Queue for ping packets for packet loss indicator
-
Hi,
Pfsense uses ping, pings next hop to DSLAM to measure packet loss.
I see this in pfTop
PR D SRC DEST STATE AGE EXP PKTS BYTES
icmp O x.x.41.249:46544 x.x.0.1:0 0:0 3040m 9 348K 27MThis is my wan adress pinging next hop constantly to calculate packet loss.
Pfsense uses default wan queue for this traffic but i want to assign this to my highest priority queue.
I know how traffic shaper works, i know what to do but things i tried didn't work. It always use default wan queue no matter what i did.
So is it a bug or is it designed that way? -
You should be able to catch these pings with a floating rule on WAN, action MATCH, direction OUT, protocol ICMP, source IP: your interface address. Then assign it to whatever queue you want
-
Thanks again for reply
But i already tried that. It only affects the pings i can use in Diagnostics/Ping menu.
I tried restarting and similar things. Packet loss measurements in Gateways page doesn't get affected by rules i suppose. It only use default wan queue. I think that is a bug. -
It's working for me. I created a separate queue and assigned the traffic as described. It shows up on the queue
EDIT: did you flush the firewall states before testing?
-
Like you said , resetting firewall states did the trick and it works now.
I've always thought reloading firewall rules ( when you change rules and apply them) or rebooting pfsense had similar effect, but they don't.
I've learned something new today :D -
I think i have found a bug.
After restarting pfsense that traffic goes to default queue again but resetting tables again puts that traffic in desired queue again. -
You are right. Perhaps this has to do with the order in which the services are started at bootup?
-
Ensure you don't have a rule assigned to the default queue that any traffic can match or more specifically ICMP traffic can match. I use a floating rule as the 1st rule in the list, selecting all interfaces, in any direction, with protocol ICMP, and any ICMP type, with no ACK, and to qHigh. This may be more than you need in that I monitor Wan and Lan devices with ICMP regularly. If this works you might then back off the interfaces to just Wan and change any to out to see if the ICMP rule breaks.
-
Ensure you don't have a rule assigned to the default queue that any traffic can match or more specifically ICMP traffic can match. I use a floating rule as the 1st rule in the list, selecting all interfaces, in any direction, with protocol ICMP, and any ICMP type, with no ACK, and to qHigh. This may be more than you need in that I monitor Wan and Lan devices with ICMP regularly. If this works you might then back off the interfaces to just Wan and change any to out to see if the ICMP rule breaks.
If ICMP rule does not breaks - it ok?
-
Not necessarily. It still should be checked that ICMP's are hitting the appropriate shape bucket.