Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Traffic Shaper (success story)

    Scheduled Pinned Locked Moved
    2.0-RC Snapshot Feedback and Problems - RETIRED
    3
    5
    2.7k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      MageMinds
      last edited by

      Hi,

      Yesterday morning I've decided to give a try to v2.0-BETA4 and last night I was able to have a working Traffic Shaper config that works as intended…

      I had problem understanding how it all works, but once you get it, it's easier that before... The only thing that I'm still not absolutely sure is how the Floating Rules works... I had trouble making traffic from my Asterisk server to go to the right queue, then I deleted the rule in the floating part and I've put it in the LAN, there where already one rule in WAN, since I need to register phone on the WAN side. It seem that when you have a NAT/WAN rule the floating rule is not applied.

      Before I deleted the floating rule calls where sent to the default queue, then someone made a call from a phone on the outside and the traffic got sent to the right queue, that got me thinking and I've tried my solution and it's working now.

      My Internet does seem a lot more responsive than with my old v1.2.2 config (with QoS too)

      Anyways, I'm looking forward for a good WiKi on how the Traffic Shaper is working and how every settings in the Floating Rules is working, with good example, not just technical information. Example help us figure out real world situation.

      I've used the "multi-wan single lan" wizard and then I removed everything that I don't care about and setup my VoIP properly and now I'm a happy 2.0 user!

      Hardware: Soekris Net5501-70 with VPN Accelerator
      Connection: Cable 12mbits/1mbits

      1 Reply Last reply Reply Quote 0
      • H
        hawkin
        last edited by

        I also managed to set up the traffic shaper in 2.0 after some issues (i believe were bugs in earlier releases).
        Also got the MultiWAN setup to work after trying abit (not to easy to understand the way to set up), and quite happy with it.

        Hope there will be some good wiki on HOWTO setup MultiWAN and Traffic Shaper later on. It would be highly beneficial.

        1 Reply Last reply Reply Quote 0
        • M
          MageMinds
          last edited by

          I'm happy how, the traffic into my ipsec vpn from work to home is shaped and it work GREAT!

          I've created an alias for ports 137, 138, 139 and 445 and added this to the floating rules and while having many bittorrent seeds capping my upload capacity, I can manage to download a file from home to work (pfSense is at home) and I get all the bandwidth, leaving almost nothing for p2p. When the SMB transfer stop, then the p2p take back the bandwidth that is now available. I've come from 1.2.2 without the ability to shape traffic into VPN and I had to shape the entire tunnel and even that wasn't working as well as this…

          You guy have done a great job with the Traffic Shaper, despite all the others that complain, I'm really happy. I'm pretty sure a good Wiki is on the way, I would create one if I could, but I barely understand what is working and what's not on my setup... I still don't understand why for my asterisk I had to create the rules into WAN an LAN, why the rules where not working in the floating section? Maybe because I want to shape with the source and destination IP address; of the asterisk server on the lan side.

          Gratefully,

          MageMinds

          1 Reply Last reply Reply Quote 0
          • P
            platinumnj
            last edited by

            Can you post screen shots of your rules please? I would like to copy them and try it on mine. I am in Iraq and want to use the shaper but had no luck getting it working correctly

            1 Reply Last reply Reply Quote 0
            • M
              MageMinds
              last edited by

              Sure!

              Here are my three part rules, Floating, WAN and LAN rules to make it works.

              In the Floating Rules, you can see a lot of what the Wizard did, but I flushed what I didn't care about. Keep in ming that the default queue is qP2P so you don't need a rule to send uncategorized traffic to this queue, but when you do so all the data will be sent to this default queue ACK included. So bulk traffic that you want to get the maximum throughput need a rule to categorize their ACK packets. You will see that the ACK for bulk are not sent to the qACK, because I don't want the ACK of bulk traffic to be sent at the same priority of the ACKs of my HTTP traffic.

              I found that the Floating Rules works for anything that doesn't involve a NAT'ed port to your LAN, if you do have a server you need rules in WAN and LAN too.

              In the floating rules you'll see a rule that prioritize "NetBIOS and SMB" I don't need it in WAN&LAN because I don't have a NAT, it's being used through IPSec VPN.

              In WAN rules you'll see the rules created by my NAT, I gave those rules the queue where I want to traffic to go. And in LAN you'll see the rule I created myself that is a mirror of what you find in WAN and I gave them the same queues as in WAN.

              Oh and I changed the queue configuration, because qP2P was limited to a certain speed, I've unlocked this queue to allow the queue to consume all the bandwidth, but share it entirely to other queue when they need it.

              I'm no where near an expert with this, but this is my working setup, I might have rules that are unnecessary, but I've tested everything and this is working for me and I'm happy…

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.