Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Traffice Shaping / Limiters do not work on 22.05 after upgrade

    Traffic Shaping
    9
    13
    1198
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      thomas.hohm last edited by thomas.hohm

      Hi all,

      I am not sure if my scenario also falls under
      https://forum.netgate.com/topic/171158/qos-traffic-shaping-limiters-fq_codel-on-22-05
      https://redmine.pfsense.org/issues/13026
      as that cases describes that limiters do not work at all after the upgrade and it sounds specific to a certain scheduler.

      For my scenario:

      • currently pfSense 22.5, before 22.1, which we upgraded directly to 22.5 via web gui update functionality
      • before the upgrade limiters worked, after upgrade the limiters (without having them changed) only worked only for downloading, not for uploading any more. Upload only lets pass very little data (e.g. some kbit/s to max 1 Mbit/s), most of the time it fails completely. Also ping packets get lost.
      • we have one limiter per one firewall rule per direction (in/out), they are all set to > 10 MBit/s up to 1000 MBit/s
      • when I remove the limiters from the in / out settings of the firewall rule everything is running perfectly fine (up to 1Gbit/s up and down)
      • I tried changing all kind of settings in the limiters to investigate if it's just my limiter configuration, but I had the same experiences with all combinations I've tested.
      • we also use captive portal enabled on this pfsense ha cluster (consisting of 2 pfsense Firewalls with netgate Hardware (system info shows them as Super Micro 1537)
      • we have setup about 20 interfaces (most are VLAN-interfaces)
      • we have setup about 80 limiters for different bandwidth limitations that we have to change from one use case to another (we are a convention center and have lots of changing requirements)

      I am happy to share any kind of additional information (logfiles, config settings, whatever is helpful) - just let me know what is required for deeper analysis.

      Thanks a lot
      Thomas

      1 Reply Last reply Reply Quote 3
      • B
        BNetworker last edited by BNetworker

        I am seeing the same behavior as well. I just have a single simple limiter setup. It no longer matches traffic after upgrade to beta.

        Netgate 6100
        22.05-BETA (amd64)
        built on Fri May 20 06:20:45 UTC 2022

        S C 2 Replies Last reply Reply Quote 0
        • S
          SteveITS @BNetworker last edited by

          You might post in https://forum.netgate.com/category/28/development and/or if you can replicate enter it in redmine.pfsense.org.

          If you disable captive portal does it work? There were issues in 22.01 with that setup with limiters.

          Steve

          Only install packages for your version, or risk breaking it. If yours is older, select it in System/Update/Update Settings.
          When upgrading, let it finish; do not reboot early. Allow 10-15 minutes, or more depending on packages and device speed.

          B 1 Reply Last reply Reply Quote 0
          • B
            BNetworker @SteveITS last edited by

            @steveits

            Hey Steve, Thanks for the reply. Not using the captive portal. The limiters are applied to a floating rule in the firewall.

            luckman212 1 Reply Last reply Reply Quote 0
            • Referenced by  B BNetworker 
            • Referenced by  B BNetworker 
            • luckman212
              luckman212 LAYER 8 @BNetworker last edited by

              @bnetworker Have you tested on the latest snapshot betas? The redmine issue claims it's fixed.

              B 1 Reply Last reply Reply Quote 0
              • B
                BNetworker @luckman212 last edited by BNetworker

                @luckman212 Hey! yes, I can confirm it has been working in 22.05.b.20220524.0600 +

                Currently on 22.05.b.20220527.0600 and still working.

                1 Reply Last reply Reply Quote 1
                • A
                  a2theziz last edited by

                  Hey,

                  After upgrading to 22.05, I'm also facing an issue where the limiters are only being applied to the download and not the upload.

                  I have the limiters applied on a LAN rule with a !RFC1918 destination. It was working fine before the upgrade.

                  Thanks

                  L J 2 Replies Last reply Reply Quote 0
                  • L
                    level4 @a2theziz last edited by level4

                    @a2theziz said in Traffice Shaping / Limiters do not work on 22.05 after upgrade:

                    After upgrading to 22.05, I'm also facing an issue where the limiters are only being applied to the download and not the upload.

                    I'm having/seeing this as well, beeing on 22.05, and not using captive portal.

                    In the FW-rule setting the limiters, i've also set a specific gateway pointing to a gatewaygroup containing two gateways. (to act as failover). I found out, when i restore this setting to "default", the upload limiter starts to work again.

                    Not sure if this should be posted in /development, i hope someone can replicate the issue and resolve it.

                    A 1 Reply Last reply Reply Quote 0
                    • C
                      coolspot @BNetworker last edited by

                      @bnetworker I've been struggling for days implementing a simple Tail Drop Traffic limiter on 2.6.0; if I enable the traffic limiter, it works for a few seconds, then traffic is blocked to the interface - or in some cases, at a very very low speed.

                      I'm not sure if this is related, but I followed all the tutorials online and it seems odd that even a simple traffic limiter with 2.6.0 won't function correctly?

                      1 Reply Last reply Reply Quote 0
                      • A
                        a2theziz @level4 last edited by

                        @level4

                        Yeah, I'm using gateway groups as well.

                        What I ended up doing is use the "Tag" option in my LAN rule (under the Advance Options) to tag traffic leaving the interface , and apply the limiters as a floating rule by using the "Tagged" option with matching tags.

                        This worked quite well, but note I had to create a floating rule for each gateway in my gateway group.

                        J 1 Reply Last reply Reply Quote 0
                        • J
                          jeckoyv @a2theziz last edited by

                          @a2theziz

                          Exact thing happen to me. Upload limiter only works on default gateway. Any solution or workaround yet?

                          1 Reply Last reply Reply Quote 0
                          • J
                            jeckoyv @a2theziz last edited by

                            @a2theziz Can you give us exact details on how to implement this workaround?

                            1 Reply Last reply Reply Quote 0
                            • Referenced by  T tumbleweedcity 
                            • A
                              ahmed20n8 last edited by

                              Any solution to it yet? I upgraded to latest pfsense+ version but still the upload speed isn't limited if a gateway group is selected
                              Downgrading to 22.01 fixes the issue

                              1 Reply Last reply Reply Quote 0
                              • First post
                                Last post