Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    FQ_CoDel QOS breaks Traceroute

    Scheduled Pinned Locked Moved Traffic Shaping
    9 Posts 6 Posters 1.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      Digital-Storm
      last edited by

      IS this normal behavior of FQ_CoDel?

      The top output is with the floating rules enabled, the bottom output is with the floating rules disabled.
      It's a standard FQ_CoDel config exactly like this video.
      https://www.netgate.com/resources/videos/pfsense-244-short-topics.html

      6a5a31ff-41c6-433a-a2ca-d8b331ca9328-image.png

      uptownVagrantU 1 Reply Last reply Reply Quote 0
      • J
        jiffy1111
        last edited by

        Have you found a resolution for this yet?
        I've been poking/searching around this morning without any luck.
        I am seeing exactly the same results from an Arch Linux PC.
        At least we know now it's not a Windows or Linux thing.
        As a workaround, I am NOT shaping ICMP and use traceroute with -I for now.
        You can see the difference below.

        $ traceroute 8.8.8.8 -n
traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 60 byte packets
 1  192.168.11.254  0.343 ms  0.336 ms  0.387 ms
 2  8.8.8.8  7.545 ms  7.590 ms  7.584 ms
 3  8.8.8.8  9.962 ms  10.012 ms  10.091 ms
 4  8.8.8.8  14.864 ms  15.023 ms  15.144 ms
 5  8.8.8.8  14.443 ms  14.488 ms  14.434 ms
 6  8.8.8.8  15.169 ms  15.613 ms  14.887 ms
 7  8.8.8.8  14.668 ms  11.867 ms  12.128 ms
 8  8.8.8.8  11.811 ms  10.859 ms  10.557 ms

        $ sudo traceroute 8.8.8.8 -n -I
traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 60 byte packets
 1  192.168.11.254  0.288 ms  0.284 ms  0.284 ms
 2  10.178.192.1  6.773 ms  6.777 ms  6.776 ms
 3  207.44.122.61  8.194 ms  8.197 ms  8.283 ms
 4  207.44.112.97  10.741 ms  10.826 ms  14.479 ms
 5  207.44.112.2  14.470 ms  14.474 ms  14.474 ms
 6  108.170.248.97  14.806 ms  14.507 ms  14.504 ms
 7  216.239.62.151  14.495 ms  11.860 ms  11.861 ms
 8  8.8.8.8  11.740 ms  12.297 ms  12.298 ms
        1 Reply Last reply Reply Quote 0
        • T
          tomashk
          last edited by

          I guess if this is related with this issue https://redmine.pfsense.org/issues/9024 as it also drops ping traffic for ping under heavy load.

          You can try workarounds described here https://forum.netgate.com/topic/141682/fq_codel-limiter-queues-causes-nearly-complete-ping-packet-loss-when-limiting/2 but I can't guarantee that it will work (but it works for me :) )

          1 Reply Last reply Reply Quote 0
          • D
            Digital-Storm
            last edited by

            No fix for it, my research has concluded that it has to do with how the QOS is handled, and that there is no workaround other than to setup a firewall rule that makes ICMP bypass the QOS.

            luckman212L 1 Reply Last reply Reply Quote 0
            • J
              jiffy1111
              last edited by

              Thank you both for your responses, I guess it is what it is for now.
              Heavy load/congestion definitely wasn't my problem, it still happens even when I am the only one on the network.

              1 Reply Last reply Reply Quote 0
              • luckman212L
                luckman212 LAYER 8 @Digital-Storm
                last edited by

                @Digital-Storm said in FQ_CoDel QOS breaks Traceroute:

                there is no workaround other than to setup a firewall rule that makes ICMP bypass the QOS.

                Can you screenshot how you have this rule set up? Is it a floating rule to match ICMP at the very top with "quick" enabled?

                1 Reply Last reply Reply Quote 0
                • J
                  jiffy1111
                  last edited by

                  In the floating rule I have protocol "tcp/udp" instead of protocol "any".
                  428d7e60-8346-406a-b031-8e3971a07bb9-image.png

                  1 Reply Last reply Reply Quote 0
                  • NogBadTheBadN
                    NogBadTheBad
                    last edited by

                    This post is deleted!
                    1 Reply Last reply Reply Quote 0
                    • uptownVagrantU
                      uptownVagrant @Digital-Storm
                      last edited by

                      @Digital-Storm

                      What you are running into is this: https://docs.netgate.com/pfsense/en/latest/routing/troubleshooting-traceroute-output.html

                      Not specific to the use of FQ-CoDel but rather the use of policy routing in your egress floating rules. Use this guide and you should be good to go:
                      https://forum.netgate.com/post/807490

                      1 Reply Last reply Reply Quote 0
                      • First post
                        Last post
                      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.