Limiter and QoS issue



  • For simplicity I created a qACK, qGame and qDefault queues to control the traffic. The priority order is qACK (the highest), qGame and qDefault. I defined floating rules and for game's ports I specified qACK/qGame queue. This worked like a charm, even when the link got saturated the gamers had no complain because the game's ping was low around 50ms. :-)

    Then I noticed that some users abuses the link and start to download a lot. The online games still worked fine but my ISP started to control the link speed after I reached some limit per month. Although the games still worked fine even after the lowered download speed I decided to introduce limits. I created tow limiters one for download one for upload e.g. 2Mbs download and 0.5Mbps upload. Modifier the default LAN static firewall rule and set the In/Out limiters. It again worked like a charm when I measured the allowed bandwidth for these users.

    However since I introduced the limiters the gamers started to complain that the ping is now around 150-300ms. Apparently pfSense ignores the QoS (queues) when it starts to limit the packets. Maybe I'm doing something wrong, any idea what? Or is this a known issue / limitation of limiters?

    I like the limiter idea because I can easily introduce several limiters and control the bandwith per IP + also control the QoS. I expected that the limiter will control the links speed while it will still obey the queue priority.

    Any idea how to correctly configure this?
    I'm on 2.1.3 NanoBSD (Alix board) version.

    Thanks, Peter



  • You need to not modify the default LAN rule and make a new rule above it for the limter.  use IPv4 / TCP / any / any and then select the limiters.  The majority of gaming traffic is UDP so this will not affect it.  See this post - https://forum.pfsense.org/index.php?topic=63531.0 . This will define a limiter for ALL TCP connections that is shared by how many users there are and what bandwidth you define.  So if you define 20Mbits then if 4 people are trying to download , it will split the bandwidth among those 4 people.

    Additionally you can do some searching and find the ports need for Steam downloads and apply a QoS rule to them as well in the floating rules section.

    Hope this helps.



  • Today I decided to play the game what the gamers play - League of Legends. Indeed the ping was high ~300ms when the link was heavily pressured. What was interesting when I switched back to my previous OS (Gargoyle) the game reported ~50ms ping. I decided to grab the exact settings of the QoS, then switched back to pfSense.

    The difference was in the firewall floating rule which created a floating rule for UDP, port = 5000-5500, -/qGame, however on my previous OS the same port used TCP protocol NOT UDP. This rule was created by the pfSense traffic shaper wizard and it is apparently incorrect. Once I changed the rule to TCP and set qACK/qGame everything started to work like a charm :-)

    So I'm taking back my original assumption that QoS and limiter do not work together :-)



  • They work fine together. I have previously documented that the limiter and QoS work fine together. I have shown screenshots of an LoL game going while downloading from Steam.

    LoL uses UDP not TCP for the game client once the game is started.  It uses port 80 during the setup of the game.

    Again if you can post screenshots of your setup so we can see it instead of blindly posting that it is not working then maybe we can help.

    Otherwise it appears you just want to troll.


Log in to reply