Traffic Shaping..Does it really work?



  • I have heard from various sources that it doesn't work for both inbound and outbound packets. Is this true?  I have an openvpn site to site configuration with a terminal server at the HQ and only a 1.5Mb connection. I am worried about people streaming music and downloading files while at HQ that would choke the connection coming from the remote site to my terminal server.

    Is it possible for me to nearly guarantee some up and some down traffic so that my terminal server port 3389 traffic does not get choked out, by using pfsense traffic shaping?



  • 1.x works normally.

    The shaper in 2.0 works, but only for one direction of traffic. And it stops working if firewall config or network config changes.

    When it stops working, disable all UDP-based VPN devices, restart pfsense completely and re-enable the devices.



  • It seems to work both ways for me.

    I'm using an old Thinkpad with PIII 1.13ghz and I have traffic shaping setup on the uplink to prioritize RDP on 3389 (+4000), Counter strike, SMTP, IMAP, and ACKs.

    I recently setup the downlink side so far with only 2 queues: default and NNTP. NNTP is set to a lower priority and so far it's been shaping it accordingly (though I'm still looking to tweak it).

    So far the setup has been running very nicely! RDP has stayed pretty responsive so far and NNTP is getting prioritized lower than regular traffic. The internet hasn't been lagged out from pushing too much speed on the uplink either.

    I'm still wondering on what tweaks that can be done to prioritize NNTP lower than other traffic when other traffic is happening (like Netflix) but yet still have NNTP max out the connect when it isn't in use. Was wondering if the priority level set has any affect on that etc.

    Just remember if you want to manage downlink traffic, you do it on the "LAN" side of the traffic shaper.



  • @zephxiii:

    I'm still wondering on what tweaks that can be done to prioritize NNTP lower than other traffic when other traffic is happening (like Netflix) but yet still have NNTP max out the connect when it isn't in use. Was wondering if the priority level set has any affect on that etc.

    If you're using HSFC, put NNTP ino qOthersLow and HTTP in qOtherDefault should do it.

    Priority is almost irrelevant for HFSC. Try playing with bandwidth instead. The bandwidth setting depends on what traffics go there. Normally qOthersDefault should be reserved primarily for Web and qOthersLow for NNTP, mails and other bulk downloads. Then the suitable bandwidth for qOthersLow and qOthersDefault would be around 10% and 20% respectively.


Locked