ACK Queue Creation for Traffic Shaping Neophyte?
-
Greetings all,
So, I have a 10Gb/s WAN and LAN link on my firewall, and I suspect that my incoming traffic is great enough to be crowding out outgoing ACK packets, causing my TCP streams to tear down and reset constantly, resulting in lower max bandwidth.
So my question is, very simply: What is the easiest way to reserve 10% of my bandwidth for ACK packets going in any direction on any interface, for any type of traffic? I looked at the traffic shaper wizards and such, but got drowned out by all the options. Can't seem to find much documentation on the topic (lots of discussion, but no how to's).
Is there just a quick way to do this? Or point me to a how-to or other forum thread describing it?
Thanks a million for any insight!
-
Find qAck on all interfaces.
In each qAck, set the realtime m2 paremeter to 10%.
Bandwidth and linkshare m2 should also be set to a minimum of 10% as well.
-
Thanks, but I'm more challenged than that. ;)
How do I set up basic traffic shaping to begin with? Use a wizard and select none of the options? Some other way? Where do I click to "find qAck on all the interfaces"?
Thanks!
-
Also, just poking around, is there a specific scheduler type I should be using for qAck queuing?
Sorry, I'm very new to all this…
-
Are you really shaping anything aside from prioritising Ack packets?
What kind of considerations and shaping policy are you looking to implement?
And mostly importantly, what kind of setup is this? One WAN and one LAN only?
-
You got it - all I'm wanting to shape is ACK packets. I have this problem where I think I'm being artificially limited on inbound bandwidth, and I'm suspecting it may be because the inbound traffic gets to be enough to crowd out outbound ACKs, which resets my TCP streams. That's my theory at least. ;) So I thought I'd try traffic shaping by giving ACKs priority. Which I hear is good practice anyway.
I've got one WAN and one LAN. Both interfaces are 10Gb/s. Symmetric up and downstream links. I want to initially 'reserve' like 1Gb/s for ACKs (which is 10%), and it that's too much, bring it down to 750Mb/s, and keep going until I find the sweet spot.
Of course, maybe my problem lies elsewhere and this won't help at all. But I won't know until I try!
-
You can manually add the queues yourself.
Go to traffic shaper -> Wizard -> Single-LAN, Multi-WAN.
Key in '1' for number of WAN connections.
Select HFSC for both LAN and WAN. Choose 10Gbit/s for bandwidth.
Don't select anything in the wizard, just click next all the way.
When you're done, you should have:
WAN: qACK, qDefault
LAN: qLink, qInternet, qACK, qDefaultNow select LAN. Delete all the queues. Then add qACK and qDefault.
For qACK, set the bandwidth to 10%, Priority 7, Realtime M2 10%.
For qDefault, set Default, ECN, Bandwidth to 1%, Priority 3, Realtime M2 1%.Go to queues tab, clone both qACK and qDefault onto WAN.
Now go to Firewall Rules,
under LAN tab, you will see a "Default allow LAN to any rule".
Click edit ('e' button), scroll down till you find the section that says Ackqueue/ Queue. Click the 'Advanced' button. Then select 'qAck' in the left box and 'qDefault' in the right side box.Go to the Floating Rules tab now,
Click the '+' button to add a new rule.For Action, select 'Queue'.
Check the box under 'Quick' section.
Under Interface, highlight 'WAN'.
Direction set to 'In'.
Protocol as 'Any'.
Source as ANY.
Destination as 'Lan Subnet'.
Set Description as: "CatchAll Inbound".
Set Ackqueue/ Queue as qACK/ qDefault.That should be all you need to do.