Multi-wan shaping with link failure on 2.0 RC3
-
Hey everyone,
I've been looking at the multi-wan shaper in 2.0 RC3, and I see that when you create a multi-wan single-lan shaper, it looks like this:
WAN - 1.5Mbit
–-- qACK
---- qDefault
---- qVoIPOPT1 - 256Kbit
-- qInternet 256Kbit
---- qACK
---- qDefault
---- qVoIPLAN
-- qLink
-- qInternet 1.756Mbit
---- qACK
---- qVoIPNow this is all well and good when both links are active and working, however if one link goes down, the traffic will no longer be shaped correctly because the qInternet queue on the LAN interface has too much bandwidth.
What I think it should look like is below.
Notice that the traffic from each wan interface has it's own queue on the LAN interface. I've tried to set this up manually, but the problem is matching packets on the wan interfaces to put the traffic in the appropriate queue on the LAN interface. I can't "match in" on the wan interfaces because that will only match new connections, not established ones.So the question is, is it possible to come up with rules that will match the traffic on the specific wan interfaces so that the traffic will be put into the correct queue on the LAN interface? This way if a link is down, the traffic on the remaining link will be shaped correctly.
WAN
-- qInternet 1.5Mbit
---- qAck
---- qDefault
---- qVoIPOPT1
-- qInternet 256Kbit
---- qAck
---- qDefault
---- qVoIPLAN
-- qInternetWan 1.5Mbit
---- qAckWan
---- qDefaultWan
---- qVoIPWan
-- qInternetOpt1 256Kbit
---- qAckOpt1
---- qDefaultOpt1
---- qVoIPOpt1Thanks!
-
I think thats a great point, however, if your max bandwidth is temporarily higher than your total due to link failure what happens is that your ISP limitation becomes the shaping, more so than your queues.
I have a much more elaborate set of queues - balancing a range of user/types and servers. Because i have max speed limits on most of the queues at 40-60% then its not so bad if I have link failure (i have 2 SDSL gateway group).
One queue limit for a downloader/leech type box is at 40% because it will only download via one of the SDSL anyway and so at most 50% of the total loadbalanced limit is the highest speed it can attain on FTP downlods from one single IP.All my settings are in % - so if I was stuck on one SDSL due to failure - I could temporarily update my LAN default queue to the speeds of a single SDSL rather than the sum bandwidth of both. I am interested to see what other people say about your proposed structure with 2 interfaces in the LAN. I mean it would have to be able to linkshare between them both anyway, and if one was inactive then know to disable that linkshare (if you were using HFSC mode). I am a newb on this forum but keen to help anyway.
-
Thanks for the input!
I agree that the shaper wizard in 2.0 should put as much as possible in terms of % of bandwidth.
And actually after reading the forums some more, it appears as though we would have to add the qLink queue to the LAN side so that internal traffic could go from lan to vlan or vice-versa without being shaped.
I've tried messing around with pf and it appears the challenge in getting this scheme to work is to be able to match a packet coming in on an interface, regardless if it is an established connection or not. Right now it appears that PF will only match a new connection on an interface. Maybe the pfsense folks would have some influence over the pf developers to get this feature added?
WAN
– qInternet 1.5Mbit
---- qAck
---- qDefault
---- qVoIPOPT1
-- qInternet 256Kbit
---- qAck
---- qDefault
---- qVoIPLAN
-- qLink
-- qInternetWan 1.5Mbit
---- qAckWan
---- qDefaultWan
---- qVoIPWan
-- qInternetOpt1 256Kbit
---- qAckOpt1
---- qDefaultOpt1
---- qVoIPOpt1