Monitoring graphs: packet loss is ineligible if we have >500ms delay



  • When viewing quality graphs (status > monitoring > add Quality graph) of a WAN with high latency (e.g. satellite links where 700ms is normal) packet losses as high as 5% are almost ineligible. Here is a screenshot from pfsense 2.3.3 that demonstrates the problem:

    When viewing Quality graphs it's very important to be able to tell at a glance if you have 5% packet loss so fixing this seems important to me. I've three suggestions on how this could be fixed

    • when one selects to use inverse axis the two sub-axis should be allowed to have different scales. This will also help poor souls with highly asymmetric DSL lines where sometimes a fully utilized uplink can be hardly noticeable in the bandwidth graphs because the maximum BW of the uplink is 1/8 of the downlink. One would need to improve the graphing code to automatically select a scale such that the ratio of the heights of the two sub-axis is always at least 20% and to always print units on the negative axis.

    • the packet loss is always represented as if the y-axis has a range of 0-to-100% (i.e. one axis will have double units)

    • the quality graph is split to "quality/packet loss" and "quality/rtt" (and one would have to add them one both in one graph one using the left axis and one using the right). Feel free to ignore me if you come up with a better idea.

    P.S.: A post from member itsme01 about a year ago suggests that this was fixed: https://forum.pfsense.org/index.php?topic=107790.150

    Monitoring graphs are looking GREAT! I see you fixed the problem with quality graphs, where packet loss (%) and delay (ms) was on the same axis and caused the graph to be poorly readable. Now it is brilliant! Well done guys! Two thumbs up!



  • It may be more visible if you turned inverse on. You can also temporarily disable the display of standard deviation by clicking on the standard deviation circle (orange in the example above). This will cause the graph to reconfigure without standard deviation, which should make loss much more visible.

    But the core issue is that the standard deviation is startiling high. Have you looked into this? Is it perhaps a buffer bloat issue?



  • @dennypage:

    It may be more visible if you turned inverse on.

    I thought this was an excellent idea but sadly inverting the axis keeps exactly the same scale for the packet loss. It's a good idea for fixing this issue though. The negative side of an axis could have a different scale than the positive [I've updated my original post to include this as a possible way to fix this [i]small issue].

    @dennypage:

    You can also temporarily disable the display of standard deviation by clicking on the standard deviation circle (orange in the example above). […]

    :- _But the core issue is that the standard deviation is startiling high. Have you looked into this? Is it perhaps a buffer bloat issue?

    Thanks for caring enough to point this out. The high std-dev appears when I turn of all traffic shaping on pfsense. I am  trying to keep my limiters setup (they do magic to split the bandwidth in a fair manner between PCs in my office) while at the same time adding traffic shaping to give priority to DNS and VoIP. I'm not sure if it's possible and it's not documented anywhere in my sight (googled, looked at the forums and at the pfsense book)_



  • Using Codel would probably address most of your buffer bloat issue. There are several articles in the shaping board which discuss codel. Btw, are you using the default settings in System / Routing / Gateways / Edit or have you made changes there?



  • Regarding the gateway setup: I have two WANs and the only thing I've configured manually was the monitoring gateway[2] and two active/standby gateway groups one for each WAN.

    I've read that CoDel is not suitable for low-BW lines (e.g. "CoDel does not work well below 1Mb/s" – Harvy66). I have two ADSL lines giving 5/0.7 and 7/0.8 Mbps  :(. Although my gut feeling is that Harvy66's comment is about the download I started without CoDel to be on the safe side. I've used limiters because I can understand them. They do work perfectly (each PC gets its fair share of the BW) but I do want to also give priority to DNS and VoIP over all other packets. Do you think that "[HOWTO] Multi WAN Traffic shaper with bandwidth limits per interface" by deajan[1] is a good place to start? Also if by any chance you have an idea about whether CoDel fits my poor ADSL I do want to hear.


    [1] https://forum.pfsense.org/index.php?topic=120380.msg705387#msg705387

    [2] my pfSense router is connected to 2 ADSL modem/routers and sees their private (192.168.x.y) addresses as gateways. So I have to specify monitor IPs manually (I tried to use PPPoE to avoid this but it gave me a lot of headaches: one modem was stable when acting as a bridge and one DSL provider couldn't support me correctly when I was not using his modem in bridge mode)



  • The shaping issue would be for download rather than upload. Your bandwidth down, 5 & 7, is above the 1Mb/s referred to.

    My shaping knowledge is limited–Harvy's knowledge is vast. :)



  • Thank you dennypage. I'll give myself a break for a few days then I'll dive back to traffic shaping abyss (this will also help with my popularity. I've seen people outside the office protesting with signs "We are not lab mice – No more experiments with the internet during working hours").