Fundamental downstream shaping problem with multi-wan
-
It kind of surprises me that this hasn't been brought up before, but isn't downstream traffic shaping (in it's current implementation) basically useless in multi-wan scenarios? The downstream shaper is created as an upstream queue on your LAN interface, but you'll very rarely hit that shaping limit. You can saturate one or more downstream queues on your WAN interfaces, but unless all WAN interfaces are fully saturated in the downstream direction, the shaping on the LAN's upstream channel never has the opportunity to kick in.
Surely the mighty BSD has a work-around for this?
-
Give a shot at limiters to limit specific congested traffic and use the queues for prioritizing protocols/patterns of protocol.
-
Limiters appear, at least in the GUI, as applying dynamic queues to multiple source or destination IP's. They don't appear to be able to define a limit on an interface as a whole, unless I'm missing something?
-
Just choose a mask of none and it will apply that limit to all the traffic passing though it.
-
It kind of surprises me that this hasn't been brought up before, but isn't downstream traffic shaping (in it's current implementation) basically useless in multi-wan scenarios? The downstream shaper is created as an upstream queue on your LAN interface, but you'll very rarely hit that shaping limit. You can saturate one or more downstream queues on your WAN interfaces, but unless all WAN interfaces are fully saturated in the downstream direction, the shaping on the LAN's upstream channel never has the opportunity to kick in.
Indeed. The shaper needs to know the bandwidth of each downlink, individually. As every shaping decision is based on these, without these it cannot work.
Surely the mighty BSD has a work-around for this?
A single LAN - single WAN pfsense box for every link would help. I don't know if it can be considered a work-around.
-
@ermal:
Just choose a mask of none and it will apply that limit to all the traffic passing though it.
How, then, do I apply that queue to an interface…specifically the downstream channel?
-
I have another question about multi-WAN together with shaping. We have two asymmetrical WAN links with different up/down bandwidths. The providers use inbound policing on the traffic, so I would like to shape outbound on each WAN link to the respective upstream bandwidth, so we won't hit the policers of the carriers. Now, in my understanding of the pfsense shaper, traffic has to be assigned to limiters via the rule base. However, rule base as far as I know only looks at inbound traffic (i.e. decide whether to permit traffic XY to enter via that specific interface). In our case, the traffic to shape comes in via LAN, however at that point, I don't know yet which outbound gateway the traffic will be routed to, so where would i create an outbound rule per WAN link that selects the proper limiter?