Differences

This shows you the differences between two versions of the page.

--- pfsense:buffer_bloat [2020/07/15 10:15] – 192.168.1.69
+++ pfsense:buffer_bloat [2023/05/21 11:20] (current) – peter
@@ Line 34: / Line 34: @@
 ===== Change the Q size =====
 <WRAP important>
@@ Line 64: / Line 63: @@
 Navigate to **Firewall -> Traffic Shaper -> Limiters**.
-<code>
+=== Create "Out" limiter ===
-.) Create "Out" limiter
-    Tick "Enable"
+  * Tick "Enable"
-    Name: FQ_CODEL_OUT
+  * Name: FQ_CODEL_OUT
-    Bandwidth: 96907 Kbit/s
+  * Bandwidth: 96907 Kbit/s
-    Mask: None
+  * Mask: None
-    Queue Management Algorithm: Tail Drop
+  * Queue Management Algorithm: Tail Drop
-    Scheduler: FQ_CODEL
+  * Scheduler: FQ_CODEL
-        target: 5
+    * target: 5
-        interval: 100
+    * interval: 100
-        quantum: 300
+    * quantum: 300
-        limit: 10240
+    * limit: 10240
-        flows: 20480
+    * flows: 20480
-    Click Save/Apply Changes
+  * Click Save/Apply Changes
-.) Add "Out" queue
+----
-    Tick "Enable"
+=== Add "Out" queue ===
-    Name: fq_codel_out_q
-    Mask: None
-    Queue Management Algorithm: Tail Drop
-    Click Save/Apply Changes
-.) Create "In" limiter
+  * Tick "Enable"
+  * Name: fq_codel_out_q
+  * Mask: None
+  * Queue Management Algorithm: Tail Drop
+  * Click Save/Apply Changes
-    Tick "Enable"
+----
-    Name: FQ_CODEL_IN
-    Bandwidth: 83886 Kbit/s
-    Mask: None
-    Queue Management Algorithm: Tail Drop
-    Scheduler: FQ_CODEL
-        target: 5
-        interval: 100
-        quantum: 300
-        limit: 10240
-        flows: 20480
-    Click Save/Apply Changes
-.) Add "In" queue
+=== Create "In" limiter ===
-    Tick "Enable"
+  * Tick "Enable"
-    Name: fq_codel_in_q
+  * Name: FQ_CODEL_IN
-    Mask: None
+  * Bandwidth: 83886 Kbit/s
-    Queue Management Algorithm: Tail Drop
+  * Mask: None
-    Click Save/Apply Changes
+  * Queue Management Algorithm: Tail Drop
-</code>
+  * Scheduler: FQ_CODEL
+     * target: 5
+     * interval: 100
+     * quantum: 300
+     * limit: 10240
+     * flows: 20480
+  * Click Save/Apply Changes
+----
+=== Add "In" queue ===
+  * Tick "Enable"
+  * Name: fq_codel_in_q
+  * Mask: None
+  * Queue Management Algorithm: Tail Drop
+  * Click Save/Apply Changes
 ----
@@ Line 116: / Line 119: @@
 ==== Create Floating Rules ====
-<code>
+=== Add quick pass floating rule to handle ICMP traceroute ===
-Add quick pass floating rule to handle ICMP traceroute. This rule matches ICMP traceroute packets so that they are not matched by the WAN-Out limiter rule that utilizes policy routing. Policy routing breaks traceroute.
-    Action: Pass
+This rule matches ICMP traceroute packets so that they are not matched by the WAN-Out limiter rule that utilizes policy routing.
-    Quick: Tick Apply the action immediately on match.
-    Interface: WAN
-    Direction: out
-    Address Family: IPv4
-    Protocol: ICMP
-    ICMP subtypes: Traceroute
-    Source: any
-    Destination: any
-    Description: policy routing traceroute workaround
-    Click Save
-.) Add quick pass floating rule to handle ICMP echo-request and echo-reply. This rule matches ping packets so that they are not matched by the limiter rules. See bug 9024 for more info.
+Policy routing breaks traceroute.
-    Action: Pass
+  * Action: Pass
-    Quick: Tick Apply the action immediately on match.
+  * Quick: Tick Apply the action immediately on match.
-    Interface: WAN
+  * Interface: WAN
-    Direction: any
+  * Direction: out
-    Address Family: IPv4
+  * Address Family: IPv4
-    Protocol: ICMP
+  * Protocol: ICMP
-    ICMP subtypes: Echo reply, Echo Request
+  * ICMP subtypes: Traceroute
-    Source: any
+  * Source: any
-    Destination: any
+  * Destination: any
-    Description: limiter drop echo-reply under load workaround
+  * Description: policy routing traceroute workaround
-    Click Save
+  * Click Save
-.) Add a match rule for incoming state flows so that they're placed into the FQ-CoDel in/out queues
+----
-    Action: Match
+=== Add quick pass floating rule to handle ICMP echo-request and echo-reply ===
-    Interface: WAN
-    Direction: in
-    Address Family: IPv4
-    Protocol: Any
-    Source: any
-    Destination: any
-    Description: WAN-In FQ-CoDel queue
-    Gateway: Default
-    In / Out pipe: fq_codel_in_q / fq_codel_out_q
-    Click Save
-.) Add a match rule for outgoing state flows so that they're placed into the FQ-CoDel out/in queues
+This rule matches ping packets so that they are not matched by the limiter rules.
+See [[https://redmine.pfsense.org/issues/9024|bug 9024]] for more info.
+  * Action: Pass
+  * Quick: Tick Apply the action immediately on match.
+  * Interface: WAN
+  * Direction: any
+  * Address Family: IPv4
+  * Protocol: ICMP
+  * ICMP subtypes: Echo reply, Echo Request
+  * Source: any
+  * Destination: any
+  * Description: limiter drop echo-reply under load workaround
+  * Click Save
+----
+=== Add a match rule for incoming state flows so that they're placed into the FQ-CoDel in/out queues ===
+  * Action: Match
+  * Interface: WAN
+  * Direction: in
+  * Address Family: IPv4
+  * Protocol: Any
+  * Source: any
+  * Destination: any
+  * Description: WAN-In FQ-CoDel queue
+  * Gateway: Default
+  * In / Out pipe: fq_codel_in_q / fq_codel_out_q
+  * Click Save
+----
-    Action: Match
+=== Add a match rule for outgoing state flows so that they're placed into the FQ-CoDel out/in queues ===
-    Interface: WAN
-    Direction: out
-    Address Family: IPv4
-    Protocol: Any
-    Source: any
-    Destination: any
-    Description: WAN-Out FQ-CoDel queue
-    Gateway: WAN_DHCP
-    In / Out pipe: fq_codel_out_q / fq_codel_in_q
-    Click Save/Apply Changes
-</code>
+  * Action: Match
+  * Interface: WAN
+  * Direction: out
+  * Address Family: IPv4
+  * Protocol: Any
+  * Source: any
+  * Destination: any
+  * Description: WAN-Out FQ-CoDel queue
+  * Gateway: WAN_DHCP
+  * In / Out pipe: fq_codel_out_q / fq_codel_in_q
+  * Click Save/Apply Changes
 ----