Peculiar shaping with a simple setup
-
Hi all :)
I recently setup my pfSense appliance, which operates perfectly for all the network tasks it's been assigned, except one : traffic shaping ;D
Let's start with the basic setup I've put in place :
-
shaper has been defined trough the wizzard ( 1 WAN | 1 LAN )
-
Scheduler for both LAN and WAN is the PRIQ (the simplest scheduler on
earthpfsense 8) )
Here's a shaper overview :
WAN
qACK 6
qDefault 3 (default)
qP2P 1
qVoIP 7
qGames 5
qOthersHigh 4
qOthersLow 2
LAN
qLink 2 (default)
qACK 6
qP2P 1
qVoIP 7
qGames 5
qOthersHigh 4
qOthersLow 2Crystal clear up to that point, isn't it ? :)
In order to assign the traffic to the queues, I have created two simple rules on the LAN tab for two machines (let's call them high_priority_pc1 and low_priority_pc2) :
Proto Source Port Destination Port Gateway Queue
TCP/UDP low_priority_pc2 * * * * qP2P
TCP high_priority_pc1 * * * * noneVery simple rules, aren't they ? ;D
The way everything has been setup means that :
-> if traffic comes from low_priority_pc2, it's put in the qP2P queue (LAN & WAN)
-> if traffic comes from high_priority_pc1, it goes to the default queues qLink (LAN) & qDefault (WAN)And IT IS the case 8) (a quick look @ status -> queues shows that the assigned queues are populated as per the setup defined).
So … yes .... I feel what you're thinking : "what's the issue then ?" ;D
Here it is :
[ The line on which traffic is being send is an asymetric link (25 Mbits down | 3.5 Mbits up) by the way ]
-> if low_priority_pc2 initiates a download, and no one is using the bandwidth, it gets the max speed available (+/- 25Mbits) [[b] OK ]
-> if high_priority_pc1 initiates a download, while low_priority_pc2 is still downloading, I would expect that it gets the max speed available (because the traffic passes trough higher priority queues), but it DOESN'T :-[ [color=red][ [b]Not OK ]Instead, the traffic rate on high_priority_pc1 fluctuates a lot, with an average of 2.8 Mbit/s, sometimes drops hard to 1.2 Mbit/s, then climbs up to 4.5 Mbit/s, then drops again etc.
On low_priority_pc2, the traffic rate also fluctuates but remains still pretty high for a "low priority" traffic ??? (average 15 Mbit/s)
So, given all of this … is there anything on earth I'm doing wrong on my pfSense appliance which could explain this non-sense behavior ? :'(
Thanks beforehand for your answers !
PS : I have tried different schedulers (CBQ / HFSC). While the setup is a little different, the behavior remains (== prioritization is not being handled as it should).
-
-
It is expected in that the existing connection(s) on PC2 must expire before they are throttled in response to PC1. If you reset the connections, you will see that PC1 will get most of the bandwidth whilst PC2 gets slowed down.
-
Hi dreamslacker :)
Thank you for your answer.
I have made a simple check based on what you wrote, but the behavior is defintely not the one expected :
-> I initiated an HTTP download from high_priority_pc1 : it was using the max speed available (traffic in the default queues) [ [b]OK ]
-> I then launched an HTTP dowload from low_priority_pc2 : the traffic speed on high_priority_pc1 dropped to 1/3 its the original speed :o [ Not OK ]
-
This is driving me mad ….
All the different traffic flows are being sent to the proper queues based on the related rules, that is a fact.
But beyond that, it seems that the queues respective priority is not taken in account :(
-> I added the following rule in order to prioritize ICMP traffic
Proto Source Port Destination Port Gateway Queue
ICMP high_priority_pc1 * * * * qVoIP-> without any traffic on the line, ping requests to external IP is around 40ms.
-> with download traffic originating from low_priority_pc2, average ping requests response time is around 150ms , despite being passed to the highest priority (7) queue.
I'm lost ….