Any way to do Traffic shaping if WAN Line varies in speed?



  • We have here a VERY unstable internet Connaction at the moment.

    Speed tests to different times of the day brought results in the range of:
    Download 20 MBit to 0.3 Mbit
    Upload 2.2 MBit to 0.3 Mbit
    The look of recorded graphs from speedtest.net vary between transverse sections of the Alpes and the Himalaya.

    As we need to make sure that at least VoIP is possible for the moment, until we get a more stable connection, I am wondering if there is any way to do a proper traffic shaping on such a line. A nice to have would be if also our OpenVPN wouldn't be so much affected if one user does something in the Internet.

    I can't really enter valid values for my line speed in such circumstances …. Any ideas?



  • Why is your connection speed so unstable?  Is it a provider issue?  Since traffic shaping really only matters when traffic starts hitting saturation points, I'd say you're probably out of luck if your WAN circuit is that unstable.  I would bet that even with shaping in some way, the fact that your connection is that unstable is going to kill any kind of VOIP traffic anyway.  How does this affect latency?  Bandwidth is important for VOIP traffic for sure, but maintaining a fairly consistent latency and not having packet loss is really the key to good quality VOIP over a WAN circuit.  Wildly swinging latencies (say from 10ms to 100ms back to 10ms) is going to lead to lots of echo and static, while packet loss is going to make the voice stream choppy.

    You can build a VOIP prioritization queue through the traffic shaper on the PFSense to ensure voice goes first out your WAN, but the PFSense isn't going to know what rate to conform the traffic unless you tell it in the shaper settings.



  • The latency is not the problem. It varies from 25ms to 75ms.

    Yes Provider issue. I am at a location where we can't get any cable based line that would be fast enough for VoIP and VPN. So we have to use a kind of WiFi. One choice is satelite based, what would be very expensive if we reach the monthly limit of 100GB ….. what may happen if we think of that the line is also used private by a family in the evenings. The other choice is (what we currently have) a directional radio link. We just discussed with a local electrician who has a lot of experience the issue and it might just be that we get a stable connection if we place our antenna 3m higher.

    My main question is here, if we can configure any kind of traffic shaping on this pfsense which doesn't depend on line speed as a temporary solution for now. It should just priorize packages that are from or to the VoIP server in the internet.



  • So you just need basic outbound priority.  The best way to do this is still through the traffic shaper.  Unfortunately there is no way I know of to move/change the bandwidth cap dynamically, but then again cap settings only matter for traffic shaping when your traffic actually begins to hit those limits.  But no matter the bandwidth cap limit, if you prioritize VOIP through a traffic shaper you essentially make sure it is sent first from the firewall, which is pretty much the best you can do at this point.

    The traffic shaping wizard makes setting this up pretty easy.  Run through the shaper, set the VOIP priority, and make sure there are floating rules in place that match traffic destined to the VOIP server.

    Do the radios used in the link acknowledge prioritized packets?  No doubt they are recommending you raise the antenna to get it above interface and improve the line of sight to the other side.  What kind of radios are you using?