Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    New to Traffic Shaping and Floating rules questions?

    Scheduled Pinned Locked Moved
    Traffic Shaping
    2
    3
    449
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • JonathanLeeJ
      JonathanLee
      last edited by JonathanLee

      Hello fellow Netgate members,
      Can you help? I wanted to fix bufferbloat affecting Hulu on our Raspberry Pi the system kept doing a snap error on the browser. I researched and found while testing the bufferboat I had a F. I fixed it got it the testing into the A range and streaming video no longer has issues.

      However I am new to using traffic shaping and I have some questions still. Can you please help?

      bloat.PNG
      Image: Error I would receive before setting up traffic shaping with Hulu.

      grade.PNG

      Image: Final test of bufferbloat after setting up traffic shaping. Prior I had F until configuration was completed for traffic shaping.

      4e4e56d7-4d0c-4b7e-9d10-9c7c43c9f430-image.png
      Image: Floating rules for limiter

      Question 1:

      Floating rules: Do these rules override the WAN Access Control Lists already in place on the interface? Example if I have a specific block will it also be blocked still?

      taildrop.PNG
      Image: Tail Drop

      Question 2:

      For Codel use are we suppose to use tail drop or codel option?

      codeel2.PNG

      Question 3:

      If the limiter is already set up here do we also have to set up configuration for the interface on here?

      coddel.PNG

      Image: Interface for shaping config

      Make sure to upvote

      S 1 Reply Last reply Reply Quote 0
      • S
        SteveITS Rebel Alliance @JonathanLee
        last edited by

        @jonathanlee Did you follow https://docs.netgate.com/pfsense/en/latest/recipes/codel-limiters.html ?

        Floating rules are a bit different (https://docs.netgate.com/pfsense/en/latest/firewall/floating-rules.html#precautions-caveats). The above recipe does list to use a Pass rule instead of Match (https://docs.netgate.com/pfsense/en/latest/firewall/floating-rules.html#match-action). However since it is for traffic exiting WAN, I would guess they assume any blocks would have already happened on the LAN interface?

        Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
        When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
        Upvote 👍 helpful posts!

        JonathanLeeJ 1 Reply Last reply Reply Quote 1
        • JonathanLeeJ
          JonathanLee @SteveITS
          last edited by

          @steveits yes i did just wanted to ask because of the any any rule however it is on the outbound

          Make sure to upvote

          1 Reply Last reply Reply Quote 0
          • First post
            Last post