Feature #7904
closed
Automatic Bandwidth Limiter on Dummynet
0%
Description
Add an automatic bandwidth limiter to pfSense that dynamically limits Down and Up speeds on WAN based on latency in order to ensure that Dummynet limiters are always set slightly lower than the current WAN link.
The point is to make dummynet a more viable/reliable option for users whose connection speeds vary significantly during peak hours.
Adding this feature in the Web-GUI under Limiters would be a very effective and user-friendly form of traffic shaping on pfSense.
Idea from the following forum thread and post:
https://forum.pfsense.org/index.php?topic=137239.0
https://forum.pfsense.org/index.php?topic=126637.msg751326#msg751326
Updated by Jim Pingle over 6 years ago
- Status changed from New to Rejected
- Target version deleted (
2.4.1)
It's not possible. The firewall has no way to determine the actual circuit speed, it must be set manually. A speed test would rely on an outside service and there is no way to ensure such a service would be accurate for everyone (plus, who would run that service, eat the bandwidth costs, etc?)
Updated by duev s over 6 years ago
The idea isn't to use a speedtest.net to monitor actual bandwidth, but to monitor ping latency to see if the dummynet is catching the traffic. So if the pipe is full, but less than what the dummynet is set at (due to peak hour traffic congestion slowdown) then latency would increase beyond a set value.
When the latency increases beyond the threshold, then pfSense would automatically decrease the available bandwidth by X amount for X period of time - and continue to monitor, if latency is still above the threshold X time later, then decrease more.
After the ping reduces beneath the threshold, it allows the bandwidth to increase by X amount, monitors, and if ping remains within threshold, continues to allow increase in bandwidth and steps back up to the max value set in dummynet. If ping latency at some point goes beyond the threshold then it steps down the bandwidth again.
Basically bracketing bandwidth based on latency.
In my case, if i set dummynet limits below my current bandwidth, and monitor ping latency while filling the pipe it stays very low and is very consistent.
If I increase dummynet limits above what my bandwidth is, monitor ping and fill the pipe then latency rapidly goes into the hundreds and fluctuates but remains at a large value.
So, it is very apparent when dummynet is not catching my traffic by watching ping latency.
Preferably using a number of user-defined ping targets to increase reliability.
Other routers do use this method to adjust bandwidth successfully, and it doesn't cost much bandwidth to do so.
Please see this post: https://forum.pfsense.org/index.php?topic=137239.msg750900#msg750900
Updated by Jim Thompson over 6 years ago
Actually, it seems completely possible. Van Jacobson’s “pathchar” showed so 20 years ago.
https://www.caida.org/tools/utilities/others/pathchar/pathcharnotes.html
Updated by duev s over 6 years ago
Thanks Jim!
I really think this would be a highlight feature for pfSense.
It would be very effective traffic shaping for many home and small business scenarios that is also easy to configure. That's no small feature.
Updated by Jim Pingle over 6 years ago
- Status changed from Rejected to Needs Patch
- Priority changed from Normal to Very Low
It's possible in some specific circumstances, but I don't see one of those being a way that would work properly with dummynet (limiters). It also still requires you to probe an external source at a specific destination (which would always have to respond as fast as your circuit allows), gets more difficult at higher bandwidth amounts (Takes ~16 minutes to probe minimum on a high speed link), and assumes all latency is from throughput saturation, which isn't necessarily true.
If someone comes up with a viable implementation, I'd love it see it work, because it would be useful. But like many ideas, it's simple to think of but difficult to implement.
Updated by duev s over 6 years ago
Thanks Jim(s) ;)
A bounty has been created for this project to be completed and submitted to be added to pfSense.