[Tutorial] - How to configure fq_codel for comcast to help bufferbloat / QoS

deafkid13 · September 02, 2023, 07:23:44 PM

From C>A+ all thanks to everyone on this post.

I have 1GB fiber with google Fiber for both upload and download.

Before
Bufferbloat Grade C
Unloaded 18ms
Download Active +17ms
Upload Active +171ms

Putting 900 Mbits/s on download pipe, and 850 Mbit/s on Upload pipe.

After
Bufferbloat Grade A+
Unloaded 18ms
Download Active +1ms
Upload Active +1ms

For some odd reason my upload active goes really high after 900, the sweet spot for me was 850. Hope this helps anyone.

Tismofied · December 10, 2023, 05:58:05 PM

Anybody here with AT&T fiber and using BGW320 ?
I set mine up as ip pass through, OPNsense baremetal latest version.
I am getting D grade all the time now. Before with spectrum non fiber on their gig service I managed to get A+ multiple times.

Update: got A+. Just had to dial in the upload cap

clutchmaster · January 28, 2024, 12:46:25 PM

what am i doing wrong!

followed this exactly and discovered that i have no control over upload speed and has added a 300ms upload spike
either opnsense is bugged or this tutorial is wrong ive literally told it to cap upload to 5mbs and its still hitting max line capacity

or is it only capping upload when something is downloading

fixed it

Tismofied · July 13, 2024, 11:12:01 PM

How?

MagikMark · July 21, 2024, 05:12:56 AM

There's a comprehensive guide in pfsense. Just convert it to opnsense. It works perfectly well. Pay attention to the footnote at it has other tips on fqcodel parameters

https://isc.sans.edu/diary/Securing+and+Optimizing+Networks+Using+pfSense+Traffic+Shaper+Limiters+to+Combat+Bufferbloat/27102

MagikMark · July 22, 2024, 03:54:43 AM

Does anyone know the equivalent of "Queue Length" of pfsense in Opnsense?

Patrick M. Hausen · July 22, 2024, 09:43:42 AM

Quote from: MagikMark on July 21, 2024, 05:12:56 AM
There's a comprehensive guide in pfsense.

Guess what? There is one for OPNsense, too:

https://docs.opnsense.org/manual/how-tos/shaper_bufferbloat.html

franco · July 22, 2024, 09:51:17 AM

To be fair it is pretty new and you have to search for it ;)

Cheers,
Franco

meyergru · July 22, 2024, 10:29:52 AM

Traffic shaping like depicted in the docs generally works, but there is a caveat: With at least one provider (Deutsche Glasfaser), the IPv4 connection gets completely dropped if traffic shaping is enabled and the connection limits are reached.

Seimus · July 22, 2024, 11:20:42 AM

Thanks for posting the guide from docs! It was co-created with the help of bufferbload community and discussed with the one of the creators of the algorithm.

Quote from: MagikMark on July 22, 2024, 03:54:43 AM
Does anyone know the equivalent of "Queue Length" of pfsense in Opnsense?

If you use FQ_C, there are 3 queue lengths that can be set up, however one of them does nothing, and second can not be set from GUI cause OPNsense doesnt have the option. In reality you care only about the queue length defined by FQ_C which is limit.

The queue lengths are:
1. queue in the Pipe - this is not used when you create a Queue by yourself in the Queue TAB. It is only important when you create Pipe with directly attached rules to those Pipe. A dynamic queue will be created this value sets the length of the queue. Can be let on default with FQ_C.

2. queue in the Queue tab - this specifies the queue length for the Queue. However OPNsense doesn't have a setting for it, its possible to specific it via ipfw command. Can be let on default with FQ_C.

3. limit in the FQ_C - this is the queue length that is most important, as it specifies how many packets can be queued/stored by the FQ_C algorithm.

The default size of queue which specifies the queue length for a manually created Queue is 50, which is a default for Ethernet is enough, this queue size is front of the FQ_C. FQ_C handles all flows separately and divides them per the 5-tuple into his dynamic queues it creates per flow.

Regards,
S.

Seimus · July 22, 2024, 11:23:08 AM

Quote from: meyergru on July 22, 2024, 10:29:52 AM
Traffic shaping like depicted in the docs generally works, but there is a caveat: With at least one provider (Deutsche Glasfaser), the IPv4 connection gets completely dropped if traffic shaping is enabled and the connection limits are reached.

This is interesting, is it applicable to overall traffic shaper or only when you run FQ_C?

Regards,
S.

meyergru · July 22, 2024, 11:30:00 AM

I never tried anything besides FQ_CODEL, because bufferbloat was my main concern. Alas, I had to stop trying, because the affected devices are remote and I lose contact each time this happens. Thus I ceased my experiments w/r to this.

I also have no idea what is happening there, because the same settings work fine with other providers.

Seimus · July 22, 2024, 11:50:23 AM

Quote from: meyergru on July 22, 2024, 11:30:00 AM
I never tried anything besides FQ_CODEL, because bufferbloat was my main concern. Alas, I had to stop trying, because the affected devices are remote and I lose contact each time this happens. Thus I ceased my experiments w/r to this.

I also have no idea what is happening there, because the same settings work fine with other providers.

I see,

well the description and behavior in your German thread (I used google translate so maybe I misinterpreted something) sounds to me like issues with slow start or new flow start. For FQ_C bad performance or problems during slow/new start are usually caused by two reasons ECN & limit.

Regards,
S.

meyergru · July 22, 2024, 08:41:19 PM

Which is why I tried with and without ECN to no avail. But it was worse than just bad performance - the IPv4 connection broke down completely and was rebuilt only after a few minutes of outage. Because of the remote access, I could never see what really happens during that time.

However, I think that this ISP has some kind of misuse protection that gets triggered, because I had similar problems when I failed to filter RFC1918 addresses on the WAN interface. I was quite stunned when I saw some RFC1918 packets going out over my WAN connecttion and found that this can happen when some devices target arbitrary IPs which get directed at the default gateway and which are not defined in any local networks.

Kinerg · July 27, 2024, 09:10:56 AM

Quote from: Seimus on July 22, 2024, 11:50:23 AM
For FQ_C bad performance or problems during slow/new start are usually caused by two reasons ECN & limit.

What is the final suggestion on ECN enable/disable? Resources, manuals, guides and forum posts are inconsistent regarding this. Some say to enable both for download and upload, some to disable it for upload. OPNsense guide isn't quite clear if it should be enabled or disabled for upload.

What does slow start refer to exactly and is there an easy way to test it?

Thank you!

[Tutorial] - How to configure fq_codel for comcast to help bufferbloat / QoS

deafkid13

September 02, 2023, 07:23:44 PM #15

Tismofied

December 10, 2023, 05:58:05 PM #16 Last Edit: December 11, 2023, 12:55:02 PM by Tismofied

clutchmaster

January 28, 2024, 12:46:25 PM #17 Last Edit: January 28, 2024, 01:03:42 PM by clutchmaster

Tismofied

July 13, 2024, 11:12:01 PM #18

MagikMark

July 21, 2024, 05:12:56 AM #19

MagikMark

July 22, 2024, 03:54:43 AM #20

Patrick M. Hausen

July 22, 2024, 09:43:42 AM #21

franco

July 22, 2024, 09:51:17 AM #22

meyergru

July 22, 2024, 10:29:52 AM #23

Seimus

July 22, 2024, 11:20:42 AM #24 Last Edit: July 22, 2024, 11:25:31 AM by Seimus

Seimus

July 22, 2024, 11:23:08 AM #25

meyergru

July 22, 2024, 11:30:00 AM #26

Seimus

July 22, 2024, 11:50:23 AM #27

meyergru

July 22, 2024, 08:41:19 PM #28

Kinerg

July 27, 2024, 09:10:56 AM #29