Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Previously unattempted shaping rules forcing routing change and disconnect

    Scheduled Pinned Locked Moved 2.0-RC Snapshot Feedback and Problems - RETIRED
    1 Posts 1 Posters 911 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • L
      LoopyJuice
      last edited by

      Ok so in an attempt to shape a 2mbit/0.5mbit home internet connection into a state of usefulness I set the default queue up with a service curve to allow 80% of max BW for the first 10 seconds and then throttle to 45% (this sorts BBC iPlayer which likes to spike from 0% to 100% bandwidth instead of steaming steadily) and a low priority queue for bulk transfers from particular sources (an external server pushing rsync over ssh) and a gaming and high prio queue. These were all setup as HCFS using the wizard and seem to work brilliantly.

      That is until I try to do any shaping involving transfers on connections initiated from my machines.

      First I tried setting up a rule to dump SFTP traffic into the low prio queue (avoiding the 45% cap on the default queue but still being low prio) but couldn't seem to catch it in anything except the default queue because the source is port 22 not the destination. After a few more rule changes and state resets I got it in the correct queue but if i start a transfer and continue about my business browsing etc every few minutes (4-10) everything drops and I get this in the log:

      May 17 23:19:52 php: : Resyncing OpenVPN instances for interface WAN.
      May 17 23:19:47 apinger: Starting Alarm Pinger, apinger(24076)
      May 17 23:19:47 check_reload_status: reloading filter
      May 17 23:19:46 apinger: Exiting on signal 15.
      May 17 23:19:46 php: : ROUTING: change default route to 188.39.0.18
      May 17 23:19:40 check_reload_status: Rewriting resolv.conf

      I did have an openvpn client connection setup as a 2nd gateway on OPT1 but I have since removed the gateway, OPT1 and the OVPN connection and I'm still getting this (I don't really know what its doing but seeing openvpn in the log i thought i'd remove it as a first port of call)

      It is the bottom most rule in the FW config that causes this behaviour (although i'm assuming its not much to do with the rule but what i'm attempting to do..)

      The only real difference between what I want to do and what already works (the rule above it) is that im slurping data from the SFTP client instead of it being pushed over SSH from another source one works and the former spews out those logs and disconnects everything for 30 seconds or so

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.