Hopefully easy QOS/TrafficShaper question for the masters….
Good afternoon all… We have a relatively "standard" setup for remote office deployments but have been running into the occasional issue of voice quality on unstable/variable speed internet circuits. Now, I know there is currently no way for PFSense to adapt QOS to these speed changes, but I'm wondering if there's a way I can fine-tune the policy to help. See, the biggest issue we have is, when the internet ckt is experiencing issues, computers still seem to take priority, as there is some upload available, and the voice seems to be the one that fails (they don't complain the computers are slow).
The best way to explain our setup is that they're on separate networks. The voice/data are VLAN's into separate outputs on the data switch, and thus connect to the firewall on different interfaces. VoIP traffic is destined for an OpenVPN tunnel back to our data center, and the Internet traffic just goes straight to the world.
Essentially, we want to prioritize LAN_VOIP (and the associated OpenVPN traffic it will generate). I don't even care if the firewall identifies the traffic type, because anything on that interface is high-priority and we've essentially already split it out to be just the VoIP phones - and because they're a combo of h.323 and SIP. Essentially making LAN_CustNet the lowest priority. I did (just playing around), create a nice little alias for "VoIP" that covers both SIP and h323, and it seems to track well (I turned on logging and it is identifying that traffic) but when you look at the queues, its not ending up in the VoIP queue, but the LINK queue for LAN_VoIP.
I can't see an easy way to do this - maybe I'm stupid and missing something. I thought what I could do was modify the Floating VoIP rule that was created to basically say TCP or UDP if source = LAN_VoIP, shove it in the VoIP Queue, but its not doing it. I then also gave that a PRI of 7, but since there are entries pre-built in M2's SHARE section by the traffic shaper wizard, that specifically indicates that overrides the PRI set above.
We just went through all the sites and completely VLAN'd out the voice/data so we could prioritize on the switches (which made sense in my mind and removed "broadcast" traffic from the equation), but the issue now seems to be when it hits PFSense. Does anyone have any idea on how to make a relatively simple rule that would prioritize these, based on which LAN interface the traffic is using? I do understand I'd still need to have accurate b/w information, and have to tune it occasionally, but based on what I'm seeing in the queues, I'm not seeing where the VoIP traffic (when using the shaper wizard, then modifying to accomodate h323) is doing the job.