Differences

This shows you the differences between two versions of the page.

--- pfsense:buffer_bloat [2020/03/14 20:17] – peter
+++ pfsense:buffer_bloat [2023/05/21 11:20] (current) – peter
@@ Line 10: / Line 10: @@
 If not then tune.
+{{:pfsense:bufferbloat_-_results.png?800|}}
 ----
@@ Line 32: / Line 34: @@
 ===== Change the Q size =====
 <WRAP important>
@@ Line 53: / Line 54: @@
 Someday your connection might receive a speed upgrade and you may forgot to adjust the limiter to make use of it!
 </WRAP>
+----
+===== Instructions =====
+==== Create Limiters ====
+Navigate to **Firewall -> Traffic Shaper -> Limiters**.
+=== Create "Out" limiter ===
+  * Tick "Enable"
+  * Name: FQ_CODEL_OUT
+  * Bandwidth: 96907 Kbit/s
+  * Mask: None
+  * Queue Management Algorithm: Tail Drop
+  * Scheduler: FQ_CODEL
+    * target: 5
+    * interval: 100
+    * quantum: 300
+    * limit: 10240
+    * flows: 20480
+  * Click Save/Apply Changes
+----
+=== Add "Out" queue ===
+  * Tick "Enable"
+  * Name: fq_codel_out_q
+  * Mask: None
+  * Queue Management Algorithm: Tail Drop
+  * Click Save/Apply Changes
+----
+=== Create "In" limiter ===
+  * Tick "Enable"
+  * Name: FQ_CODEL_IN
+  * Bandwidth: 83886 Kbit/s
+  * Mask: None
+  * Queue Management Algorithm: Tail Drop
+  * Scheduler: FQ_CODEL
+     * target: 5
+     * interval: 100
+     * quantum: 300
+     * limit: 10240
+     * flows: 20480
+  * Click Save/Apply Changes
+----
+=== Add "In" queue ===
+  * Tick "Enable"
+  * Name: fq_codel_in_q
+  * Mask: None
+  * Queue Management Algorithm: Tail Drop
+  * Click Save/Apply Changes
+----
+==== Create Floating Rules ====
+=== Add quick pass floating rule to handle ICMP traceroute ===
+This rule matches ICMP traceroute packets so that they are not matched by the WAN-Out limiter rule that utilizes policy routing.
+Policy routing breaks traceroute.
+  * Action: Pass
+  * Quick: Tick Apply the action immediately on match.
+  * Interface: WAN
+  * Direction: out
+  * Address Family: IPv4
+  * Protocol: ICMP
+  * ICMP subtypes: Traceroute
+  * Source: any
+  * Destination: any
+  * Description: policy routing traceroute workaround
+  * Click Save
+----
+=== Add quick pass floating rule to handle ICMP echo-request and echo-reply ===
+This rule matches ping packets so that they are not matched by the limiter rules.
+See [[https://redmine.pfsense.org/issues/9024|bug 9024]] for more info.
+  * Action: Pass
+  * Quick: Tick Apply the action immediately on match.
+  * Interface: WAN
+  * Direction: any
+  * Address Family: IPv4
+  * Protocol: ICMP
+  * ICMP subtypes: Echo reply, Echo Request
+  * Source: any
+  * Destination: any
+  * Description: limiter drop echo-reply under load workaround
+  * Click Save
+----
+=== Add a match rule for incoming state flows so that they're placed into the FQ-CoDel in/out queues ===
+  * Action: Match
+  * Interface: WAN
+  * Direction: in
+  * Address Family: IPv4
+  * Protocol: Any
+  * Source: any
+  * Destination: any
+  * Description: WAN-In FQ-CoDel queue
+  * Gateway: Default
+  * In / Out pipe: fq_codel_in_q / fq_codel_out_q
+  * Click Save
+----
+=== Add a match rule for outgoing state flows so that they're placed into the FQ-CoDel out/in queues ===
+  * Action: Match
+  * Interface: WAN
+  * Direction: out
+  * Address Family: IPv4
+  * Protocol: Any
+  * Source: any
+  * Destination: any
+  * Description: WAN-Out FQ-CoDel queue
+  * Gateway: WAN_DHCP
+  * In / Out pipe: fq_codel_out_q / fq_codel_in_q
+  * Click Save/Apply Changes
 ----
@@ Line 70: / Line 205: @@
 ===== References =====
+https://www.youtube.com/watch?v=o8nL81DzTlU&t=380
 http://www.dslreports.com/speedtest
@@ Line 80: / Line 216: @@
 https://forum.netgate.com/topic/112527/playing-with-fq_codel-in-2-4/856
+https://forum.netgate.com/topic/112527/playing-with-fq_codel-in-2-4