Traffic Shaping and Queuing
What is Traffic Shaping and Queuing
Traffic shaping is used to optimise or guarantee performance, improve latency, and/or increase usable bandwidth for some kinds of packets by delaying others.
For more details have a look at this Traffic Shaping Wikipedia article.
Know Your Connection Speeds
Before you can implement traffic shaping the Upload and Download connection speeds to the ISP must be known.
From interrogating the modem for this network the Upstream Line Rate was found to be 1020 Kbps and a Downstream 19999 Kbps. Be careful using line rates in your traffic shaping rules as they most likely don’t account for L1/L2 and TCP/IP overheads (approximately 20% for ADSL).
It’s also a good idea to check the connection speed from your network to the ISP, most ISPs will have a speed check utility.
ISP Speed Test
Upstream - 810 Kbps
Downstream - 15145 Kbps
As a last resort a speed check to “somewhere on the internet” might give you an idea…
SpeedOf.Me
Upstream - 870 Kbps
Downstream - 12.86 Mbps
Traffic shaping requires pfSense to drop packets, so it's very important not to set the upper limits higher than they actually are. If pfSense is not dropping packets then they will be dropped by the ISP and no local shaping will occur.
For this project the ISP Speed Test values will be used in the pfSense Traffic Shaper rules…
Getting Started
The easiest way to get started is to use one of the Traffic Shaper Wizards.
Traffic shaping is used to optimise or guarantee performance, improve latency, and/or increase usable bandwidth for some kinds of packets by delaying others.
For more details have a look at this Traffic Shaping Wikipedia article.
Know Your Connection Speeds
Before you can implement traffic shaping the Upload and Download connection speeds to the ISP must be known.
From interrogating the modem for this network the Upstream Line Rate was found to be 1020 Kbps and a Downstream 19999 Kbps. Be careful using line rates in your traffic shaping rules as they most likely don’t account for L1/L2 and TCP/IP overheads (approximately 20% for ADSL).
It’s also a good idea to check the connection speed from your network to the ISP, most ISPs will have a speed check utility.
ISP Speed Test
Upstream - 810 Kbps
Downstream - 15145 Kbps
As a last resort a speed check to “somewhere on the internet” might give you an idea…
SpeedOf.Me
Upstream - 870 Kbps
Downstream - 12.86 Mbps
Traffic shaping requires pfSense to drop packets, so it's very important not to set the upper limits higher than they actually are. If pfSense is not dropping packets then they will be dropped by the ISP and no local shaping will occur.
For this project the ISP Speed Test values will be used in the pfSense Traffic Shaper rules…
Getting Started
The easiest way to get started is to use one of the Traffic Shaper Wizards.
- Navigate to Firewall - Traffic Shaper and select Wizards.
- Open the Multiple Lan/Wan wizard.
- Set one WAN port and one LAN port then select Next.
- Select HFSC for both interfaces.
- Enter the Upload and Download speeds for your ISP connection and select Next.
- Select Next for the following page (unless you use any of these service).
- Voice over IP
- Penalty Box
- Peer to Peer networking
- Network Games
- Select Enable on the Raise or lower other Applications page.
- Then make the following selections:
- FaceTime - Higher priority (if you use Apple FaceTime).
- HTTP - Higher priority
- SMTP - Lower priority
- POP3 - Lower priority
- IMAP - Lower priority
- DNS - Higher priority
- Leave everything else as Default priority.
- Select Next then Finish.
Progress Check
At this point there will have been some Floating Firewall Rules created and some Traffic Shaper Queues assigned to the LAN and WAN interfaces.
To see the Firewall Rules navigate to Firewall - Rules and select the Floating tab.
At this point there will have been some Floating Firewall Rules created and some Traffic Shaper Queues assigned to the LAN and WAN interfaces.
To see the Firewall Rules navigate to Firewall - Rules and select the Floating tab.
To see the Queues navigate to Firewall - Traffic Shaper.
To monitor the traffic shaper queue status navigate to Status - Queues.
Tweak the Queues
Due to the huge difference between the Upstream and Downstream speeds some tweaking is called for.
First set the WAN Interface to match the actual WAN hardware (100 Mbit):
Due to the huge difference between the Upstream and Downstream speeds some tweaking is called for.
First set the WAN Interface to match the actual WAN hardware (100 Mbit):
- Navigate to Firewall - Traffic Shaper then select WAN.
- Change the Bandwidth to 100 Mbits/s.
- Select Save and then Apply Changes.
Leave ‘qInternet’ as it is at 810 Kbit/s as that matches the measured Upstream value from “Know Your Connection Speed” above.
Next as most of the WAN traffic will be TCP ACKs increase the bandwidth percentage of ‘qACK’:
- Select qACK.
- Change the Bandwidth and B/W share to 70%.
- Select Save and then Apply Changes.
Leave all ‘qDefault’, “qOthersHigh’ and ‘qOthersLow’ as the default values set by the wizard.
Next set the LAN Interface to match the actual LAN hardware (1 Gbit):
- Navigate to Firewall - Traffic Shaper then select LAN.
- Change the Bandwidth to 1 Gbits/s.
- Select Save.
- .
- Select Save.
- .
- Select Apply Changes.
Progress Check
At this point ….