TCP ack Prioritization
-
I'm currently using FQCodel to address bufferbloat. Works very well. I would like to experiment on prioritization of packets such as "TCP ACK" can any one provide some guidelines? Currently It is set up like this:
- Created another queue under upload pipe with a weight of 10 (named "Upload Priority Queue")
- Creaded floating rule :
Action: Pass
Interface: WAN
Direction: Out
Address Family: IPv4
Protocol: TCP
Source: Any
Destination: Any
TCP Flag: out of ACK (2nd row)
Gateway: WAN
In/Out Pipe: Download Queue / Upload Priority Queue
Any thoughts on this?
Thanks
-
This is really interesting and something I’ve been thinking about recently. I’ve implemented your configuration and so far it seems to work well. I did have to flip the way you had your pipes setup to get it to work, however. I think the in pipe has to be used for the upload and the out pipe has to be used for download at least in my system.
I’ve also noticed that my OpenVPN connection is broken in a strange way it connects and I can ping internally but can’t pull up the web interface for any of my local servers or access anything outside my local network. I have to do some additional testing but I think it’s because the ACKs are not getting routed probably back through the VPN.
Interested to know if you’ve made any changes to your setup or discovered anything else.
-
Hey there.
Can you possibly share a screenshot of your rules..
I’m confused about if you only have the rules you described or if I have a problem with the 23.01 shaper wizard..
Thanks in advance.
-
You're right, the pipes are reversed. Made the corrections already. Thank you for pointing that out. This approach would bring down latency in very busy environemnt. I'm also using this in DNS queries.
I only use VPN on client side using the provider's app. No problem so far
-
I use this guide for bufferbloat management. It has the same rules as mine:
Remember to use "Match" instead of "In" under "Action" field. Pfsense recipe guide uses the reverse.
-
I've been playing with this a bit more and trying to optimize things, but it seems like great minds think alike...tell me more about what you've done with the DNS queries.
Also, have you played at all with DiffServ Code Points?
-
DiffServe Code Points? What do u mean?
All DNS queries are given the same priority as the TCP ack. Creat a floating rule that would intercept queries on your DNS resolver provider.
The way I set up my DNS is somethin like this:
Then I use NextDNS for my upstream DNS
What optimization have you done on your pfsense? Have you tried playing around with the System Tunables?