Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    fq_codel for a Dual WAN

    Scheduled Pinned Locked Moved Traffic Shaping
    20 Posts 4 Posters 1.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      trumee
      last edited by

      @bobbenheim said in fq_codel for a Dual WAN:

      How to setup shaping on individual lines in a gateway group i am not sure if it is as simple as setting Gateway in your floating rules to your Gateway group

      I dont think i can use this since WAN1 and WAN2 have different link speeds.

      @bobbenheim said in fq_codel for a Dual WAN:

      For your speed problem can you try and set "Queue Management Algorithm" to CoDel and "Scheduler" to fq-CoDel in your limiters and keep tail-drop in your queues.

      I changed to these setting for my PPPOE based WAN2. It made no difference.

      /tmp/rules.limiter

      pipe 3 config  bw 90Mb codel target 5ms interval 100ms ecn
sched 3 config pipe 3 type fq_codel target 5ms interval 100ms quantum 1514 limit 10240 flows 1024 ecn
queue 3 config pipe 3 codel target 5ms interval 100ms noecn
 

pipe 4 config  bw 90Mb codel target 5ms interval 100ms ecn
sched 4 config pipe 4 type fq_codel target 5ms interval 100ms quantum 1514 limit 10240 flows 1024 ecn
queue 4 config pipe 4 codel target 5ms interval 100ms noecn

      29735972-8a1b-424f-ba4f-dd9d76160d7f-image.png

      I suspect limiter doesnt work on PPPOE based WANs?

      B 1 Reply Last reply Reply Quote 0
      • B
        bobbenheim @trumee
        last edited by

        @trumee you should be able to choose the interface for WAN1 and WAN2 within your floating rule however if that still apply if you create a gateway group i am unsure of.
        I don't think that PPPoE should be a problem at those speeds, can you try setting the limit at 200 Mbit for the upload. What hardware are you using and which version of Pfsense?

        1 Reply Last reply Reply Quote 0
        • T
          trumee
          last edited by trumee

          @bobbenheim I am using Supermicro C2758 motherboard with newly released pfSense 2.4.5

          With 200mbps, I am now getting the full line speed as shown by speedtest.net (DSL reports shows a decrease in speed though). I dont understand why i need to specify a higher upload speed in Codel though? Also, is Codel actually working now with this artificial upload speed?

          On WAN2

          Without Codel
          ca2c5ead-77f0-4477-8461-466a988b7b4f-image.png

          With Codel
          d95b17bd-10c8-466a-bb58-cda013c41262-image.png
          521588cb-c498-4653-b2c0-001ae9047af8-image.png file:///tmp/with_codel.png

          Maybe i dont need Codel on WAN2.

          B 1 Reply Last reply Reply Quote 0
          • B
            bobbenheim @trumee
            last edited by

            @trumee since you are seeing the same problem with tail drop it is highly unlikely to be a CoDel problem. If you go to Diagnostics/Limiter Info you can see if traffic is going to the queues when you run a speedtest. Can you try a speedtest with the limiter set to 150 Mbps. Have you done any tweaking on Pfsense?

            1 Reply Last reply Reply Quote 0
            • C
              crotechnologies
              last edited by

              I'm experiencing the same problem. Two locations. One is SG-3100, fiber as WAN1, cable as WAN2. Second location SG-1100, cable as WAN1, DSL as WAN2. WAN1 is never affected, it does work as expected. No matter what I do WAN2 speed is affected as soon as I enable limiter/rule. I was not able to find any reason why and no workaround. Both systems are production systems, but now being at home more I will try to replicate that with my Intel Atom platform and see if I can find out why.

              1 Reply Last reply Reply Quote 0
              • C
                crotechnologies
                last edited by

                For sure something is wrong. Not using any gateway groups, I removed that, just simple policy based routing. If both WANs are up one of the WANS will not work properly. If one is down the other one is OK in that case. I tried to reorder rules, no changes. I switched limiters between WAN1 and WAN2 with no changes. If I bring WAN1 down then WAN2 works fine. It looks like a bug and very easy to replicate.

                B 1 Reply Last reply Reply Quote 0
                • B
                  bobbenheim @crotechnologies
                  last edited by

                  @crotechnologies just out of curiosity are any of your WAN's PPPoE?

                  1 Reply Last reply Reply Quote 0
                  • C
                    crotechnologies
                    last edited by

                    No. I don't think that cable is, fiber is DIA from ATT, and DSL (UVerse) is IPoE. All interfaces are configured with either static IP or DHCP. I might do iperf test today with local server if I have time.

                    B 1 Reply Last reply Reply Quote 0
                    • B
                      bobbenheim @crotechnologies
                      last edited by

                      @crotechnologies how does your rules look like?

                      1 Reply Last reply Reply Quote 0
                      • C
                        crotechnologies
                        last edited by

                        I tried so many different combinations and nothing worked. I just disabled rules for WAN2. I give up. I tried iperf on WAN2 and that works just fine. As soon as WAN2 is internet connection it doesn't work. Maybe I'll try if I have a chance to go to one of the sites and try to switch WAN1 and WAN2. I'll make cable WAN1 and DIA Fiber WAN2.

                        B 1 Reply Last reply Reply Quote 0
                        • B
                          bobbenheim @crotechnologies
                          last edited by

                          @crotechnologies it is impossible for anyone to help if you don't provide any details of what you have done. How does your Rules > LAN and NAT > Outbound looks like when it works and don't?

                          1 Reply Last reply Reply Quote 0
                          • H
                            Hugovsky
                            last edited by Hugovsky

                            I have a similar problem. I have 1 500/100 Mbit/s Fiber thru vlan connection and a floating rule for limiters with interface wan and wan gateway, match, out.. I'm using this wan gateway in every out connection rule except one where I use a vpn gateway. As soon as I connect the VPN, my WAN only does 50 ish mbit/s upload. If I disable the floating rule, it returns to normal. If I disable the VPN, with floating ruleon, it returns to normal.

                            2.4.4-RELEASE-p3 (amd64)
                            built on Wed May 15 18:53:44 EDT 2019
                            FreeBSD 11.2-RELEASE-p10

                            Intel(R) Atom(TM) CPU C2558 @ 2.40GHz
                            4 CPUs: 1 package(s) x 4 core(s)

                            EDIT: Forgot to say that I solved my problem adding the queues in the rules and not using the floating rule.

                            1 Reply Last reply Reply Quote 0
                            • First post
                              Last post
                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.