Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Determine what traffic is in each queue

    Scheduled Pinned Locked Moved Traffic Shaping
    8 Posts 4 Posters 1.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      drick78
      last edited by

      How do I determine what traffic is going into my various traffic shaping queues.  For instance, right now the only traffic I should be having on my network is p2p, but my qDefault on the WAN side is getting 180Kbit/s while the qP2P is only getting 6kbps. So my question is how do I determine what this other traffic is?  I'm guessing my floating rules are not matching something, but I don't know enough to find out why they aren't matching.

      Dell C6100 w/ 2 x Xeon E5430 quad-core, 6GB RAM

      1 Reply Last reply Reply Quote 0
      • H
        Harvy66
        last edited by

        I am also highly interested in this.

        1 Reply Last reply Reply Quote 0
        • M
          markn62
          last edited by

          Me three.  It would be nice to have a list of connection states by rule and ability to filter results similar to the System Log/Firewall tab.  Without, my approach is to packet capture the expected traffic generated.  Usually find out the direction or port is not what I expected so my rule was inappropriately created and fails.  Once corrected I check activity on the rule using PfTop/Label. And to be certain it hits the rule I temporarily turn on rule logging and check System Log / Firewall.  A bit hunt'n'peck but, far as I know, that's all there is.

          1 Reply Last reply Reply Quote 0
          • KOMK
            KOM
            last edited by

            Since the traffic could be almost anything, the method of capturing and manually analyzing the traffic is the only one that will reliably work that I know of.

            1 Reply Last reply Reply Quote 0
            • H
              Harvy66
              last edited by

              How do you capture the traffic that is in a specific queue? I can easily capture data entering and leaving the firewall, but I can't tell what the internal state of the firewall is.

              1 Reply Last reply Reply Quote 0
              • KOMK
                KOM
                last edited by

                How do you capture the traffic that is in a specific queue?

                You don't.  That's where all the fun is.  You run your shaper and see lots of unhandled traffic.  You sniff the wire to see what the traffic is.  You analyze the traffic and compare to your existing rules to determine why it isn't performing as expected.  Rinse, repeat.

                1 Reply Last reply Reply Quote 0
                • H
                  Harvy66
                  last edited by

                  In the past I've had the issue where a flow got put in the correct queue on the WAN interface, then placed in the default queue on the LAN interface. Obviously the flow matched the rule because it correctly was assigned WAN side, but how would I have figured out why it didn't get assigned to the correct LAN queue?

                  Eventually I just set all of my floating rules to be ANY direction and on both LAN and WAN interfaces and now I see traffic going to my queues, but I don't know what traffic.

                  What is the proper way of using floating rules?

                  1 Reply Last reply Reply Quote 0
                  • KOMK
                    KOM
                    last edited by

                    What is the proper way of using floating rules?

                    From what I understand, floating rules are simply a way of having one rule that acts on multiple interfaces in multiple directions.  That's it.

                    1 Reply Last reply Reply Quote 0
                    • First post
                      Last post
                    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.