Traffic Shaping w/ Voip w/ slow internet connection

  • Hey,
    I know that many have asked this in the past but I simply can't get it to work over a slow internet connection. I am paying for a DSL through Verizon, 1 Mbps / 384 kbps and using VoIP. I enabled traffic shaping on the IP address of my VoIP server (asterisk) through the wizard. I also searched around these forums and other forums on how to get the traffic shaping to work accordingly, but I have not found anyone with the same low speeds as me. In short, browsing regular websites does not affect my call quality, however downloading and visiting youtube and other high quality websites will destroy my phone call, making it impossible to understand what the caller is saying. I don't think the other side of the phone have problems hearing me.
    What I did so far is attempted several things. First, tried setting a fixed amount of bandwidth (220Kb) for the two voip queues. I realize that real time sets a fixed amount of bandwidth whether or not the packets are being transmitted. That did not work. I tried telling pfsense that my internet connection only gets 768/384. No success on that either. I also tried link share. No success either. If someone can point me to the right direction it would really be appreciated. I just started digging into the ins and outs of pfsense only recently so I have a fair idea on how things work. I would also prefer to use link share so that when I am not on the phone, stuff that I am downloading and regular web browsing will not be slowed down.

    Thanks in advance

  • If your asterisk server in "local" (as in on your lan), you need to specify it in your shaper using the wizard. What version of pfsense are you using?

    Also, if your asterisk server uses different media ports than the normal range, you'll need to re-specify that by modifying the wizard.

    Depending on your ITSP and where your asterisk is located (lan or wan), you might need to make sure you specify the bandwidth you need for it. I typically "overstate' the amount of bandwidth needed for the wizrd with voice, but thats me.

  • My asterisk server is on LAN
    I already tried overstating the amount of bandwidth required with no success. Right now I have the traffic shaper using the default settings from the wizard and instead of specifying a range of ports, I specified the entire IP address of my asterisk box.

  • There is very little you can do to affect the inbound traffic, unfortunately.  The symptom you are describing (they hear you fine but not the other way) confirms this.  Your inbound is just too small.  I am surprised you say it is 1000/384, their low-end dsl is usually 1500/384.  It sucks.  Maybe you can change the max BW in the default case to much smaller, but that cripples your downloads even when not making calls.  Is there any chance of getting a faster connection?

  • I got a great deal, $19.99/month for 1000/384 w/ a one year contract. I am thinking of upgrading to the 3.0/768 for about $40 a month but I can only do that when I am making more money.

    Thanks anyways

  • Because there isn't much you can do to influence your inbound, you have 2 choices.  1.) rate limit all of your inbound non-VoIP traffic all the time, making sure to leave plenty of bandwidth for VoIp to go through undelayed.  This results in a lot of wasted bandwidth but guarantees voice quality.  The other option is to figure out how to enable rate limiting while you're on a VoIP call, and disable the limiting while you're not on a call.  I took the 2nd road and added snort & some scripting to my pfSense install and have an acceptable solution.

    I'm in a similar boat as you.  1.5mb down / 900k up.  This has been working for me rock solid for a year and a half now.

    I wish there was a way to achieve similar functionality without resorting to snort & scripting.

  • I'm having a similar issue, but I have a T-1 so 1.54mb symmetrical.  Whenever there is a big download filling the pipe, the inbound voice chops.

    When I set the inbound traffic to 1450kb (tested all the way down to 1000kb), I got VERY bad results.  Audio was VERY choppy inbound, and ping latency to the internal interface of the firewall would jump from 1ms to 700ms.

    I was told you can't effectively rate limit the inbound traffic, so I set the inbound bandwidth to 5,000 kb.  The outbound is set to 1450kb.  It sounds much better, but I still have chops when a big download is initiated.

    Does anyone have a suggestion on how to improve VOIP quality?

    I run the same setup in my office on a cable modem (20mb/3mb) and it works GREAT with traffic shaping.  I just can't seem to duplicate it on the T-1 speeds.  Thanks.

  • Unfortunately, it sounds like the inbound tcp traffic is swamping the inbound UDP (voice) traffic.  Not much you can do unless you gimp the inbound to like 1mb or so, which kinda kills the point of having a full T1.  If you have a T1, is there any chance you can get the ISP to do some shaping for you?  Doesn't need to be sophisticated, even as simple as "prioritize all UDP traffic ahead of TCP traffic"?

  • @danswartz:

    Unfortunately, it sounds like the inbound tcp traffic is swamping the inbound UDP (voice) traffic.  Not much you can do unless you gimp the inbound to like 1mb or so…

    The client would prefer good audio over a faster internet connection.  The problem is it seems that I can only shape outbound, NOT inbound.  I have set qwanRoot to 1300, (which seems to be right around actual speeds tested with the shaper turned off).  qlanRoot is set to 5000 kb, which is much more than our outbound speed, which is probably 1300 as well.  But I've done this so as to not try to shape outbound traffic.

    When I set them both to 1300 I get horrible audio and high latency when pinging the firewalls internal interface on download speed.

    I figured this would be a common problem with a simple fix, but so far have not seen one.

    What can I do, if I want to sacrifice speed for good quality audio?

  • sorry i wasn't clear.  you don't want to gimp the download for all traffic (which is what qwanroot will do), but only for inbound TCP traffic.

  • @danswartz:

    sorry i wasn't clear.  you don't want to gimp the download for all traffic (which is what qwanroot will do), but only for inbound TCP traffic.

    DanSwartz:  I'm sorry, I'm still confused.  What are you saying I should set qwanRoot and qlanRoot to?  My actual real world tested speeds are 1340/1340.

    Whenever I have set them to actual speeds, I get choppy audio while running a download test.  Upload seems to work much better.

  • this makes sense - since you have complete control over the upload, you can prioritize VOIP ahead of other (mostly TCP) stuff.  I don't have a config here to test on (I may take a look at my VM testbed at work), but my idea: when you go through the traffic shaper wizard, I seem to recall there is a choice for "penalty box" or somesuch?  If so, maybe you could make that all inbound hosts, and (important here) protocol TCP.  Then, once it is set up, edit the queue and change the percentage to something like 80% to keep inbound TCP from getting to use all of it.  Question though: how is your T1 delivered?  Is it at all possible to get the ISP to help you?  I have worked with cisco gear a lot in a past life, so I could help there…

  • It turns out my audio quality problems might not be traffic shaper related at all.  Not sure, but found bad checksums using a packet capture today.

    Here is my new post regarding the new find:,21380.0.html

Log in to reply