Wrong limiter speed

serbus

Hello!

Never used a limiter in pfsense, but the docs say :

"Limiters cannot effectively guarantee a minimum bandwidth amount for a pipe or queue, only a maximum."

I understand this to mean that you wont get more than the limit, but you could get less. Blowing past the limit would be one thing, but never hitting it? I dont know...

https://docs.netgate.com/pfsense/en/latest/trafficshaper/limiters.html

John

noplan

Hey
Tested it right now
And hit the limit (not able to get more than the limit)

Limit 5 on a 100

The first time
Then 4,5 then 4,8....

Not gettin more than the limit an hit it once ;) out of 3

bobbenheim

@Jimbohello what system are you running pfsense on and are you seeing higher speeds without limiter?

Jimbohello

@serbus
first off, i read the documentation already.
cant’t garranty minimum exacly !
but suppose to garranty a maximum, that’s the issue.

if you look a the firts post ! you will understand better ! the situation does appears on a breach of certain point !
let say max limiter is 300 you will get 270
let say limiter is set to 425 you will get 390
let say limiter is set to 905 you will get 670
and so on ! nothing to do with limiting 5 or 10 or 20! we are talking about more the limiter size increace more de accuracy is wrong

thank’s

Jimbohello

@bobbenheim

lenovo m93p
core i5 4th gen
no hardware offloading
aes-ni
2 nic intel pro

useless stuf disable in bios / onboard nic / onboard sound card / etc !

Jimbohello

@bobbenheim

and ! yes the maximun reach point is reach without limiter !
940 -945 approx

Stewart

We've seen in APU1 and APU2 boxes. The disparity gets larger and larger the higher we set it.

noplan

@Stewart said in Wrong limiter speed:

We've seen in APU1 and APU2 boxes

yes same here.. but with some testing
the limiter is set to a solid work.

we use it to prevent clients / networks / hosts
to consume all the bandwidth available

SteveITS

What does Diagnostics > Limiter Info show during the testing?

See post https://forum.netgate.com/topic/112527/playing-with-fq_codel-in-2-4/38 ... "On downloads you will commonly see below the configured bitrate because each time you hit the limit pfSense will tell the sender to slow down below the limit."

"minimum bandwidth" I think is referring to that limiters can't guarantee a device will get any bandwidth at all, they can only cap the device.

bobbenheim

@Jimbohello what are your limiter settings?

Jimbohello

@bobbenheim
<dnshaper>
<queue>
<name>in</name>
<number>1</number>
<qlimit></qlimit>
<plr></plr>
<description></description>
<bandwidth>
<item>
<bw>799</bw>
<burst></burst>
<bwscale>Mb</bwscale>
<bwsched>none</bwsched>
</item>
</bandwidth>
<enabled>on</enabled>
<buckets></buckets>
<mask>none</mask>
<maskbits></maskbits>
<maskbitsv6></maskbitsv6>
<delay>0</delay>
<sched>wf2q+</sched>
<aqm>droptail</aqm>
<ecn></ecn>
<queue>
<name>in-queue</name>
<number>1</number>
<qlimit></qlimit>
<description></description>
<weight></weight>
<enabled>on</enabled>
<buckets></buckets>
<mask>dstaddress</mask>
<maskbits>32</maskbits>
<maskbitsv6>128</maskbitsv6>
<aqm>droptail</aqm>
<ecn></ecn>
</queue>
</queue>
<queue>
<name>out</name>
<number>2</number>
<qlimit></qlimit>
<plr></plr>
<description></description>
<bandwidth>
<item>
<bw>799</bw>
<burst></burst>
<bwscale>Mb</bwscale>
<bwsched>none</bwsched>
</item>
</bandwidth>
<enabled>on</enabled>
<buckets></buckets>
<mask>none</mask>
<maskbits></maskbits>
<maskbitsv6></maskbitsv6>
<delay>0</delay>
<sched>wf2q+</sched>
<aqm>droptail</aqm>
<ecn></ecn>
<queue>
<name>out-queue</name>
<number>2</number>
<qlimit></qlimit>
<description></description>
<weight></weight>
<enabled>on</enabled>
<buckets></buckets>
<mask>srcaddress</mask>
<maskbits>32</maskbits>
<maskbitsv6>128</maskbitsv6>
<aqm>droptail</aqm>
<ecn></ecn>
</queue>
</queue>
</dnshaper>

Stewart

@noplan Certainly we can make it work. It's just that the numbers don't really line up. Oh, and fast.com goes crazy when put through one of the limiters. Through the ones we set up last week fast.com couldn't get more than 120Mbps no matter what the limiter was set to. Without the limiter it would get the full 600+Mbps. I thought that was odd. Speedtest.net is the one that would increase, just at a different rate to what the limiter was being set at.

bobbenheim

@Jimbohello Can you try enabling ECN in the limiter (not the queues) and see if that makes a difference, else you might also need to increase queue length from the default 50 to something larger.
Have you made any tweaks in loader.conf.local?

Jimbohello

@bobbenheim

what tweak ?

in loader.conf.local

Jimbohello

@bobbenheim
Explicit Congestion Notification is selected, but neither Tail Drop nor Worst-case Weighted fair Queueing (default) support it.

Jimbohello

@bobbenheim

this give a better result on lowering de error in the accuracy
from a limit of 799
i can reach 735

before it was close to 500 !
we are on the right way ! :)

<dnshaper>
<queue>
<name>in</name>
<number>1</number>
<qlimit>100</qlimit>
<plr></plr>
<description></description>
<bandwidth>
<item>
<bw>799</bw>
<burst></burst>
<bwscale>Mb</bwscale>
<bwsched>none</bwsched>
</item>
</bandwidth>
<enabled>on</enabled>
<buckets></buckets>
<mask>none</mask>
<maskbits></maskbits>
<maskbitsv6></maskbitsv6>
<delay>0</delay>
<sched>fq_codel</sched>
<aqm>codel</aqm>
<ecn>on</ecn>
<queue>
<name>in-queue</name>
<number>1</number>
<qlimit></qlimit>
<description></description>
<weight></weight>
<enabled>on</enabled>
<buckets></buckets>
<mask>dstaddress</mask>
<maskbits>32</maskbits>
<maskbitsv6>128</maskbitsv6>
<aqm>codel</aqm>
<ecn></ecn>
<param_codel_target>5</param_codel_target>
<param_codel_interval>100</param_codel_interval>
</queue>
<param_fq_codel_target>5</param_fq_codel_target>
<param_fq_codel_interval>100</param_fq_codel_interval>
<param_fq_codel_quantum>1514</param_fq_codel_quantum>
<param_fq_codel_limit>10240</param_fq_codel_limit>
<param_fq_codel_flows>1024</param_fq_codel_flows>
<param_codel_target>5</param_codel_target>
<param_codel_interval>100</param_codel_interval>
</queue>
<queue>
<name>out</name>
<number>2</number>
<qlimit>100</qlimit>
<plr></plr>
<description></description>
<bandwidth>
<item>
<bw>799</bw>
<burst></burst>
<bwscale>Mb</bwscale>
<bwsched>none</bwsched>
</item>
</bandwidth>
<enabled>on</enabled>
<buckets></buckets>
<mask>none</mask>
<maskbits></maskbits>
<maskbitsv6></maskbitsv6>
<delay>0</delay>
<sched>fq_codel</sched>
<aqm>codel</aqm>
<ecn>on</ecn>
<queue>
<name>out-queue</name>
<number>2</number>
<qlimit></qlimit>
<description></description>
<weight></weight>
<enabled>on</enabled>
<buckets></buckets>
<mask>srcaddress</mask>
<maskbits>32</maskbits>
<maskbitsv6>128</maskbitsv6>
<aqm>codel</aqm>
<ecn></ecn>
<param_codel_target>5</param_codel_target>
<param_codel_interval>100</param_codel_interval>
</queue>
<param_fq_codel_target>5</param_fq_codel_target>
<param_fq_codel_interval>100</param_fq_codel_interval>
<param_fq_codel_quantum>1514</param_fq_codel_quantum>
<param_fq_codel_limit>10240</param_fq_codel_limit>
<param_fq_codel_flows>1024</param_fq_codel_flows>
<param_codel_target>5</param_codel_target>
<param_codel_interval>100</param_codel_interval>
</queue>
</dnshaper>

bobbenheim

@Jimbohello can you run "top -aSH" in Diagnostics/Command Prompt and paste what it output under load?
There might also be some tweaks you can do in loader.conf.local
can you do a sysctl (e.g. "sysctl hw.em.enable_aim") in the command prompt for the following:
hw.em.enable_aim
hw.em.flow_control
hw.em.num_queues
hw.em.rx_process_limit
hw.em.tx_process_limit
hw.em.rxd
hw.em.txd
hw.em.max_interrupt_rate
net.link.ifqmaxlen

Jimbohello

@bobbenheim

il get in touch as soon as i can do it ! but honestly
this is getting far deeper for something that is created on a simple click. i means creating a limiter suppose to be easy as 123.
IMO this is getthing ridiculous ! if so many thing need to be modify on a single limiter limitation, why when your press APPLY they don’t run a script to set the right adjustement ! imagine you need to forward a port, and then you have to modify this and that TO MAKE IT WORK ! That will be irrelevent or if you prefer useless function !

anyway ill get back to you
youre help is please !

noplan

@Jimbohello said in Wrong limiter speed:

but honestly
this is getting far deeper for something that is created on a simple click

yes true and 4 WHAT

cuz the limiter does what it is supposed to do !
here and on some other boxes

to be honest i can not see the use case for gettin as deep as shown here
an any set up

maybe u can help me out here explainin whats the urgent need

Jimbohello

@noplan

nothing urgent bro !
simple !

let say your 50 on a network, 5 start a download !
the gateway goes down and packetloss occur on high level !

with the limiter nothing of that appends because gateway still have room to breathed and nothing goes down on the gateway.

that the big advantage of the limiter.