CoDel Limiter on WAN interface breaks SIP registration



  • Hello everyone,

    lets start with the environment:

    • pfsense build based on the A2SDi-4C-HLN4F Board (Atom C3558)
    • Dual WAN (ADSL2 lines)
    • The internal networks LAN and VOICE (VLAN) are allocated to the same physical interface.
    • The PBX is an Auerswald 5020 located in the VOICE network. All traffic from the PBX is routed from VOICE over the WAN1 gateway, because the SIP accounts are tied to the corresponding ADSL2 line.

    Since the drivers for the ix interfaces do not support ALTQ, the attempt is to use limiters with fq_codel for QoS. So far I applied the configuration presented in the August hangout and the variation stated here: https://forum.netgate.com/post/803468. That means, I created the limiters and queues as well as the floating rule for the interface WAN1. A shapping and reduction of bufferbloat (level A) can be confirmed by running the test at dslreports.com/speedtest.

    But as soon as the floating rule is activated and all states are reset, the SIP accounts cannot be registered any more by the PBX ("no response from remote ..."). To exclude an Auerswald specific issue, I replaced the PBX with a fritzbox without any success. With a deactivated floating rule, both PBX are running fine. An activated floating rule and a Zoiper client registering only a single SIP account does work.

    Can anyone provide me a hint for solving this issue?
    If any details are missing, please let me know.

    Regards