Bug? Traffic Shaper Wizard not working on SG-1000



  • I’m unable to get the traffic shaper to work on the SG-1000 with the current build () - I’m not sure if it worked before as I’ve only just tried this now.

    When I configure using 1 WAN and 1 LAN I get the error:
    There are less interfaces than number of connections! (In a green box at the top of the wizard)

    Build info:
    2.4.0-BETA (arm)
    built on Sat Dec 17 10:03:56 CST 2016
    FreeBSD 11.0-RELEASE-p5

    Does anyone know why this may be going on with the SG-1000 - is it a NIC incompatibility or some kind of bug?  Also, can anyone else with an SG-1000 try to setup traffic shaper?

    Thanks!


  • Rebel Alliance Developer Netgate

    The cpsw NICs in the SG-1000 do not support ALTQ shaping currently. No ETA on that.

    You could use VLAN tagged interfaces, as those do support ALTQ, but it’s a little more to setup on the firewall and switch.

    What are you trying to accomplish on there with shaping?



  • Hello. I also noticed traffic shaper by interface is not available. I always enable CODELQ on the WAN interface to prevent bufferbloat.


  • Rebel Alliance Developer Netgate

    See above. The NICs on the SG-1000 do not currently support ALTQ. It does not matter what shaper type you choose in that area, it’s all ALTQ.

    Limiters should work OK. (And limiters+NAT works fine on 2.4) No CODEL there but you can setup priority queues with some manual work.



  • Perfect. Thank you jimp!!



  • Thanks for the info jimp, might be good to have the interface tell the admin that altq isn’t supported (or something of an indicator) but that’s a ‘nice’ to have 🙂  To help with bufferbloat issues I like to enable codel FQ or similar, if possible.  I also have found great results from setting up queues for VOIP as my wife and I both work from home using VOIP as our primary method of communication and prioritizing VOIP had a far better result for quality and reliability than I had anticipated.

    Having a way to address buffer bloat  seems to really improve general use of anything internet - do you know if there’s a way to somehow deal with this on the SG-1000?

    Thanks!


  • Rebel Alliance Developer Netgate

    @seanmcne:

    do you know if there’s a way to somehow deal with this on the SG-1000?

    See my first reply on this thread for a workaround to use ALTQ.



  • This thread helped - thanks - was banging my head against the wall.

    +1 for getting ALTQ working on the SG-1000 Nics. My use case:

    The SG-1000 is (hopefully) going to be used at our home offices which each include a VOIP phone registering with a SIP server running on a public IP. Need QOS so that the voip phones don’t have crappy performance just because junior is downloading a Torrent, etc.

    If we need to purchase the SG-2220s it will be a much tougher sell.

    Cheers,


  • Rebel Alliance Developer Netgate

    I’m pushing some changes that will make the ALTQ situation more obvious ( See https://redmine.pfsense.org/issues/7032 )

    I don’t know if/when there will be support for ALTQ in the cpsw driver.

    As I mentioned earlier in the threads, limiters can be used for shaping if it’s necessary.



  • isn’t fq_codel part of freebsd 11 could that be enabled on limiters to at least help with buffer bloat ?



  • Thank you for this thread!

    I’ve been banging my head against a wall as well trying to get traffic shaping working as well. A nice little box that can traffic shape is the main reason I bought the SG-1000.

    The intended use is a house with six users sharing a horrible ADSL connection (syncs at 0.25/5.0Mbps but actual speed tests put it at about 0.2/1.5Mbps). All it takes is one person sharing a “short video” on snapchat or whatever to take down the whole connection for everyone else.

    jimp: Could you please give some pointers or links as to how to use VLANs as a solution? I’ve been trying to implement it on my own but with no success.

    I imagine the solution is something a long the lines of:

    WAN <-> WAN_ALTQ(VLAN) <-> LAN_ALTQ(VLAN) <-> LAN

    Any help would be appreciated.

    Cheers



  • Hi,

    I’ve been trying to get traffic shaping working on the SG-1000 since finding out that the NIC drivers do not support ALTQ. It’s been mentioned on these forums that this can be worked around using VLANs (for example: https://forum.pfsense.org/index.php?topic=122798.0). I’ve managed to get the following setup running:

    
                      SG-1000 
    ISP <--PPPoE--> | WAN LAN | <--VLAN--> Switch <--> LAN
    
    

    The PPPoE and the LAN_VLAN adaptors show up in the Traffic Shaper Interfaces list and I am able to go through the traffic_shaper_wizard_multi_all.xml wizard no problems. However when the rules go to be loaded this error message is given:

    There were error(s) loading the rules: pfctl: cpsw1_vlan10: driver does not support altq - The line in question reads [0]
    

    To see whether this was port specific or not, I then reconfigured my network in the following way:

    
                                       SG-1000
    Internet <--> Switch <--VLAN--> | WAN  LAN | <--VLAN--> Switch <--> LAN
    
    

    But I get a near identical error message:

    There were error(s) loading the rules: pfctl: cpsw0_vlan20: driver does not support altq - The line in question reads [0]
    

    I’m guessing that the rules for cpws0 are just executed first, hence the different message.

    Is this a bug? Or some subtle setting I’m missing when using VLANs? Or contrary to some of the forum posts do VLANs just not support ALTQ?

    I’m currently running: 2.4.0.b.20170129.1734

    Cheers

    EDIT:
    Just been browsing the 2.4 tickets and found a ticket with similar symptoms:
    https://redmine.pfsense.org/issues/7066


  • Banned



  • Well yes … I link to that thread in my post  ::)

    That very thread (and others) suggest you can use VLANs to as a workaround which is what i am doing. But it still does not work. That fact that you can select the interfaces on the Traffic Shaper page is also odd as it is not meant to display unsupported interfaces.


  • Banned

    So why are you starting a new duplicate thread? Won’t get anything fixed any sooner.



  • Well the earlier thread dealt with limitations of the cpsw NIC driver. This problem is with the vlan driver. It seemed logical to separate the two.


  • Netgate

    Merged same topic.



  • @TauCeti:

    Hi,

    I’ve been trying to get traffic shaping working on the SG-1000 since finding out that the NIC drivers do not support ALTQ. It’s been mentioned on these forums that this can be worked around using VLANs (for example: https://forum.pfsense.org/index.php?topic=122798.0). I’ve managed to get the following setup running:

    
                      SG-1000 
    ISP <--PPPoE--> | WAN LAN | <--VLAN--> Switch <--> LAN
    
    

    The PPPoE and the LAN_VLAN adaptors show up in the Traffic Shaper Interfaces list and I am able to go through the traffic_shaper_wizard_multi_all.xml wizard no problems. However when the rules go to be loaded this error message is given:

    There were error(s) loading the rules: pfctl: cpsw1_vlan10: driver does not support altq - The line in question reads [0]
    

    To see whether this was port specific or not, I then reconfigured my network in the following way:

    
                                       SG-1000
    Internet <--> Switch <--VLAN--> | WAN  LAN | <--VLAN--> Switch <--> LAN
    
    

    But I get a near identical error message:

    There were error(s) loading the rules: pfctl: cpsw0_vlan20: driver does not support altq - The line in question reads [0]
    

    I’m guessing that the rules for cpws0 are just executed first, hence the different message.

    Is this a bug? Or some subtle setting I’m missing when using VLANs? Or contrary to some of the forum posts do VLANs just not support ALTQ?

    I’m currently running: 2.4.0.b.20170129.1734

    Cheers

    EDIT:
    Just been browsing the 2.4 tickets and found a ticket with similar symptoms:
    https://redmine.pfsense.org/issues/7066

    The ESXi driver was having the same issue and was fixed by changing multiqueue support that is baked in to FreeBSD 11 apparently.

    The SG-4860 VLAN also doesn’t work with the shaper due to this altq incompatibility.

    I’m surprised Netgate/Rubicon whatever they’re called these days hasn’t prioritised getting this right on their own hardware!?



  • @oben:

    The ESXi driver was having the same issue and was fixed by changing multiqueue support that is baked in to FreeBSD 11 apparently.

    The SG-4860 VLAN also doesn’t work with the shaper due to this altq incompatibility.

    I’m surprised Netgate/Rubicon whatever they’re called these days hasn’t prioritised getting this right on their own hardware!?

    Different issue I think.  VMXNET3 nics in ESXi always had support in ALTQ.  The nic driver in the SG1000 doesn’t have a driver that supports ALTQ yet.  Refer to the second post in this thread.

    @jimp:

    The cpsw NICs in the SG-1000 do not support ALTQ shaping currently. No ETA on that.

    You could use VLAN tagged interfaces, as those do support ALTQ, but it’s a little more to setup on the firewall and switch.



  • Missing skills i would suggest, but i am biased :).


  • Netgate

    no pun intended… sure 🙂

    Jimp just brought this to my attention today.

    Please, let’s open an issue to properly keep all this information.

    Thanks.



  • @loos:

    Please, let’s open an issue to properly keep all this information.

    Thanks.

    Done: https://redmine.pfsense.org/issues/7199



  • @loos:

    no pun intended… sure 🙂

    Jimp just brought this to my attention today.

    Please, let’s open an issue to properly keep all this information.

    Thanks.

    Nothing personal loos but just above your paygrade, really!

    Keep until the next one.


  • Administrator

    Ermal,

    Having employed both you and Luiz, allow me to make one thing perfectly clear.

    By every measure, Luiz is a better engineer, a better employee, and a better individual.

    To be clear, his “skills” (technical chops) surpass yours.

    I am not alone in this position. One need only reflect on the simple fact that you are not yet a full committer to FreeBSD.  Luiz is.  Why is that, Ermal?

    Another point, Why hasn’t Chris hasn’t employed you at Ubiquit?i

    I know the answers to these questions, and so do you.

    There are many reasons why your employment here was terminated.  While I have thus far refused to disclose these, mostly to protect your ability to find employment, I do have limits, and you are quite near to exceeding same.

    Your actions here and on Twitter can be compared to those of a petulant chilld. I suggest you reconsider the potential consequences of continuing your current path.



  • Similarly, I miss you around here ermal.

    Good luck with whatever you are doing. You’re too smart to let these little mistakes lead you down a path you can’t return from.


  • Banned



  • @doktornotor:

    Ummm yeah…
    This is no place to discuss such matters.

    We don`t care.



  • Nothing personal loos but just above your paygrade, really!

    Keep until the next one.

    This just means he should not get involved into this since its not his call……
    I just use this to push things to get fixed since i know i am a sensitive topic 😉

    @jwt:

    Ermal,

    Having employed both you and Luiz, allow me to make one thing perfectly clear.

    By every measure, Luiz is a better engineer, a better employee, and a better individual.

    To be clear, his “skills” (technical chops) surpass yours.

    I am not alone in this position. One need only reflect on the simple fact that you are not yet a full committer to FreeBSD.  Luiz is.  Why is that, Ermal?

    Another point, Why hasn’t Chris hasn’t employed you at Ubiquit?i

    I know the answers to these questions, and so do you.

    There are many reasons why your employment here was terminated.  While I have thus far refused to disclose these, mostly to protect your ability to find employment, I do have limits, and you are quite near to exceeding same.

    Your actions here and on Twitter can be compared to those of a petulant chilld. I suggest you reconsider the potential consequences of continuing your current path.

    I was not commenting Luiz in any sense since i do not have anything against him.
    I wish him best of luck and have him enjoy what he works on!

    Commenting on my involvement with FreeBSD is not something you can evaluate or even understand.I
    ts just nothing i have pushed for long since it really has never been considered to bring added value to me, but that is a topic for myself and FreeBSD project and how they handle some things.
    Just to remind, you do not know me you just met me for a period of time!

    Surely, you just throw the best of you to the worst when time comes.
    I know you for this and i am not alone in this reasoning but unlike you i do not bitch around just to show off and just to come up first in every next topic.
    While about you Jim, thank you for your appreciation and valuing my contribution to the project!

    Bringing Chris into the matter is not good its just your way, though good to see you guys are still in touch.
    Also, employing me or not is a matter of the employer not Chris, I value equal opportunity companies and you clearly make a bad case for the company at hand and most surely Chris, which i respect as a friend, accusing him of breaking company policies!
    This is who you are i cannot change that, do not forget that even knowing this i asked you to still work on pfSense since its a partial time of my life you still refused!

    While my technical skills are something depending on time you evaluated differently, they just show up on my contribution to pfSense and what i made it be during this time.
    My employer or any future employers have nothing to do with any of our discussion, its just some fuzzing pressure from you for whatever reason.
    Child or not i have still to see my copyrights restored wherever they were.

    Finally, I really have no consideration for you or how you do business,
    the most funny part is that i came here to check the forum and could not resist to make the comment, innocently, since i see shaping something left over in general on the project.
    Still, You have my contacts and can bring with me up any concerns on your side as i have tried doing so far in private.

    Take care grown up.



  • first post

    I was also having issues with the Traffic Shaper Wizard not working on the SG-1000 because ALTQ wasn’t supported on the cpsw NICs.

    Just wanted to direct folks to: https://redmine.pfsense.org/issues/7199

    True to this post, on the build I tried after 20170211, I was able to go through the traffic shaper wizard successfully.

    Yay!

    Unfortunately I experienced 3 issues with the wizard:
    1. When choosing PRIQ, the wizard never made the VOIP queue, when entering the VoIP server IP.  Even after running the wizard multiple times  (Choosing HCSF, the wizard DID make the VoIP queue).
    2. When choosing PRIQ, despite my best (admittedly NOOB) efforts to have all traffic to/from a single IP (say 192.168.1.50) put to the qOthersHigh queue, all traffic shows on the qLink and qDefault queues.  Nothing is routed to other queues.
    3. When choosing HFSC, despite my best (admittedly NOOB) efforts to have all traffic to/from a single IP (say 192.168.1.50) put to the qOthersHigh queue, all traffic shows on the qLink and qDefault queues.  Nothing is routed to other queues.

    I’m not familiar with pfsense forum etiquette, should I create a new thread for these issues with the Traffic Shaper Wizard, or is it appropriate for me to outline my separate issues with the wizard on this existing thread?

    Thanks for any assistance or requests for additional information.

    -S



  • You need to create an own topic in “traffic shaper”.
    Wizard created shaper needs manual tune. You need to create or use exciting firewall rules to assign your desired queues to traffic. Fo example you have utorrent running on 192.168.1.10 port 1111 (port forwarded), you need to find wizard created p2p floating firewall rule and manually assign IP and port.


 

© Copyright 2002 - 2018 Rubicon Communications, LLC | Privacy Policy