Multi VLAN Slowdown when Using HFSC
-
Hello PF Community. Thank you for any and all of your inputs and responses.
I've been dealing with on many pf sense networks. The issue is able to be recreated in a virtual environment. I'm not sure if it's something that i'm doing wrong in the shaping configuration or if it is an issue with HFSC shaping on VLANS. Troubleshooting and bench testing definitely point the finger at the traffic shaping, but i could be configuring the traffic shaping improperly.
The problem in a nutshell: Inter vlan traffic (NAT'ing from one subnet to another) goes smoothly. I'm getting full speeds between vlans without any issues. As soon I apply HFSC traffic shaping the speeds slow down drastically between vlans. So I know the issue is definitely with the shaping i'm applying. I guess i'm wondering if there is anyway to apply shaping to the outbound WAN traffic and not just each interface. More so looking to balance traffic in real time between the vlans and the WAN internet connection without restricting inter vlan communications.
-
The default queue size is only 50 packets. This does not apply with TS disabled. You probably need to tweak your queue depths since you enabled TS.
-
…
I guess i'm wondering if there is anyway to apply shaping to the outbound WAN traffic and not just each interface. More so looking to balance traffic in real time between the vlans and the WAN internet connection without restricting inter vlan communications.I think the Wizard creates a queue for LAN traffic on the local interfaces that explicitly avoids putting any restrictions on local traffic, so you might confirm that it is working. Is your problem caused by incorrect classification of traffic to the wrong queue? Is the queue bandwidth itself incorrect? Does simply enabling traffic-shaping cause the slow-down? We/you need to figure it out. Look at pftop and other diagnostics to confirm where the problem lies. Share more details.
A possibly simpler method would be to only create WAN queues, but this will mean only your uploads will be shaped. You could maybe use limiters on WAN to shape downloads (queues only work on outgoing traffic) since limiters are capable of shaping in both directions on an interface.