Ran the wizard, but I don't see it shaping -> no VPN gateway?



  • -|- please scroll down, I found out the problem is with the gateway; the question is still open -|-

    Hello,

    I ran the wizard, wanting to have all my usenet in the lowest priority. I modified the floating rule to add the port (563), but it doesn't seem to catch any traffic into the low priority queue. I then also added the host (firewall rules at the bottom of the picture), but still no traffic ends up in the low priority queue.

    What am I (obviously) doing wrong?

    Thank you for any help ๐Ÿ•บ

    Picture 1:

    pfs_trafficshaper_shaper_01.jpg

    Picture 2:

    pfs_trafficshaper_fw_rules.jpg

    Picture 3:

    pfs_trafficshaper_status_queues.jpg



    1. You have told it that your bandwidth is 227 Mbps on LAN. That seems awfully low for a LAN queue.

    2. You didn't show your floating rules where you direct traffic into the queues you have configured.

    I'm not even sure how the shaper performs with multiple WANs, if at all. I use PRIQ for our voip phones on a single WAN and it works fine for me.



  • @KOM said in Ran the wizard, but I don't see it shaping:

    1. You have told it that your bandwidth is 227 Mbps on LAN. That seems awfully low for a LAN queue.

    2. You didn't show your floating rules where you direct traffic into the queues you have configured.

    I'm not even sure how the shaper performs with multiple WANs, if at all. I use PRIQ for our voip phones on a single WAN and it works fine for me.

    Ad1: I agree, that seems some strange error.
    Ad2: I thought the 2nd picture shows the floating rules?

    Would a second WAN be a problem if it is not being used? (It is failover only, and no traffic shaping needs to take place on this second WAN).



  • I have no idea how I missed your rules there. I think I get easily confused if the headers aren't there.

    I would change your LAN queue bandwidth to 800-900 Mbps. As for how multi-WAN behaves, I don't know.

    The floating rules will direct new states that match into your queues. Existing states will not be affected by the rule change, so flush them before you test. NNTP doesn't use UDP as far as I know, so that second rule isn't required.



  • Thanks KOM. I increased LAN, I reset states, but no traffic gets shaped, it all stays in qLink.

    In a bright moment I enabled logging of the floating rules, and this indeed doesn't generate any logs: the floating rules for some reason are not applied.

    I think multiWAN should work; the wizard is called MultiLAN/WAN.



  • I found the cause ๐Ÿ‘’

    The usenet traffic is going over a VPN client (PIA). This where it goes wrong.

    If I remove that VPN gateway, traffic flows into the low priority queue fine.

    The problem now is, when I explicitly want to add the VPN gateway to the floating rule, I get this error:

    pfs_trafficshaper_floating_gateway.jpg

    I don't know what to do now. I do notice the fields for "in/out pipe", but there is nothing to select there:

    pfs_trafficshaper_floating_pipes.jpg



  • No idea about that as I've never had MultiWAN and I don't use VPNs. In/Out Pipe is used by limiters which doesn't apply to you here.

    Why are you worrying about VPNing Usenet traffic anyway? That's directly point to point, unlike a torrent cloud, so unless your ISP is sniffing your packets and reporting back to the **AA, your privacy should be fine.



  • (@KOM said in Ran the wizard, but I don't see it shaping -> no VPN gateway?:

    Why are you worrying about VPNing Usenet traffic anyway? That's directly point to point, unlike a torrent cloud, so unless your ISP is sniffing your packets and reporting back to the **AA, your privacy should be fine.

    I never know with all these EU rules, so I thought I'd better be on the safe side.)



  • I still have a Giganews account but I don't use it much at all. Usenet is basically dead and has been for years. It had its uses back when it was decentralized, but as every ISP, college and university gave up their NNTP servers and Usenet consolidated to only a few commercial providers, it's just a haven for spam and malware now. Binary content is hit or miss since it's now easy for the big entities to police it and remove content they disapprove of.



  • @KOM said in Ran the wizard, but I don't see it shaping -> no VPN gateway?:

    I still have a Giganews account but I don't use it much at all. Usenet is basically dead and has been for years. It had its uses back when it was decentralized, but as every ISP, college and university gave up their NNTP servers and Usenet consolidated to only a few commercial providers, it's just a haven for spam and malware now. Binary content is hit or miss since it's now easy for the big entities to police it and remove content they disapprove of.

    I agree it is less than it was in the past, KOM ๐Ÿƒ

    That aside, my question remains open: is there no solution to my problem? Traffic shaping not possible if I use a VPN gateway?



  • I don't have such a config and I'm not the best at traffic shaping so I can't really help you much.



  • @snore

    @snore said in Ran the wizard, but I don't see it shaping -> no VPN gateway?:

    I found the cause ๐Ÿ‘’

    The usenet traffic is going over a VPN client (PIA). This where it goes wrong.

    If I remove that VPN gateway, traffic flows into the low priority queue fine.

    The problem now is, when I explicitly want to add the VPN gateway to the floating rule, I get this error:

    pfs_trafficshaper_floating_gateway.jpg

    I don't know what to do now. I do notice the fields for "in/out pipe", but there is nothing to select there:

    pfs_trafficshaper_floating_pipes.jpg

    The error refers to making the selection on the 'Direction' field (further up the page, below where you choose the interface), not what your screenshot appears to show, which is where you are presumably trying to change it.



  • @sh500 said in Ran the wizard, but I don't see it shaping -> no VPN gateway?:

    The error refers to making the selection on the 'Direction' field (further up the page, below where you choose the interface), not what your screenshot appears to show, which is where you are presumably trying to change it.

    Thank you, very sharp sight you have ๐Ÿ‘

    I tried changing the rule to both 'in' and 'out', but unfortunately it doesn't make a difference. Even with the VPN gateway added to the floating rule the traffic does not end up in the low-priority queue (with resetting states in between).



  • I've got a very similar setup as yours. Some traffic going through PIA, multi-vlans, etc.

    I tried the wizard with HSFC. The low priority (VPN) traffic seems to be going to the correct queue, but higher priority (Web) doesn't seem to be taking precedence, ie the low priority traffic still hogs the bandwidth.

    Like many, I just want a method to make the most of the bandwidth available at any given point in time. But seems it's easier said than done.


Log in to reply