I am sure that I did something wrong here and I was wondering if someone could explain what. I have a cable connection that is rated at 50/10 Mb. If I let it go on it's own I will get about 60/12 Mb but I will also get bufferbloat in the range of 2000 to 3000 ms. To deal with this I wanted to use limiters and limit the traffic on my WAN to about 55/10 MB. I created a limiter for download speed and one for upload and then created a floating rule with the interface of WAN, direction of in, and set my limiter. Then I created another floating rule for the out direction.
Here is the strange part, the limiter seemed to do what I wanted but.... With the limiter active, this is what I see in a traceroute to Google DNS # traceroute 8.8.8.8 traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 60 byte packets 1 bulldog (10.1.1.1) 0.261 ms 0.233 ms 0.213 ms 2 google-public-dns-a.google.com (8.8.8.8) 0.573 ms 0.370 ms 0.755 ms 3 google-public-dns-a.google.com (8.8.8.8) 0.733 ms 0.915 ms 1.103 ms 4 google-public-dns-a.google.com (8.8.8.8) 8.309 ms 9.100 ms 9.098 ms 5 google-public-dns-a.google.com (8.8.8.8) 11.277 ms 11.266 ms 11.251 ms 6 google-public-dns-a.google.com (8.8.8.8) 11.598 ms 11.409 ms 11.379 ms 7 google-public-dns-a.google.com (8.8.8.8) 10.632 ms 8.283 ms 9.084 ms 8 google-public-dns-a.google.com (8.8.8.8) 12.264 ms 12.008 ms 13.683 ms 9 google-public-dns-a.google.com (8.8.8.8) 11.283 ms 13.656 ms 11.252 ms 10 google-public-dns-a.google.com (8.8.8.8) 13.577 ms 13.581 ms 13.572 ms 11 google-public-dns-a.google.com (8.8.8.8) 12.265 ms 12.253 ms 12.041 ms 12 * * google-public-dns-a.google.com (8.8.8.8) 5.030 ms 13 google-public-dns-a.google.com (8.8.8.8) 4.196 ms 8.344 ms 8.337 ms 14 google-public-dns-a.google.com (8.8.8.8) 9.941 ms 9.625 ms 9.462 ms But, with the limiter disabled, things look more normal. # traceroute 8.8.8.8 traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 60 byte packets 1 bulldog (10.1.1.1) 0.243 ms 0.215 ms 0.200 ms 2 10.1.10.1 (10.1.10.1) 0.374 ms 0.360 ms 0.536 ms 3 border.hoganzoo.com (gw_address) 0.728 ms 0.723 ms 0.897 ms 4 96.120.13.133 (96.120.13.133) 7.680 ms 8.870 ms 8.651 ms 5 ae-105-rur102.aurora.co.denver.comcast.net (162.151.38.37) 11.258 ms 11.447 ms 11.429 ms 6 ae-2-rur101.aurora.co.denver.comcast.net (68.86.128.33) 12.526 ms 12.323 ms 12.306 ms 7 ae-24-ar01.denver.co.denver.comcast.net (68.86.103.13) 13.553 ms 12.348 ms 12.535 ms 8 be-33652-cr02.1601milehigh.co.ibone.comcast.net (68.86.92.121) 13.707 ms 9.035 ms 9.424 ms 9 be-11721-cr02.denver.co.ibone.comcast.net (68.86.86.77) 9.826 ms 10.056 ms 10.227 ms 10 be-11795-pe02.910fifteenth.co.ibone.comcast.net (68.86.83.6) 9.619 ms 9.606 ms 10.558 ms 11 173.167.58.142 (173.167.58.142) 9.559 ms as1239-pe01.ashburn.va.ibone.comcast.net (75.149.228.174) 10.154 ms 10.136 ms 12 108.170.252.193 (108.170.252.193) 10.131 ms 108.170.252.209 (108.170.252.209) 10.112 ms 108.170.252.193 (108.170.252.193) 10.102 ms 13 64.233.175.71 (64.233.175.71) 14.131 ms 64.233.175.43 (64.233.175.43) 14.102 ms 64.233.175.71 (64.233.175.71) 8.878 ms 14 google-public-dns-a.google.com (8.8.8.8) 8.848 ms 9.255 ms 9.852 ms Ahhh, What ?!?!? Thank for any ideas. Regards, Tim _______________________________________________ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
