Traffic shaping makes everything worse

  • I installed the latest pfSense version on an old box today (1.2-beta1, pentium 2 350 mhz, 256 ram) and made a wireless AP from it. I have an atheros wifi adapter, thats LAN and the ethernet adapter (pppoe ADSL) is WAN. Everything works beautifully except for the traffic shaping.

    After i installed the software and did the necessary configuration, i decided to also set up shaping. I simply ran the wizard, chose some of the options (entered about 85% of my theoretical bandwidth, prioritised gaming-wow, deprioritised all P2P, prioritised HTTP, IRC and ICMP) and hoped i would get nice results. I started up Azureus with a bunch of uploads and downloads to test stuff, it soon started taking up about 70-80% of my bandwidth. About then i noticed everything is acting strangely. IRC was lagging terribly, i tried pinging my ISP and it took a couple (4-6) of seconds (remember, both IRC and ICMP are prioritised), so i guessed something is wrong with the shaping. I turned it off and everything went back to normal, it became much smoother. I tried further tinkering with the settings (read some FAQs, increased ACK bandwidth, etc), but nothing really helped. I got the best results by far when traffic shaping was off.

    Did i miss something? Is the hardware too weak? Does wireless LAN has something to do with it?

  • See the traffic shaping tips and tricks thread and please tune your shaper by watching the queue status screen and following the instructions in that thread.  It has been stickied for your convenience.

  • Um, yeah, i did that. I increased my ACK bandwidth considerably and from what i can see on the status screen it is going through nicely. Also some packets are being dropped in the P2P area, like the thread says they should. Doesnt help much though.

    EDIT: Found
    Used these settings (exactly the same for 512/256) and it doesnt do anything. I have ICMP prioritised, when i ping my ISP with p2p off, the pings are about 20ms, after letting torrents rip, it goes up to 2000-5000.

  • Huh, i think i found the reason! I googled a bit and talked to friends who know more about networking and everyone told me my symptoms are typical for situations where upload/download isn't limited correctly. More data that the modem can handle is sent through and it waits in the modem's buffer, causing high latencies. Of course I immediately doublechecked my qwanRoot and qlanRoot settings, but they were set correctly. I have a 1Mbit/256Kbit PPPoE connection and i set them to 850/200 to make sure this isn't whats causing the problems. I was shocked when i opened up Status -> Traffic Graph. My outgoing speed was constantly above 200 Kbps with spikes going over 300 (although i have the limit set to 200).

    Is this a bug of some sort? Why is my traffic ignoring the filters? Did i miss something?

  • Heh, I discovered another thing. The graph shows speeds over my theoretical connection abilities even with the shaper turned off, so i decided to disregard it. After tinkering with settings to solve my problem, i found out that uPNP may be causing it. I can reproduce this bug most of the time - if i enable uPnP and start azureus with lots of downloads/uploads, i get the described high pings. If i do it the oldfashioned way and set the port forwarding by hand, it seems to work like it is supposed to (pings to isp well below 100, although azureus is dling/uling alot). Perhaps im missing something, but i think i found a solution to my problem. Is there a possibility that for some reason traffic through ports assigned by uPnP bypasses the traffic shaper?

  • Yes, UPNP will cause this.  Unfortunately we are not setting queues from UPNP as of yet.  We hope to address this at some point in the future with L7 classification.

  • Ok, great, thanks for clarification ;D. Im sorry if i somehow missed this while i was reading the documentation, hopefully it will help someone with similar problems in the future.

  • I get the same isue. From time to time my connection get's awfull, a lot of drops and 1000-3000 ms ping times. If I disable traffic shaping everything goes normaly. I see that you mentioned here uPNP but where can I find it and disable it  ;D ?

  • @sullrich:

    Yes, UPNP will cause this.  Unfortunately we are not setting queues from UPNP as of yet.  We hope to address this at some point in the future with L7 classification.

    This is news to me. This seems like a trivial and small adjustment. Why do we have to wait until Layer7 classification is implemented?

  • Because there is no way to categorize the traffic type from UPNP that I know of.  Ryan might be able to elaborate further.

  • Traffic from upnp is not sent to the shaper even when the ip address to which the upnp is pointing has a rule/queue associated with it.  I use pfsense miniupnpd.  I have one address on my network in the "penalty box" and when i enable upnp on utorrent for that address, it will go above my upperlimit.  When i turn off upnp on utorrent and use manual port forwarding the traffic is properly shaped.

    This may explain why i was having issues with traffic shaping, multiple Xbox 360s and upnp…  if the upnp traffic is not subject to the traffic shaper then all the rules and queues in the world won't prioritize my Xbox 360 gaming traffic over my other traffic!  This is good to know.

Log in to reply