Shaper wizard in 2.0 RC3



  • I had been using an old version of pfsense 2.0.  All I wanted was to shape voip traffic from one host.  I was using PRIQ with the host in question as the voip host.  Worked fine.  I just tried installing 2.0RC3 and re-ran the shaper wizard.  I now have 3 queues: default, ack and voip.  Nothing ever seems to go to any queue but the default queue (not even the ack queue - this is based on the status => queues output - is that maybe bogus?)



  • Okay, I saw a post in the 2.0 board that this stuff is up in the air until release, so I guess I need to just sit tight…  On the other hand, I have a very simple config: all traffic outbound from 10.0.0.7 should go to qVOIP, using PRIQ discipline.  Nothing fancy.  Using the current shaper, nothing works at all -no traffic ever shows in either that queue or qDEFAULT.  I assume this is a known issue?  I did read item #749 in active issues, but it didn't look relevant to my problem?



  • bump  Hard to believe no-one else sees this?  It's very odd, since I have an incredibly simple config, yet nothing ends up in anything but the default queue :(



  • I too am having a difficult time with shaping VOIP from a specific host.  I have narrowed down the problem to a very simple issue which i just posted in the 2.0 issues forum, hopefully someone will answer.  The issue is when trying to send UDP traffic from the LAN network to a specific queue on the WAN interface, the rule matches the packets according to the logs but the traffic doesn't go to the specified queue!  Works perfectly with TCP.  I personally think that all the floating rules with their multiple interface and directions has sort of hidden a fundamental issue that simple UDP packets originating in the LAN, don't go to the WAN queue that you send them to!  Forget trying to specify a particular host, none of them go there!

    Using floating rules that the wizard sets up, which don't make much sense to me, you can get UDP traffic to go to a queue in both directions, but it seems to require a LAN outgoing rule to get the incoming UDP traffic to go to the proper LAN queue! And a floating rule to get the outgoing traffic into the WAN queue… it seems all backwards and it doesn't work if you need to specify a particular host IP.

    http://forum.pfsense.org/index.php/topic,38473.0.html



  • Hmmm, that's interesting.  Hopefully this will be fixed at some point :(



  • if u guys having issues with sending UDP traffic to the correct wan queue then that seems to work fine, only issue with the same on lan side

    to make it go to the proper queue i use this

    	 <rule><id><type>pass</type>
    		 <tag><tagged><direction>out</direction>
    		<quick>yes</quick>
    		<floating>yes</floating>
    		 <max><max-src-nodes><max-src-conn><max-src-states><statetimeout><statetype>keep state</statetype>
    		 <os><protocol>udp</protocol>
    		<source>
    			 <any><destination><address>mysip</address></destination> 
    
    		<defaultqueue>qVoIP</defaultqueue></any></os></statetimeout></max-src-states></max-src-conn></max-src-nodes></max></tagged></tag></id></rule> 
    

    a rule on floating tab with source as any and destination as voip server ip, protocol udp, apply action immediately ticked, direction out and under queues specify the wan queue and none udner ack queue as udp packets dont use acks



  • This seems to be fixed in latest snapshots, now you can just make a simple rule for the LAN interface directing traffic from a specific host IP to a particular queue.  The return traffic from the WAN to LAN will go to the queue with the same name because the queue is tied to the firewall state.

    I was so baffled when it didn't work this way, didn't know if it was a bug or if I wasn't understanding it properly!

    Now i can happily ignore the floating tab!!!

    Now using snapshot "(i386) built on Fri Jul 8 19:24:31 EDT 2011"



  • @danswartz:

    Okay, I saw a post in the 2.0 board that this stuff is up in the air until release, so I guess I need to just sit tight…  On the other hand, I have a very simple config: all traffic outbound from 10.0.0.7 should go to qVOIP, using PRIQ discipline.  Nothing fancy.  Using the current shaper, nothing works at all -no traffic ever shows in either that queue or qDEFAULT.  I assume this is a known issue?  I did read item #749 in active issues, but it didn't look relevant to my problem?

    danswartz - You will have to do 2x things to start. Make sure you traffic shaping is using PRIQ. At the Top Queues WAN/LAN you set the type for all children queues so change it to the one you want.
    2nd thing do not worry about shaping as a VOIP, shape as a Host. Go to firewall and create a blank rule saying data to and from this host and at the bottom of the fire wall rule you have an option to choose the in and Out Queue. Source will be your host, destination will be any "*".

    result is all data from your 10.0.0.7 will be shaped on a host basis regardless of the protocol/ports
    also in your rule change TCP to "any" it's way down on the List.



  • That's what I have always done, but at some point that became broken.  Are you saying it works now?



  • Used to be some kind of problem with the traffic shaper and UDP traffic as far as I could tell.  Seems to be all fixed now.  You can use HFSC shaping and you can also make rules based on host or port or protocol, seems to all work fine.  Since about snapshot 8 Jul 2011



  • ah cool, i am running an older snap.  will try later, thanks!



  • Okay, I think I'm cool now.  Updated to snap from August 12th.  I do think it's kinda weird that the floating rule the wizard created didn't seem to work - I had to delete it, and create one for the LAN for the voip host, then edit the existing rule for the RTP ports on the WAN to add qVoip.  Oh well…


Locked