Traffic Shaping on pfsense / sluggish interface
-
Hello,
i've been hitting my head against the wall here, but every time i configure pfsense traffic shaping (either through a wizard or manually) i get sluggish web UI through pfsense itself…
as soon as i remove the shaper, the interface gets back as speedy as before...
should i configure something differently?
-
You are probably limiting the bandwidth between your PC and the pfSense box.
Can you post more details (IP addresses & subnet mask of your PC & LAN, what traffic shaping queues you actually created, …)?
Screenshots will help. -
Hello, and thanks for the answer…
everything is on the same LAN, 192.168.69.x, with a subnet mask of 255.255.255.0 (afaik) with a single WAN, and nothing special configuration wise is in place yet (just pfBlocker and OpenVPN Server enabled and works ok).
packages installed: OpenVM Tools, Cron, pfBlocker
also a small tweak to access the modem behind the firewall (modem ip on 192.168.68.x network) as per http://doc.pfsense.org/index.php/Accessing_modem_from_inside_firewall.
screenshots of the shaper: http://imgur.com/a/LjRIp - followed http://forum.pfsense.org/index.php/topic,61320.0.html as a starter...
browsing pfSense becomes laggy as soon as i accept the changes (and shaping starts) without even making queue rules.
edit: better screenshots...
-
anyone have any ideas?
i always end up removing the shaper cause it doesnt do much but slow the UI down….
i've also noticed that even though i explicitly force traffic to the "qLow" queue, it always populate the default queue...maybe the problems relate to each other?
are there any chances these problems exist because pfsense is a vm in a vmware server (esxi)??.. there are dedicated NICs for pfsense though...
-
Apologies for the delay in replying.
Looking at your traffic shaper screenshot, I believe that you should create another queue "qLink" on your LAN interface, on the same level as the qInternet queue and specify the bandwidth as (1Gbps - 2900Kbps = 997.1 Mbps approx).
Then you make all access to the pfSense box use that queue.
-
thanks for the tip!
i'll try that and get back with my results, but do you think i should include all lan traffic to this qLink queue, or is it not needed?
thanks again!
-
Did you use the wizard to configure the traffic shaper?
If yes, you can check on the "Floating" tab whether the wizard has created any rule for the queues it has created.If there is no rule, then, to be honest, I have no idea why accessing the pfSense box is sluggish when traffic shaping is enabled without any rule making use of it.
Only LAN traffic should be included in the qLink queue, ie, any traffic going to Internet should go into the qInternet queue.
NB: Your default queue is under qInternet, so any traffic not matched by any specific rule, will go into the qDefault rule under qInternet and therefore be limited to a maximum of 2.9 Mbps.
-
i used both the wizard and a manual configuration and both result to sluggish interface (although apparently one faster than the other - thinking about it now the difference in speed reflects the speed differences between the default queues at each example).
and yes, wizard creates floating rules reflecting my selections but i dont see any rule regarding the LAN traffic. just noticed there's just "qInternet" in the LAN portion of the shaper, and no "qLink". this example defaults to qP2P but i've had examples to default other queues reflecting my choices in the wizard…
lets just say that neither the wizard nor the (previous) manual configuration creates a "qLink", but i can add it afterwards.
what is the floating rule gonna be like to throw LAN traffic in the "qLink" queue?