Traffic shaping (divide 10Mb evenly for 5 users)

Started by Lukas85, February 09, 2018, 08:06:10 AM

Previous topic - Next topic
Print
Go Down Pages 1 2
User actions
February 09, 2018, 06:08:45 PM #15
To separate traffic from inbound (download) and outbound (upload), click on the advanced button to bring up the "Direction" and change from any to either in or out and I have a rule for each:


In
https://imgur.com/a/5R58Y

Out
https://imgur.com/a/5R58Y

If you want to check the rules are hitting, you can run this "ipfw -a list" from a shell on the firewall and see:

Code Select
60001   1970328   2927868270 queue 10005 ip from any to 192.168.1.30 src-port 563 in via igb0
60002    981160    127114594 queue 10005 ip from any to 192.168.1.31 in via igb0
60003    984304     53916560 queue 10002 ip from 192.168.1.30 to any dst-port 563 out via igb0
60004    871946     77914668 queue 10002 ip from 192.168.1.31 to any out via igb0
60005    138803      9919162 queue 10003 icmp from any to any in via igb0
60006    142521     10189045 queue 10000 icmp from any to any out via igb0
60007    196846     51535283 queue 10003 ip from any to any src-port 53 in via igb0
60008    199322     15488643 queue 10000 ip from any to any dst-port 53 out via igb0
60009   2361942   1658878829 queue 10003 ip from any to 192.168.1.50 in via igb0
60010         0            0 queue 10003 ip from any to 192.168.1.51 in via igb0
60011     10562      1304059 queue 10003 ip from any to 192.168.1.55 in via igb0
60012    171010    127520953 queue 10003 ip from any to 192.168.1.90 in via igb0
60013   1771676    437027734 queue 10000 ip from 192.168.1.50 to any out via igb0
60014         0            0 queue 10000 ip from 192.168.1.51 to any out via igb0
60015     20849      1811706 queue 10000 ip from 192.168.1.55 to any out via igb0
60016    107855     14693889 queue 10000 ip from 192.168.1.90 to any out via igb0
60017 138197566 136992406549 queue 10004 ip from any to any in via igb0
60018 118202500  80854482004 queue 10001 ip from any to any out via igb0

For me, I can see all my in and out queues are working properly as traffic is matching in and out.
February 09, 2018, 06:24:33 PM #16
Well I gues this is too complicated for me. I did exactly as in the wiki, exactly as anybody else posted before and still no luck. 
February 09, 2018, 08:07:20 PM #17
I created only download pipe and download rule. 5Mb in this test. No upload no nothing else.




Can anyone confirm this scenario working for him ? In my case it doesn't. Just for simple test, I have connected two computers, both of them downloading at 5Mb at the same time, which gives 10Mb.

This shouldn't happen, because it violates the "pipe" max bandwidth which is only 5Mb no 10Mb.

February 09, 2018, 08:18:20 PM #18
Hey !!! I found the solution !

It was the mask Destination ! I unchecked it in pipe rule. Now it works !
February 09, 2018, 08:32:47 PM #19
Were you setting the mask in the Pipe or the Queue?
February 09, 2018, 08:36:45 PM #20
I disabled any mask (empty) in pipe rule. Now it looks like it works, not so sure, but both clients dont exceed the max pipe bandwidth. Hard to tell if the get fair 50/50 download speed. I'm not using the queues.
February 09, 2018, 09:27:52 PM #21
Hmm. I did some testing and I couldn't reproduce a limiter not working with source or destination checked.

You will get some errors at times if you reconfigure stuff too much in your syslog:

config_aqm Unable to configure flowset, flowset busy!
config_aqm Unable to configure flowset, flowset busy!

That sometimes can cause an issue with things 'working'. I just reboot if I see that in the logs with end config and that usually clears it up.
February 09, 2018, 09:53:05 PM #22
Which version of opnsense are you using ?
February 09, 2018, 11:26:48 PM #23
OPNsense 18.1.2_2-amd64

The flowset issue has been there for quite a bit though.
February 10, 2018, 12:37:37 PM #24
I'm posting also status page.


February 10, 2018, 02:41:23 PM #25
I think this topic should be closed. If nobody believes me that I'm doing exactly as I'm supposed to, than it doesn't make any sens to continue this. I posted all my config in screenshots and I tested it on virtualbox also tested it on my Dell optiplex PC. Same behaviour. I gues it's a bug somewhere. I'll try another time. Thanks for help anyway.
February 10, 2018, 09:13:13 PM #26
in the rule replaces the protocol "ip" with "ipv4"
February 11, 2018, 11:59:14 AM #27
Thanks for help, but I'm no longer using Opnsense. I also found this topic on opnsense forum, so now I have a proof that I'm not alone. The topic is 2 years old, and it describes exactly the same problem I'm facing.

https://forum.opnsense.org/index.php?topic=3966.0

As I said, I'm no longer on Opnsense, so thanks for your support.
February 12, 2018, 10:06:35 AM #28
I was the first to confirm is not working as expected. The link in the reply upon proves that is not an isolated issue, and is not new. I think this time maybe we should take a better care for this issue, and even if it manifests randomly, now is the time for it to go to github.

I post it there.
Thank you!
Print
Go Up Pages 1 2
User actions