Eliminate inbound buffer bloat on dual-wan load-balanced



  • I know it's poor forum etiquette to ask a very general question. But I've been working on a solution for 1/2 year now through this forum and elsewhere but only 1/2 way to my goal. Maybe it's not even possible. For those who operate multi-wan/single-lan in a load-balance configuration w/o squid could you please chime in with an overview on how to eliminate buffer bloat on each Wan?

    I have a 100/7m cable modem on each of two Wans. I managed to get uplink bloat down to ~30ms under saturated conditions using a CBQ shaper parent on each Wan adapter set to 6144k. But I have yet to figure out how to manage the downlink bloat with a shaper or limiter. Since load balance is round-robin, not dynamic to real-time load, I have to set the downlink shaper with a lot of contingency at 150m. If either cable modem saturates inbound latency jumps to 200-400ms.

    My goal is to limit or shape each Wan independently so I am 200m downlink capable with low latency. My obstacle is that the Lan adapter is typically used for load balancing which has no way of knowing which Wan a given connection state is using.  I put a unique tag on a pair of inbound Wan floating rules which works. But using the same tagging in a pair of Lan rules doesn't pass to the load balance gateway. Zero rule hits. Even tried a pair of Lan tagging rules in the floating tab in the OUT direction, quick, and below the tag rule pair, still no hits.

    Any tips or suggestions are appreciated.



  • I've been playing with this as well since i have connections with 6/1, 10/1, 30/2 and 100/8 speeds, all together in the same pfSense box. I'm starting to think the only way to achieve this is to create 1 VM for each wan link, with it's own pfsense and within them make the up/down limiting with the last box just doing all the current traffic. I really don't like that solution.


Log in to reply