fq_codel broke on 2.5.0-devel

  • I decided to give the 2.5.0 version a try, and my config, which worked fine on 2.4.5, produced some very strange behavior after the upgrade. Inbound connections (coming from the internet) worked fine, but outbound connections from the LAN did not. Outbound from pfsense itself worked however (so for example I could ping from pfsense itself, but the ping failed from a PC on the LAN). I suspected traffic shaping might be the problem, so I disabled my floating rule and cleared all states, and everything worked fine again. I am able to reliably break and unbreak it by toggling that rule.

    It occurred to me that the pfsense devs might not be aware of this, so I wanted to bring it to your attention.

    I can share my config if it would be useful. I would have to sanitize it so I don't want to spend the time to do that unless someone actually wants it. But on a basic level I was using tail drop/fq_codel.

    (my hardware is a SG-3100 running 2.5.0.a.20200624.1250)

  • Rebel Alliance Developer Netgate

  • @jimp are you any closer on figuring out what is causing it?

  • Rebel Alliance Developer Netgate

    We haven't got around to digging into that one yet, lots of other higher priorities.

Log in to reply