ICMP drops with Codel
-
I have Codel enabled. It's hard to post all the settings here, there are lots of them. I basically just followed the video by Lawrence Systems on youtube. Recently I noticed that if I load the connection up to the point that I configured Codel to allow, pings from inside the LAN get dropped:
--- 1.1.1.1 ping statistics --- 835 packets transmitted, 64 received, 92.3353% packet loss, time 853240ms rtt min/avg/max/mdev = 11.313/19.177/77.871/8.155 ms
but pings from the pfSense machine itself are fine:
--- 1.1.1.1 ping statistics --- 19 packets transmitted, 19 packets received, 0.0% packet loss round-trip min/avg/max/stddev = 16.753/22.770/32.509/4.013 ms
If I disable the Codel floating rule the ICMP packets don't get dropped at all.
This behavior is surprising to me because I expected that the codel algorithm would say "I'm going to allow these small, infrequent, IMCP packets through with high priority at the expense of the high throughput flows".
Does anybody understand what's going on here?
-
@charvey it's a known bug, solution: https://forum.netgate.com/topic/112527/playing-with-fq_codel-in-2-4/1096?_=1620458734667
I basically just followed the video by Lawrence Systems on youtube.
Don't do that, use this guide: https://forum.netgate.com/topic/112527/playing-with-fq_codel-in-2-4/814?_=1620458734669, especially when it comes to the floating rules.
-
@thiasaef Amazing. Thank you!