How to prioritize traffic on a single interface over others?
-
Link congestion is going to present as audio quality issues before anything else so if you don't have that don't worry about it.
If it happens anywhere it's going to be on the 30Mbps upload bandwidth your have. It's relatively easy to saturate that.Actually dropping calls is something else. The only thing it may be potentially in pfSense would be a state timeout. Make sure you have firewall optimisation set to conservative:
https://docs.netgate.com/pfsense/en/latest/recipes/nat-voip-phones.html#set-conservative-state-table-optimizationSteve
-
@stephenw10 said in How to prioritize traffic on a single interface over others?:
Make sure you have firewall optimisation set to conservative:
Yep. Did that months ago.
-
Then I would be into looking at SIP traffic to see why the calls drops. Is one end closing the call deliberately for example.
Steve
-
@stephenw10 How should I go about doing that? I feel like I have tried everything, but I want to make sure I have not missed anything important.
-
Run a packet capture for SIP traffic against a phone IP unless it fails. It might be large so filter for just the SIP traffic.
Is it dropping the call due to some timeout or is one side intentionally closing it.
Steve
-
@stephenw10 Will do, and hope to be lucky enough to catch one of the call drops. Like I said, the call drops inevitably are accompanied by loss of connection for everything on the network, and gateway time outs/packet loss. So I am not sure how productive this will be, although I am certainly willing to give it a shot at this point.
-
@pfguy2018 said in How to prioritize traffic on a single interface over others?:
Like I said, the call drops inevitably are accompanied by loss of connection for everything
Well, that's your problem. Dropped calls is just the symptom. When I had that problem the way I often first noticed it was the Internet radio station I was listening to would stop. I'd then pick up my phone to verify I had lost dial tone. You have a problem somewhere between you and the ISP. It could be a bad cable as I had. It took the cable company a while to locate the problem, but they eventually did.
-
Ah yes I missed that nugget of information!
Then, yes, forget traffic shaping. If everything loses connectivity then check the system, gateway, resolver, firewall logs at that point and see what's happening.
Reviewing the thread I don't see if we've confirmed you're running 2.4.5p1?
Because 2.4.5 has a known bug that presents like this.Steve
-
Yes, running 2.4.5 p1.
Looks like another call to the ISP is in order -
One more curious thing, that I was hoping one of you could explain for me:
The pfSense gateway monitor is showing frequent packet loss (see pics that I posted earlier in this thread). However, I have noticed that in the last few days, at the same moment where pfSense gateway monitor is displaying packet loss, PingPlotter (being run on my computer) is often NOT displaying packet loss at the same time and pings are occurring as expected. (but sometimes there is packet loss on PingPlotter at the same moment as on the pfSense gateway monitor). How to account for this discrepancy?
-
Are ping plotter and the pfSense gateway monitoring using the same target?
pfSense uses the gateway IP be default but it looks like you may not be since it's logging ~10ms which would be high for that.
Steve
-
@stephenw10 pfSense is using the the gateway IP. PingPlotter is pinging Google and one of my VOIP provider's servers.
-
Ah well they could respond differently then. ISP gateways in particular can be poor at responding to ping under load. They are not obliged to respond at all.
Steve
-
Interesting. Does that mean that the PingPlotter results are a better indicator of the status of my gateway? Perhaps I should be pinging a Google address instead from the gateway?
-
Yes they probably are and, yes, settings the gateway monitoring target to something external will give you a better record of actual connectivity.
Steve
-
@stephenw10 Any idea why the ping times to the ISP gateway are higher than what you would expect? (By the way, what would be more typical ping times for that?)
-
It's very variable, depends entirely who your ISP is and how they are connected. 10ms is high for most cable/fibre/vdsl connections but not for, say, older adsl and would be low for a wireless provider.
Steve
-
Hmm. My ISP is cable. Makes me wonder if there is something there that could be a clue to the packet loss I am experiencing? At any rate, I have changed the gateway monitor address to an OPEN DNS address 208.67.222.222. And have done the same with PingPlotter to see how they will compare.
-
There are a lot of variables, it's not necessarily a sign that there's an issue.
A better thing to look for is a significant change the ping time that has no good explanation.Steve
-
OK, so now I am using an OpenDNS address for the gateway monitor IP and for PingPlotter (from my computer). The gateway monitor continues to show intermittent packet loss (like my pictures earlier in the thread), but there is not corresponding packet loss being shown in PingPlotter at the same time, even though they are going to the same IP address. Does that make any sense? Not sure which graph to believe.
