Goals: Ensure enough room for ACKs, single destination IP has lowest priority.



  • I'm using pfSense 2.4.2. I'm completely new to traffic shaping but I understand the basic concepts. My current setup:

    50Mbps down/5Mbps up WAN connection. I have a couple of VPN clients on the router, and I have rules to router local traffic out of WAN, VPN1, or VPN2 depending on which VLAN it came from. I There are a couple of exceptions to this, so I have an alias for "always route out WAN" listing particular statically assigned IPs.

    I'm got several machines doing backups on various VLANs. If there happens to be a large differntial backup, it swamps the upload connection and lots of other things that normally only downloading start performing poorly. I suspect this is because the backups aren't leaving enough room for the ACKS on applications that are otherwise using very little upload.

    So, what I would like to do is something like this:

    • Across WAN, VPN1, and VPN2 always leave enough room for ACKs.
    • Somehow classify the backup traffic exiting WAN, VPN1, VPN2, as the lowest priority.
    • All other traffic can be "the rest".

    I don't care enough to create more classes than "backups are lowest", "ACKs are highest", "everything else is the same". I only want this to apply to the WAN, VPN1, VPN2.

    Is this easy to do? Any ideas on how to identify the backup traffic, it'll be https to a specific domain (I can get the current set of IPs but it can change over time), on my LAN, it could originate from different VLANs, but I could maybe limit this traffic to originate from fixed set of source IPs.

    Thanks for any advice or help.



  • The simplest setup would be FairQ shaper with Codel as a child queue discipline. If you want something easy to manage but keeps latency down, look into fq_Codel (https://forum.pfsense.org/index.php?topic=126637.0).



  • @Harvy66:

    The simplest setup would be FairQ shaper with Codel as a child queue discipline. If you want something easy to manage but keeps latency down, look into fq_Codel (https://forum.pfsense.org/index.php?topic=126637.0).

    Thanks for the reply. I like simple. Is there documentation on setting this up? Can I just worry about the WAN interface for now? Do I do this thru one of the wizards or some other way?



  • No wizard. Just go to WAN, set the bandwidth at the interface to ~90% of your effective upload bandwidth with FairQ as the scheduler, and check the box in the Default Queue to enable Codel…. I think.



  • Thanks for the reply, but I don't understand enough about setting up Traffic Shaping to make sense of your answer. Is there a step-by-step document somewhere? Or something with screenshots?



  • Ignore all of my other queues. All you care about is "Default".








  • Thanks! I'll try this tonight.
    Ok, so from scratch I go to:

    • Traffic Shaping by Interface -> WAN
    • I select FAIRQ and put in my 90% upstream bandwidth number.
    • qDefault then automatically shows up? How do I get to the per-queue settings?


  • Click on the queue.