Adventures in Traffic Shaping



  • So tonight on ver. 2.2 i rant eh TS wizard for multi WAN/Single LAN, I have 3 x 3mb ATT DSL lines which have been working almost flawlessly until this past weekend.  I installed the nmap and Squid3 packages, and while Im not unfamiliar with nmap or Squid I only enabled a transparent proxy in squid.. didn't do anything with nmap.  That night I noticed in BF4 I'd get occasional lag spike from mid 30's in ping times to 150+.  It'd last maybe 10-20 second then disappear.  The problem is in the past 1.5 years that never has happened before unless torrenting and that night I had nothing running.

    So I disable Squid and remove nmap.. nothing changed I still had the spikes. So on a whim I reran teh DNS benchmark since I've been using Googles DNS servers for over 4 years now I wanted to see if there were faster ones… and there were.  (Note: I dont believe DNS was the cause of my spikes but there's only so much you can do with a collective 8mb down)

    So I replaced the DNS servers all three interfaces use, and speedtest.net now reports 7.5mb/s down/0.70mb/s up whereas this time last year I had almost 9 down and 1 up.  Ok ok.. well things change I guess.. it is DSL so what can you do?

    So tonight, again on a whim I decide to try TS.. I've played with it before but never with good results.  So tonight I ran the multi-WAN/Single-LAN wizard.  Of course the stupid You've exceeded 30% on the voip queue hit me.  I wish that could be a little more clearer!  But I eventually got through it, re-ran speedtest.net with the same results.  So far so good.. time to play a round of BF..

    I find a server and begin a round, all the while alt-tabbing to the Queue status page.  I played a full almost 40 minute round with nice ping times, all under 40ms with the exception of once hitting 165ms.  My question is, my did only the Games queue on WAN3 ever register traffic?  WAN1 and WAN2 never noticed anything in root, internet or games.  Nothing!

    I have 3 DSL circuits for a reason and I want to use them.  What did I do wrong here?

    I do not know the best way to post my TS/pf config but I will if it will help.



  • Next time, try running a traceroute during the slow-down. What does the "Quality" RRD graph show?

    There are many other scenerios that you need to test, so I am making a poorly informed guess; it might be your ISP becoming congested. I experienced it with my ISP, a few years ago. During peak hours (6pm to midnight), the connections max throughput would drop, sometimes by 90%, packet loss would increase, and the ping would increase. I had to deal with that shit for around a year. Off-peak hours were reasonably tolerable.

    Regarding the rest of your setup, we need more information, like how are your traffic-shaping queues and the related fire-wall rules setup? More information about your particular multi-wan config might be useful as well.



  • Null you mention some good things, i didnt think of a tracert at the time, I have so little experience with TS that finding an effective starting point is hard for me.  I'd rule out a congested ISP simply because I've had the same setup for 1.3 years now.. I play at the same times every night so I've got a historical feel for this. Could I be wrong? Sure, but IDK I kinda doubt it.

    Honestly for having 3 3mb DSL lines I've got some very nice latency and throughput reading into the 10-11mb range.  I had the installers (Note: with ATT business is you order 2 or 20 circuits they must all be installed on different says) Run the 10-ish feet of cat5 into my basement making sure to route totally away from any electric, not even a 90* intersection.  My biscuit jacks are above the rack and power enters from below.  I an a bit anal about that just because I know I just bought shit for internet.  gotta squeeze every little bit I can out of it.

    As far as the rules and everything.. I actually was going back through the wizard to give you details when I hit this:
    You cannot set the VoIP download bandwidth on connection 0 higher than 80% of the connection.

    Umm when you set 32kb/s on all three WAN uploads and 1024 on LAN download.. how the hell am I exceeding 80% of the download on connection 0 when the only connection 0 listed on the page is for WAN #1 upload?

    I realize something as acutely intricate as Traffic Shaping/QOS is not for the faint of heart.  I'm a technical guy but these wizard are damn bloody obscure and like in this case totally mis-labelled.  I love pf and always will but.. ugh.



  • @roccor:

    Null you mention some good things, i didnt think of a tracert at the time, I have so little experience with TS that finding an effective starting point is hard for me.  I'd rule out a congested ISP simply because I've had the same setup for 1.3 years now.. I play at the same times every night so I've got a historical feel for this. Could I be wrong? Sure, but IDK I kinda doubt it.

    Honestly for having 3 3mb DSL lines I've got some very nice latency and throughput reading into the 10-11mb range.  I had the installers (Note: with ATT business is you order 2 or 20 circuits they must all be installed on different says) Run the 10-ish feet of cat5 into my basement making sure to route totally away from any electric, not even a 90* intersection.  My biscuit jacks are above the rack and power enters from below.  I an a bit anal about that just because I know I just bought shit for internet.  gotta squeeze every little bit I can out of it.

    As far as the rules and everything.. I actually was going back through the wizard to give you details when I hit this:
    You cannot set the VoIP download bandwidth on connection 0 higher than 80% of the connection.

    Umm when you set 32kb/s on all three WAN uploads and 1024 on LAN download.. how the hell am I exceeding 80% of the download on connection 0 when the only connection 0 listed on the page is for WAN #1 upload?

    I realize something as acutely intricate as Traffic Shaping/QOS is not for the faint of heart.  I'm a technical guy but these wizard are damn bloody obscure and like in this case totally mis-labelled.  I love pf and always will but.. ugh.

    I never really began to understand the traffic-shaper until I quit using the wizard. Manually setup 1 queue at a time and confirm that it work then move on.

    Post some pictures or information about your queues to see if we can find your error.


Log in to reply