Playing with fq_codel in 2.4
-
I have a 150Mb connection, I set my bandwidth to 99%, or 148.5Mb, and I get about 147.8Mb/s with speed tests. If you're losing more than a small faction of a percentage, it's because something is misconfigured, low quality network equipment, or you're dealing with very small amounts of bandwidth where dropping a single packet results in a sizable bandwidth difference.
I also have 150mb connection and am running an i5 mini PC with PFsense. It seems like a simple configuration so I'm not sure what could actually be misconfigured but I'm not ruling it out. Any ideas?
-
I have a 150Mb connection, I set my bandwidth to 99%, or 148.5Mb, and I get about 147.8Mb/s with speed tests. If you're losing more than a small faction of a percentage, it's because something is misconfigured, low quality network equipment, or you're dealing with very small amounts of bandwidth where dropping a single packet results in a sizable bandwidth difference.
Full disclosure, I am running a VPN, but it pins at 147mb no matter what….until this config.
-
HeatmiserNYC
So, with FQ_CODEL you have 130Mbps max, right? You said -20Mbps…
The misconfiguration can be interference with other limiters or rules if you have used same limiter twice or more — I did not checked but it was possible in certain conditions.
Also TS mentioned that this FQ_CODEL setup equalizes traffic and with VPN it can be a real problem if you have concurrent or even the same traffic on both.
Anyway, I did tests some time ago and there was 1-2 Mbps difference with bandwidth limit, if we compare to traditional HFSC this is about twice less. Now I don't use bandwidth limit but delay limit that is set to 0ms, this causes FQ_CODEL scheduler to process all traffic by using only internal parameters, I think. Double check everything and if problem persists, please provide some configuration sample. -
Cool, thanks for replying.
Yes, I get about 125-130 down when I set my limiter to 143mb (95%). My connection without the limiter will tend to burst initially to a bit over 200mb according to testmy.net. I have a simple setup following the guide detailed in the first post.
I use the VPN for all outbound traffic, it's not a separate situation.
I have tried traffic shaping before and this has been true for any configuration I have ever tried. If I try to shape close to my line speed it takes about 20mb off the top. How do you not use a bandwidth limit? Adding a delay limit in the field doesn't take.
Just need a successful example of this to get running…
Again, thanks.
-
Cool, thanks for replying.
Yes, I get about 125-130 down when I set my limiter to 143mb (95%). My connection without the limiter will tend to burst initially to a bit over 200mb according to testmy.net. I have a simple setup following the guide detailed in the first post.
I use the VPN for all outbound traffic, it's not a separate situation.
I have tried traffic shaping before and this has been true for any configuration I have ever tried. If I try to shape close to my line speed it takes about 20mb off the top. How do you not use a bandwidth limit? Adding a delay limit in the field doesn't take.
Just need a successful example of this to get running…
Again, thanks.
Perhaps your speed drop is related to overhead like VPN, TCP, etc. I assume you are referring to goodput bitrates?
On downloads you will commonly see below the configured bitrate because each time you hit the limit pfSense will tell the sender to slow down below the limit. Personally, I found very little useful benefit by limiting downloads because my ISP has minimal bufferbloat and allowing them to do the rate-limiting gives me 100% speeds.
-
What about to try to move shaper/limiters from LAN side to VPN side firewall rules?
-
That's an idea, I'll give that a shot!
-
Yea, that didn't work.
-
Just for testing purpose, try to change bw limiting to delay limiting :
pipe 1 config delay 0ms
for both pipes
-
Sorry gone for a few days, vacation.
I gave that a shot by changing the /tmp file, it doesn't seem to have an affect. I am only changing the /tmp file, maybe it needs to be rebooted and hardcoded into the file? The only reason I haven't done this is because I haven't seen the results everybody is reporting…
-
Yes it's need to be rebooted or reloaded with```
/etc/rc.reload_allAfter you did that run the following command``` ipfw sched show ```and you should see something like``` 00001: unlimited 0 ms burst 0 ```for the both pipes you have.
-
@w0w:
Yes it's need to be rebooted or reloaded with```
/etc/rc.reload_allAfter you did that run the following command``` ipfw sched show ```and you should see something like``` 00001: unlimited 0 ms burst 0 ```for the both pipes you have.
Yes, all relatively simple and you've been great at walking through the steps you put in place.
I'm getting this for both pipes.
00003: unlimited 0 ms burst 0
00004: unlimited 0 ms burst 0
Yet I can't get better than a B rating for bufferbloat, which is the same if I literally do nothing at all….
-
But what about VPN bandwidth? Are you still getting 120Mbps?
-
That part HAS improved, looks like it does get about 145-ish or so which is about right. It just does nothing for bufferbloat.
-
Can you post the full output of```
ipfw sched show -
I'd like to look at implementing this, but I was wondering
Anyone know the status of pfsync + limiters?
-
I'd like to look at implementing this, but I was wondering
Anyone know the status of pfsync + limiters?
What was the last status you know? :D
-
The last status I know is that the pfsense book says not to use pfsync and limiters together, but doesn't explain why
-
The last status I know is that the pfsense book says not to use pfsync and limiters together, but doesn't explain why
This is actual. https://redmine.pfsense.org/issues/4310 have 0% progress.
-
@w0w:
The last status I know is that the pfsense book says not to use pfsync and limiters together, but doesn't explain why
This is actual. https://redmine.pfsense.org/issues/4310 have 0% progress.
D=