Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Wireguard FQ_CODEL + ALTQ (PRIOQ)

    Scheduled Pinned Locked Moved Traffic Shaping
    fqcodel altq
    1 Posts 1 Posters 508 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      MindlessMavis
      last edited by MindlessMavis

      hi all I have successfully created a working wireguard vpn, a few of them in fact as well as having them all backed by FQ_CODEL and that is working reasonably well.

      The problem I am facing and after having read more into PRIOQ I think that is the solution. I am unfortunately unsure on how to implement it with regard to the wireguard interfaces.

      I have PFSense virtualised and I also make use of an Intel X520-T2 as well as make use of VMWare ESXi + using SR-IOV on the nic, which includes the modifications to make that work in PFSense out the box (i remember adding some bootloader flag to make this possible)

      The end result being I have my WAN and LAN using SR-IOV and enabled.
      alt text

      This uses the ixv driver and can be confirmed if we use

      pciconf -lv

      ixv0@pci0:4:0:0:        class=0x020000 rev=0x01 hdr=0x00 vendor=0x8086 device=0x10ed subvendor=0x8086 subdevice=0xa03c
    vendor     = 'Intel Corporation'
    device     = '82599 Ethernet Controller Virtual Function'
    class      = network
    subclass   = ethernet
ixv1@pci0:11:0:0:       class=0x020000 rev=0x01 hdr=0x00 vendor=0x8086 device=0x10ed subvendor=0x8086 subdevice=0xa03c
    vendor     = 'Intel Corporation'
    device     = '82599 Ethernet Controller Virtual Function'
    class      = network
    subclass   = ethernet

      Now that the hardware and such is out of the way, should I bother listing how I did FQ_CODEL? its just the same as everybody else with the floating rules on outbound gateway matching.

      The problem is that with the shapers, im unable to attach them to the LAN or WAN or any of the wireguard interfaces and I don't know why. Or well I have an idea but it seems anything I do then breaks them.

      For some reason anything with a static ip already assigned to it (my LAN has this, as well as the wireguard interfaces) result in the shaper wizard being unable to be created for them and none are listed in those menus.

      Any ideas how I can accomplish this or what is best practice on how to do it?

      Removing the DHCP server from the LAN and removing the IP basically made pfsense inaccessible and I had to restore from a previous config to gain back access.

      Edit: oh I would like to point out my use case scenario, I have a few high traffic utilising devices / apps which have no real need for low latency and would be best suited for the lowest priority possible. It is desired that literally anything should be placed above those high bandwidth usage clients. FQ_CODEL does not do a good job of this, and PRIOQ would be a much welcomed addition, if I could get some assistance on how to accomplish it.

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.