Maximizing performance for network?
-
Hi,
I was wondering if someone could help me understand few things about traffic Shaping.Well What im trying to accomplish is to prioritize https,http,imap,pop and block all p2p like torrents and such.
I went thought the traffic Shaper wizard but im confused on percentages. On the photos lets say penalty box that 15 percent represents that if 192.168.3.2 passes the threshold it gets limited by 15 percent?
And howcome it creates a shaper on WAN? if I only need LAN?
My internet speed is 12 download and 2 upload
After I finished the wizard not sure really what to do.
Thank you
-
WAN shaping affects your upload and LAN shaping affects your download. I would also recommend checking CoDel along with ECN.
-
Hi Harvy66,
Thank you for the reply. I was trying to understand https://forum.pfsense.org/index.php?topic=89367.0 and https://forum.pfsense.org/index.php?topic=11986.0I guess what im having trouble to comprehend is how the penalty box works? :-[
and how would I limit P2P for a 1kb/1kb or should I just Limit the bandwidth using limiter giving specific user 4down/1up?
Thank you
-
Alright for now im going to focus on traffic shaping only http-https sites for now until i understand how HFSC works.
After that i wanted to see the queue and been seeing alots of packet drops on my default and my qothersHigh which is HTTPS and on p2p no drops when i try to torrent.
I wonder why on qdefault priority was given a 3?
See pictures
Thank you
-
Alright for now im going to focus on traffic shaping only http-https sites for now until i understand how HFSC works.
After that i wanted to see the queue and been seeing alots of packet drops on my default and my qothersHigh which is HTTPS and on p2p no drops when i try to torrent.
I wonder why on qdefault priority was given a 3?
See pictures
Thank you
Drops are caused by too small of buffers, which default to 50 unless you specify otherwise. Make them larger. I recommend just using CoDel, but I am not sure if queue size applies to CoDel when used as a child discipline.
P2P may not have drops because uTP, which is primarily used by Torrent, is much less aggressive than TCP.
What you showed looks good. My only personal opinion would be to have qDefault on the LAN and explicitly place LAN traffic in qLink.
-
Hi,
Thanks for the reply, So i was having trouble with HFSC and went to PRIQ for the LAN and for WAN went to CODELQ.Now i guess my question is lets say machine A is downloading an iso of 4gigs at a rate of 200kb and
machine B is trying to navigate the web would Machine B have priority over machine A?
And would machine A rate lower to around 100kb or less because Machine B have priority?
Thank you, and sorry that im a bit confused.
See pictures
-
http://www.linksysinfo.org/index.php?threads/qos-tutorial.68795/
Read that link and research until you understand every part of it. That is a good place to start.
Proper usage QoS needs a good understanding of internetworking fundamentals like TCP congestion control algorithms.
-
FairQ or CoDel may not need any priority because they are biased against bandwidth hogs. They provide no guarantees, but on average should be "good enough". If you can't understand HFSC, you probably don't understand enough theory to worry yourself with details and "good enough" is your best bet.
-
Thanks again I will check it out and post back once I get everything :)
-
Hey just curious questions, I have been reading alot on other forums about traffic shaping (Limiter) with transparent proxy and it seems that it is still broken. Does that also include on the queues?
Thank you
-
I do not think so, but I do not know. Traffic shaping queues function as expected for me.
-
allright so i think I got it, but have a few questions
I made qVOIP as my highest then http,dns second then last everything else would be lowered to 5 percent.
I ran some tests on torrents and it did work, max rate was 73kbit download speed and while ping 8.8.8.8 around 60-80 see pictures
But my questions is how come so little packet drops for qCatchall? And when I did a speed test it was less then 1mbit down/1mbit up but no packet loss thats where i get confused.
Also not sure where to add the codel on which Queues?
Thank you
-
Just remember that realtime always takes from the root and ignores upperlimit and link share. Of course any bandwidth above realtime respects upperlimit and link share.
And a 500 queue is very large for 13Mb of bandwidth. That's about 500ms of latency if the entire queue was full of 1500 byte packets. If in doubt, enable CoDel on all queues.
I also noticed that you said your connection is 12mb, but you set your shaper to 13Mb. On your download you should set your bandwidth to about 90%-95% of your minimum bandwidth. This means if you average 12Mb, but it comes in as a fluctuating 11Mb-13Mb, you should target 95% of 11Mb.
-
Hi Harvy66 thank you again for the reply :)
Just remember that realtime always takes from the root and ignores upperlimit and link share. Of course any bandwidth above realtime respects upperlimit and link share.
does that explain the speedtest pictures, while enabling traffic shaping would speedtest results be different? Not really sure if I understood the last part, any bandwidth do you imply the WAN queues o the LAN.
And a 500 queue is very large for 13Mb of bandwidth. That's about 500ms of latency if the entire queue was full of 1500 byte packets. If in doubt, enable CoDel on all queues.
I saw on a previous post that you showed your pics which had 1024 Queues should i follow somewhat your pics? When enabling CoDel on all queues should I remove all the queue limits?
I also noticed that you said your connection is 12mb, but you set your shaper to 13Mb. On your download you should set your bandwidth to about 90%-95% of your minimum bandwidth. This means if you average 12Mb, but it comes in as a fluctuating 11Mb-13Mb, you should target 95% of 11Mb.
Thank you that was a very good point you made I wasn't really sure, I would have days that its 11 others 12.9
And my last questions how were my firewall rules? where they correct? or is there any recommendation you could tip me :)?
Thank you again
-
If you enable CoDel, the queue limit is unused.
With CoDel enabled my queue is 2-4 packets even though it is defaulted at 50.
-
Your speedtest is going into the catchall, which has an upperlimit of 10%. Probably because many speedtests use port 8080 for some reason.
-
Thank you for the replies
If you enable CoDel, the queue limit is unused.
With CoDel enabled my queue is 2-4 packets even though it is defaulted at 50.
Would it be recommended enabling it on the Default queue both LAN and WAN?
Your speedtest is going into the catchall, which has an upper limit of 10%. Probably because many speedtests use port 8080 for some reason.
but isnt my upper limit on catchall 5%? But whats funny My navigation speed on websites are great or should i be worried about the speedtest result?, But lets say I would need to download a heavy file and I would need to bypass the queue would that be possible or I would need to turn it off?
Thank you
-
Thank you for the replies
If you enable CoDel, the queue limit is unused.
With CoDel enabled my queue is 2-4 packets even though it is defaulted at 50.
Would it be recommended enabling it on the Default queue both LAN and WAN?
The answer is complicated.
Though, thankfully, you can simply use trial & error to determine whether you prefer CoDel or not.
tldr; enable
-
Thanks Nullity for the reply I think I am getting the hang of it doing lots trail and error.
So i think on the LAN part (download) I have been able to tweak it with the catchall to a decent amount without hurting download streams, but the WAN(upload) do we have any control of it?
Lets say someone is uploading 1gig of information to dropbox with a 2mb upload speed it kills the internet I have seen my WAN RTT to around 300ms when originally its around 1.3ms, is there a possible way to put that catchall on the WAN for only protocols of dropbox,mega,wetransfer?
Also streaming netflix,youtube, going to webpages that uses the LAN queues right?
Thank you
-
Before using pfSense, I was proud of my networking knowledge because I knew the diff between a switch and a hub. ???
Then I became interested in traffic-shaping and realized I knew nothing about computer networking. After reading a few networking books and many dozens of (incomprehensible, lol) white-papers centered around HFSC, I finally feel comfortable configuring a simple traffic-shaping setup.
I say this because all your questions are already answered in books, the pfSense wiki, and Google. Go read. :)
We ain't your lackeys. :)