Trafic shaper rules not working as expected

  • Hi,
    I have managed to set up some traffic shaping queues with out to many problems.
    As part of my experimenting I have configured a floating rule to send all out bound WAN traffic through a queue name ‘qWanGeneral’ that is not the WAN default queue.

    After doing this I viewed Status->Queues and expected to see no traffic passing through the WAN default queue as the floating rule should direct it through ‘qWanGeneral’. Although there were packets passing through the ‘qWanGeneral’ queue there are also packets still passing through the default queue.

    I have double checked the floating rule to ensure that it covers any protocol (ie all traffic) and currently it is the only floating rule configured. As the firewall is statefull I also cleared the state table thinking that existing state entries may still be diverted through the default queue.

    Can anyone shed any light on what might be going on here ??? I have even gone as far as to look at the raw firewall rules form the command prompt using pfctl and everything looks as expected. Any help would be appreciated.

  • I may have answered my own question!
    The flow of data sent through the default queue is minimal, in my case about 1packet/sec or 520 bytes/sec.
    Given that I am using pfSense to handle the PPPOE connection for my ADSL, I am wondering if this could be the ICMP packets required to maintain the PPPOE link.

    If this is the case the ICMP data must be injected into the network flow after the firewall packet inspection but before being queued to leave the wan adapter.

    Can anyone confirm that this is the case and/or know of a network flow diagram for pfSense that may be able to confirm this?
    Also, is there a way to log the packets through a specific queue to show what exactly is being sent?