidth><bw>275576</bw>

					<bwscale>Kb</bwscale>
					<bwsched>none</bwsched></bandwidth> 
			<enabled>on</enabled>

			<mask>none</mask>
			<maskbits></maskbits>
			<maskbitsv6></maskbitsv6>
			<delay>0</delay>
			<sched>fq_codel</sched>
			<param_fq_codel_target>5</param_fq_codel_target>
			<param_fq_codel_interval>100</param_fq_codel_interval>
			<param_fq_codel_quantum>1514</param_fq_codel_quantum>
			<param_fq_codel_limit>10240</param_fq_codel_limit>
			<param_fq_codel_flows>1024</param_fq_codel_flows>
			<aqm>codel</aqm>
			<param_codel_target>5</param_codel_target>
			<param_codel_interval>100</param_codel_interval>
			<ecn>on</ecn>
			 <queue><name>Download_Q</name>
				<number>2</number>

				<enabled>on</enabled>

				<mask>dstaddress</mask>
				<maskbits>32</maskbits>
				<maskbitsv6>128</maskbitsv6>
				<aqm>pie</aqm>

				<param_pie_target>15</param_pie_target>
				<param_pie_tupdate>15</param_pie_tupdate>
				<param_pie_alpha>125</param_pie_alpha>
				<param_pie_beta>1250</param_pie_beta>
				<param_pie_max_burst>150000</param_pie_max_burst>
				<param_pie_max_ecnth>99</param_pie_max_ecnth></queue></queue></dnshaper>

strangegopher

any progress on fixing traceroute?

w0w

@strangegopher:

any progress on fixing traceroute?

What is broken? If it's broken where do you have reported it? ???

strangegopher

@w0w:

@strangegopher:

any progress on fixing traceroute?

What is broken? If it's broken where do you have reported it? ???

it was reported on here earlier by someone else: https://forum.pfsense.org/index.php?topic=126637.msg765566#msg765566
could it be issue with the way I have set up the firewall rules as floating (same as person in the post I linked to above)
If I do traceroute I see all the hops show up as the destination ip.

w0w

I am not sure if it's IPFW/dummynet problem, I think it's should be reported on redmine as soon as new Limiters GUI is merged with master branch.
Do you really need this floating rule?

dennypage

@strangegopher:

it was reported on here earlier by someone else: https://forum.pfsense.org/index.php?topic=126637.msg765566#msg765566
could it be issue with the way I have set up the firewall rules as floating (same as person in the post I linked to above)
If I do traceroute I see all the hops show up as the destination ip.

It's unclear that this is a problem with limiters themselves. It only happens if you use a floating rule to assign the queue. If you use the default allow rule on the interface to assign the queue, the traceroute problem does not occur.

strangegopher

Only reason I have it as floating is because I have 6 vlans. I will set it one by one in each vlan and hope this goes away.

dennypage

@strangegopher:

Only reason I have it as floating is because I have 6 vlans. I will set it one by one in each vlan and hope this goes away.

Yea, I hear you. Floating is much more convient. I have 5 local nets, although using interface specific rules I only bother with 4 of them. The last network is very low traffic and I don’t want to drop packets there anyway.

strangegopher

Just finished setting up the rules and traceroute is fixed now. :)

matt_

https://github.com/pfsense/pfsense/pull/3941

PR was accepted and needs to be tested now.

zwck

! amazing !

strangegopher

@matt_:

https://github.com/pfsense/pfsense/pull/3941

PR was accepted and needs to be tested now.

Sorry I am not on development releases but has limiter info page also been updated to show schedulers information?

like suggested earlier in this thread:

@w0w:

Patch for Limiter Info page with schedulers information and refresh interval of 500ms


--- diag_limiter_info.php	Wed Sep 07 00:26:47 2016
+++ diag_limiter_info.php	Sun Oct 01 08:20:33 2017
@@ -40,5 +40,5 @@
 	echo $text;
-	$text = `/sbin/ipfw queue show`;
+	$text = `/sbin/ipfw sched show`;
 	if ($text != "") {
-		echo "\n\n" . gettext("Queues") . ":\n";
+		echo "\n\n" . gettext("Shedulers") . ":\n";
 		echo $text;
@@ -72,3 +76,3 @@
 	events.push(function() {
-		setInterval('getlimiteractivity()', 2500);
+		setInterval('getlimiteractivity()', 500);
 		getlimiteractivity();

matt_

Not yet, that's gonna need to be a separate PR. I'm thinking of maybe making a Queue-like page for that instead of text-based readouts.