HFSC shaping - Ignoring bandwidth, upperlimit is halved?
I've looked through Google searches and come up with only one relevant search result, that seems to have sunk into obscurity without an actual answer. Seems OP of that thread gave up and just doubled upperlimit.
When setting up traffic shaper, it appears that bandwidth is utterly ignored (I can get 200Mbps through 100Mbps setting), and if setting upperlimit, only half of that limit is able to be attained. For instance I set 200Mbps, and get 100Mbps throughput, or I set 400 and get 200, 50, get ~25, etc.
What gives? Is a shaping rule somehow double-queueing packets? Is the traffic shaper bonkers and not using entered values?
this is on pSense 2.4.4-RELEASE-p3 (amd64)
Updated to include pfSense version and add the question bit since this is a question...
No-one has any ideas -- or know why it is happening? Need more info?
HFSC is one of the hardest topics to understand. Not many people here know it really well. I tried working with it years ago and ended up using PRIQ instead.
Haven't really looked at any other shaper since I started my first BSD box with help from https://calomel.org/pf_hfsc.html
Saw pfSense, and loved that it supported (by default in wizard) HFSC.
Does PRIQ respond quickly enough? One thing I like about HSFC is that it has rate limiting, and it seems to respond pretty quickly -- I work from home some days and use VPN when out and about quite a bit, deskphone is VoIP and use a lot of real-time stuff, and when I'm at home I like to goof about with friends in games. While my wife and the kiddos are streaming and doing school (while streaming, I dunno how).
So far the HFSC has worked decently, but we moved to a location that ISP promised was able to get decent internet, but turns out they're full of crap and I don't have another ISP around that will serve my new location. So I'm down to a (quite flaky) bonded DSL connection, and I've noticed this oddity while i was trying to tune the rules to not sound like a robot on the phone, or drop client connections.
Also, if the firewall is somehow b0rked and seeing traffic 2x, no guarantee that PRIQ won't have the same issue.
PRIQ is a simple system based on priorities. It doesn't require you to fiddle around with limits and bandwidth allotments. You set priority levels for your child queues and then direct IPs or ports into the desired priority.