Traffic shaping to avoid high ping



  • Hi everyone,
    I'm still a newbie, but I'm trying to learn all the things pfSense enables me to do, but I'm now stuck on traffic shaping.
    Basically, I have a 6Mbps down 0.5 Mbps up WiMax line, and I have the common bufferbloat symptoms: high ping and unresponsiveness while maxing out the upload. I also get high ping when I saturate the download capacity.

    My first goal would be to avoid such high ping (under load it goes from the usual ~60ms to 1400ms and higher), and then maybe prioritize some traffic over other (i.e. high priority to web surfing and VOIP, low priority to torrents, crashplan uploads, and downloads from a couple sites of which I know the IP/port ranges used).

    I followed the single-lan-multi-wan wizard to get started, and then I customized things a bit, but I still get high ping times.

    Here you can find a screenshot of all my settings https://www.dropbox.com/sh/ue6pmxfvku6hnwq/2AAhTKnnkq
    If something is missing, just let me know.

    Thank you very much,
    Luca



  • I suggest you start all over with no Traffic Shaping Rules and redo the Wizard.

    In the Traffic Shaper,

    1. set your WAN Bandwidth to 512Kbit/s
    2. set your LAN Bandwidth to 100Mbit/s or 1Gbit/s depending on the speed of your LAN interface
    3. set your qInternet Bandwidth to 6Mbit/s
    4. set your qLink Bandwidth to 94Mbit/s or 994Mbit/s depending on the speed of your LAN interface.  (We're just subtracting your download speed from the maximum speed of your LAN interface 100-6 or 1000-6)

    In the Floating Rules,

    1. Create a Match Rule for WAN and LAN, Protocol ICMP.  In the Advanced Features section next to Ackqueue/Queue, enter none/qACK.

    This is all you really need to fix apinger latency so any further Floating rules for Traffic Shaping are your preference.

    You have to remember that TCP rules require qACK to be entered for Ackqueue next to Ackqueue/Queue of the rule.  So all TCP rules will look like qACK/qDefault or qACK/qOthersHigh or qACK/qOthersLow.

    UDP rules only require the Queue in Ackqueue/Queue so UDP rules will always be none/qOthersHigh or none/qOthersLow.

    Once it's all up and running, you will have to monitor Status/Queues in the GUI to make sure there are no drops to qACK at any time.  If you see drops there, then you will have to raise the Bandwidth percentage for qACK and lower the percentage to some of your other queues.  All the percentages to your queues obviously have to equal 100%.

    I personally have WAN qACK at 20% and LAN qACK at 10% on a 20/5 connection.

    I attached a screenshot of my Floating Rules which I use to fix the apinger delay on my parents simple cable connection.

    ![Screen Shot 2013-09-29 at 3.33.46 PM.png_thumb](/public/imported_attachments/1/Screen Shot 2013-09-29 at 3.33.46 PM.png_thumb)
    ![Screen Shot 2013-09-29 at 3.33.46 PM.png](/public/imported_attachments/1/Screen Shot 2013-09-29 at 3.33.46 PM.png)



  • same topic, different question:

    can't we limit the UL/DL of the internet? In my case, there are some customers in my internet cafe who are so download heavy / youtube heavy they basically hog the entire internet speed. 10 game customers suffer from 1 heavy downloader.

    the same is true on the upload side. basically, upload about 50 pictures without limiter and the game goes 200ms ping.



  • That is explained in good detail at the following link using limiters.

    https://doc.pfsense.org/index.php/Traffic_Shaping_Guide#Limiter



  • @AhnHEL:

    4. set your qLink Bandwidth to 94Mbit/s or 994Mbit/s depending on the speed of your LAN interface.  (We're just subtracting your download speed from the maximum speed of your LAN interface 100-6 or 1000-6)

    Question, if I have 50 Mbit/s down and 5 Mbit/s up with my ISP.  And my LAN is 1 Gbit/s.  Should I not set

    WAN bandwidth = 5 Mbit/s
    LAN bandwidth = 1 Gbit/s

    • qInternet bandwidth = 50 Mbit/s
    • qLink = 945 Mbit/s

    qLink being 1000 Mbit (1 Gbit) - (WAN bandwidth + qInternet bandwidth)

    If I attempt a qLink = 1000 Mbit - WAN Bandwidth = 995 Mbit/s, I get a child bandwidth exceeds parent on LAN interface error.



  • Close.

    Your qLink will be 950Mbit/s (LAN Interface Speed - Internet Download Speed).  In your case, 1Gbit - 50Mb=950Mbit/s
    Your qInternet will stay at 50Mbit/s

    You do not factor in WAN Bandwidth for qLink which is why you got the Child Bandwidth Exceeded Error.  Don't confuse the numbers in the above posts as they were given bc the OP stated he had a 6 down and 0.5 up connection.



  • @AhnHEL:

    Once it's all up and running, you will have to monitor Status/Queues in the GUI to make sure there are no drops to qACK at any time.  If you see drops there, then you will have to raise the Bandwidth percentage for qACK and lower the percentage to some of your other queues.  All the percentages to your queues obviously have to equal 100%.

    I personally have WAN qACK at 20% and LAN qACK at 10% on a 20/5 connection.

    I attached a screenshot of my Floating Rules which I use to fix the apinger delay on my parents simple cable connection.

    AhnHEL, I've noticed my WAN qACK queue is showing quite a few drops since applying these new settings.  Should I have 0 qACK drops at all times even on my WAN?  Does this mean I've not allocated enough bandwidth (currently 20% of my 4.75 Mbit/s upstream)?



  • You do have qACK setup with a priority of 7, yes?

    Any drops on qACK is not good.

    We both have connections of 50/5 and its been a while since I set up the Traffic Shaper but I do remember slowly increasing the percentage while running speedtests maxing out my connection until qACK stopped showing drops on WAN and LAN, which for me was WAN qACK at 30% and LAN qACK setup at 10%.

    If you're ever given a faster Internet service tier then those percentages would have to be restudied.



  • Turns out, I was still getting a few ACK drops on my WAN connection with bandwidth set to 30%.  I've slowly inched it up to 38% bandwidth and I no longer appear to be getting ACK drops when both my upload and download bandwidth are saturated.