Wiki

User Tools

Site Tools

Trace: install_mame configure_ui hello_world master_run_routine
pfsense:buffer_bloat

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
pfsense:buffer_bloat [2021/01/05 19:55] peterpfsense:buffer_bloat [2023/05/21 11:20] (current) peter
Line 64: Line 64:
  
 === Create "Out" limiter === === Create "Out" limiter ===
- 
-<code> 
  
   * Tick "Enable"   * Tick "Enable"
Line 80: Line 78:
   * Click Save/Apply Changes   * Click Save/Apply Changes
  
-2.) Add "Out" queue+----
  
-    Tick "Enable" +=== Add "Outqueue ===
-    Name: fq_codel_out_q +
-    Mask: None +
-    Queue Management Algorithm: Tail Drop +
-    Click Save/Apply Changes+
  
-3.) Create "Inlimiter+  * Tick "Enable" 
 +  * Name: fq_codel_out_q 
 +  * Mask: None 
 +  * Queue Management Algorithm: Tail Drop 
 +  * Click Save/Apply Changes
  
-    Tick "Enable" +----
-    Name: FQ_CODEL_IN +
-    Bandwidth: 83886 Kbit/s +
-    Mask: None +
-    Queue Management Algorithm: Tail Drop +
-    Scheduler: FQ_CODEL +
-        target: 5 +
-        interval: 100 +
-        quantum: 300 +
-        limit: 10240 +
-        flows: 20480 +
-    Click Save/Apply Changes+
  
-4.) Add "In" queue+=== Create "In" limiter ===
  
-    Tick "Enable" +  * Tick "Enable" 
-    Name: fq_codel_in_q +  Name: FQ_CODEL_IN 
-    Mask: None +  * Bandwidth: 83886 Kbit/s 
-    Queue Management Algorithm: Tail Drop +  Mask: None 
-    Click Save/Apply Changes +  Queue Management Algorithm: Tail Drop 
-</code>+  * Scheduler: FQ_CODEL 
 +     * target: 5 
 +     * interval: 100 
 +     * quantum: 300 
 +     * limit: 10240 
 +     * flows: 20480 
 +  * Click Save/Apply Changes 
 + 
 +---- 
 + 
 +=== Add "In" queue === 
 + 
 +  * Tick "Enable" 
 +  * Name: fq_codel_in_q 
 +  * Mask: None 
 +  * Queue Management Algorithm: Tail Drop 
 +  * Click Save/Apply Changes
  
 ---- ----
Line 116: Line 119:
 ==== Create Floating Rules ==== ==== Create Floating Rules ====
  
-<code> +=== Add quick pass floating rule to handle ICMP traceroute ===
-Add quick pass floating rule to handle ICMP traceroute. This rule matches ICMP traceroute packets so that they are not matched by the WAN-Out limiter rule that utilizes policy routing. Policy routing breaks traceroute.+
  
-    Action: Pass +This rule matches ICMP traceroute packets so that they are not matched by the WAN-Out limiter rule that utilizes policy routing.
-    Quick: Tick Apply the action immediately on match. +
-    Interface: WAN +
-    Direction: out +
-    Address Family: IPv4 +
-    Protocol: ICMP +
-    ICMP subtypes: Traceroute +
-    Source: any +
-    Destination: any +
-    Description: policy routing traceroute workaround +
-    Click Save+
  
-2.) Add quick pass floating rule to handle ICMP echo-request and echo-reply. This rule matches ping packets so that they are not matched by the limiter rules. See bug 9024 for more info.+Policy routing breaks traceroute.
  
-    Action: Pass +  * Action: Pass 
-    Quick: Tick Apply the action immediately on match. +  Quick: Tick Apply the action immediately on match. 
-    Interface: WAN +  Interface: WAN 
-    Direction: any +  Direction: out 
-    Address Family: IPv4 +  Address Family: IPv4 
-    Protocol: ICMP +  Protocol: ICMP 
-    ICMP subtypes: Echo reply, Echo Request +  ICMP subtypes: Traceroute 
-    Source: any +  Source: any 
-    Destination: any +  Destination: any 
-    Description: limiter drop echo-reply under load workaround +  Description: policy routing traceroute workaround 
-    Click Save+  Click Save
  
-3.) Add a match rule for incoming state flows so that they're placed into the FQ-CoDel in/out queues+----
  
-    Action: Match +=== Add quick pass floating rule to handle ICMP echo-request and echo-reply ===
-    Interface: WAN +
-    Direction: in +
-    Address Family: IPv4 +
-    Protocol: Any +
-    Source: any +
-    Destination: any +
-    Description: WAN-In FQ-CoDel queue +
-    Gateway: Default +
-    In / Out pipe: fq_codel_in_q / fq_codel_out_q +
-    Click Save+
  
-4.) Add a match rule for outgoing state flows so that they're placed into the FQ-CoDel out/in queues+This rule matches ping packets so that they are not matched by the limiter rules.
  
-    ActionMatch +See [[https://redmine.pfsense.org/issues/9024|bug 9024]] for more info.
-    Interface: WAN +
-    Direction: out +
-    Address Family: IPv4 +
-    Protocol: Any +
-    Source: any +
-    Destination: any +
-    Description: WAN-Out FQ-CoDel queue +
-    Gateway: WAN_DHCP +
-    In Out pipe: fq_codel_out_q fq_codel_in_q +
-    Click Save/Apply Changes +
-</code>+
  
 +  * Action: Pass
 +  * Quick: Tick Apply the action immediately on match.
 +  * Interface: WAN
 +  * Direction: any
 +  * Address Family: IPv4
 +  * Protocol: ICMP
 +  * ICMP subtypes: Echo reply, Echo Request
 +  * Source: any
 +  * Destination: any
 +  * Description: limiter drop echo-reply under load workaround
 +  * Click Save
 +
 +----
 +
 +=== Add a match rule for incoming state flows so that they're placed into the FQ-CoDel in/out queues ===
 +
 +  * Action: Match
 +  * Interface: WAN
 +  * Direction: in
 +  * Address Family: IPv4
 +  * Protocol: Any
 +  * Source: any
 +  * Destination: any
 +  * Description: WAN-In FQ-CoDel queue
 +  * Gateway: Default
 +  * In / Out pipe: fq_codel_in_q / fq_codel_out_q
 +  * Click Save
 +
 +----
 +
 +=== Add a match rule for outgoing state flows so that they're placed into the FQ-CoDel out/in queues ===
 +
 +  * Action: Match
 +  * Interface: WAN
 +  * Direction: out
 +  * Address Family: IPv4
 +  * Protocol: Any
 +  * Source: any
 +  * Destination: any
 +  * Description: WAN-Out FQ-CoDel queue
 +  * Gateway: WAN_DHCP
 +  * In / Out pipe: fq_codel_out_q / fq_codel_in_q
 +  * Click Save/Apply Changes
  
 ---- ----
pfsense/buffer_bloat.1609876516.txt.gz · Last modified: 2021/01/05 19:55 by peter
Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki