Page 1 of 2 12 LastLast
Results 1 to 10 of 16
  1. #1
    Newbie
    Join Date
    Jan 2020
    Posts
    7

    Default Some sessions without QoS Priority / Bandwidth Control Priority

    Hi,

    I'm using Untangle 15.1 HomePro, QoS enabled with FQ_CODEL and Application / Bandwidth Control installed.
    My goal - which has been mostly achieved - is to be able to freely utilize my networks bandwidth, but when a video conference starts or I need to work remotely somewhere that takes priority.

    Some questions:
    a) Most sessions in the Sessions viewer look exactly as I would expect - Medium / Medium for both when I didn't have any specific rules. Some sessions however both values are empty. Those are mostly UDP sessions (e.g. OpenVPN, NTP, Facetime call) and Bypassed is false. I would expect them to be Medium / Medium?

    b) Bypassed sessions have a Bandwidth Control Priority - shouldn't they not touch that part of the stack at all?

    c) I know this is a broad question, but FQ_CODEL is marketed as a no-knobs scheduler - is it even necessary for a (busy) home network to set priorities? I have 100 down 40up and even without QoS at all under pfSense things were mostly working fine... except when I had rclone backing up stuff to the cloud while an SFTP download was running and I wanted to have a video call. I'll probably just test it out but I'm interested to hear best practices and the like. Also happy to dive into documentation if I missed any.

    Thanks for the help in advance!

  2. #2
    Untangle Ninja Jim.Alles's Avatar
    Join Date
    Jul 2008
    Location
    Central PA
    Posts
    2,174

    Talking Welcome

    ...to Untangle, and the forums!

    Quote Originally Posted by gphreak View Post
    b) Bypassed sessions have a Bandwidth Control Priority - shouldn't they not touch that part of the stack at all?

    c) I know this is a broad question, but FQ_CODEL is marketed as a no-knobs scheduler - is it even necessary for a (busy) home network to set priorities?
    b) No. Two different 'stacks'. From #config/network/advanced/qos/rules
    Note: Custom Rules only match Bypassed traffic.
    http://wiki.untangle.com/index.php/QoS_FAQs#Why_do_custom_rules_only_match_bypassed_traffic


    c) No-knobs packet queuing scheduler. It still respects and handles user-defined priorities of flows (sessions), with multiple queues. This looks like a good article:
    https://book.systemsapproach.org/congestion/queuing.html

    It is the queue slot tuning that is no-knobs. And cake is even better at it!
    Up-voter here:
    https://untanglengfirewall.featureupvote.com/suggestions/50211/cake-for-better-bufferbloat-and-latency-management

  3. #3
    Untangle Ninja Jim.Alles's Avatar
    Join Date
    Jul 2008
    Location
    Central PA
    Posts
    2,174

    Question

    Quote Originally Posted by gphreak View Post
    a) Most sessions in the Sessions viewer look exactly as I would expect - Medium / Medium for both when I didn't have any specific rules. Some sessions however both values are empty. Those are mostly UDP sessions (e.g. OpenVPN, NTP, Facetime call) and Bypassed is false. I would expect them to be Medium / Medium?
    I am at a loss here, so a couple of questions:
    1. What version of NGFW are you running?
    2. This isn't SD-WAN, is it?
    3. Exactly what is this 'session viewer' -- what is the URL in the browser?

  4. #4
    Newbie
    Join Date
    Jan 2020
    Posts
    7

    Default

    Hi, thanks for taking the time to respond!

    I'm running Untangle NG Firewall 15.1.0. I'm not allowed to post images yet.
    The session viewer has the URL: hxxps://untanglebox/admin/index.do#sessions

    It looks like this:
    Protocol | Bypassed | Hostname | Bandwidth Control | QoS Priority | Server Interface | Server Port
    UDP | false | mBP2018 | | | External [1] | 9000
    UDP | false | mBP2018 | | | External [1] | 9000
    TCP | false | AppleTV | Medium | Medium | External [1] | 443
    TCP | false | AppleTV | Medium | Medium | External [1] | 443
    TCP | false | mBP2018 | Medium | Medium | External [1] | 443

    As you can see two sessions have no QoS / Bandwidth Priority. Allmost all others do and I haven't been able to figure out why. I thought it's all UDP sessions but it's not.

    Bypassed Sessions
    Yes exactly, that was my understanding. Bypassed traffic = normal linux stack, Non-bypassed traffic Untangle stack.

    As you can see in the screenshot Non-bypassed sessions still show QoS Priority not only Bandwidth Control. Same is true for Bypassed sessions, where I would expect not to have a Bandwidth Control Priority.

    FQ_CODEL
    Yes I understand that it still respects my priority settings. I just wondered if best practice is to do that or just leave FQ_CODEL doing it's thing. Probably too broad of a question.
    Attached Images Attached Images

  5. #5
    Untangle Ninja Jim.Alles's Avatar
    Join Date
    Jul 2008
    Location
    Central PA
    Posts
    2,174

    Default

    I found those additional columns for that there (thank you). I am not sure why there isn't more reporting options elsewhere.
    The fact that QoS and Bandwidth Control columns are identical looks suspect, to me.
    There is also an outstanding issue, that may be related. I will wait for the upcoming date release to check again.
    https://jira.untangle.com/browse/NGFW-13102?jql=text%20~%20%22qos%20statistics%22

    I don't happen to have any blank rows.


    Quote Originally Posted by gphreak View Post
    FQ_CODEL
    Yes I understand that it still respects my priority settings. I just wondered if best practice is to do that or just leave FQ_CODEL doing it's thing. Probably too broad of a question.
    I don't know how the linux kernel (w/ FQ-CoDel selected) and the Bandwidth Control application interact.
    c) I know this is a broad question, but FQ_CODEL is marketed as a no-knobs scheduler - is it even necessary for a (busy) home network to set priorities?
    Although I agree FQ_CoDel does a good job, it can't do the limiting function, to enforce quotas, etc.
    These should be used in situation where the goal is to restrict traffic regardless of if there is more bandwidth available.
    --from: http://wiki.untangle.com/index.php/QoS#About_QoS

    So Bandwidth Control / QoS Rules can do customized traffic shaping. It gives you some knobs back when you need it. FQ-CoDel is just a black box that is implemented on each flow lane.
    Last edited by Jim.Alles; 06-22-2020 at 10:49 AM.

  6. #6
    Untangle Ninja Jim.Alles's Avatar
    Join Date
    Jul 2008
    Location
    Central PA
    Posts
    2,174

    Cool Tech Talks: Bandwidth Control

    "Join us for the Tech Talks webinar on a popular app, Bandwidth Control. This highly technical webinar will take you through the advanced configuration features available for the app, including a demonstration, how to configure, and answer questions."

    What we’ll cover:
    • Optimize QoS
    • Identify and prioritize WAN traffic
    • How Bandwidth Control works with other apps
    • Bypass traffic vs. filtered traffic
    • Custom rules

    Audience: Untangle customers and interested IT pros who want to learn about the NG Firewall solution and deploying the Bandwidth Control application.

    Prerequisites: Familiarity with Untangle NG Firewall and networking concepts.

    https://www.youtube.com/watch?v=qZ0FAhBjG5M
    tangofan likes this.

  7. #7
    Untangle Ninja Jim.Alles's Avatar
    Join Date
    Jul 2008
    Location
    Central PA
    Posts
    2,174

    Default

    One of the things mentioned in the tech talk is that even if you are not going to use Bandwidth Control rules, installing the app gives you the reporting.
    sperman likes this.

  8. #8
    Newbie
    Join Date
    Jan 2020
    Posts
    7

    Default

    Thanks for the links!

    Regarding the sessions without w/o priority. I'm seeing a few of them - all of them UDP. I wonder if it's just a display error.

  9. #9
    Untangle Ninja Jim.Alles's Avatar
    Join Date
    Jul 2008
    Location
    Central PA
    Posts
    2,174

    Default

    Can you find those sessions in Bandwidth Control / Prioritized sessions Report?
    They won't show up there if the priority = 0, though.

    And it is helpful to give us more of the frame with screenshots, to include the URL like this:

    bcps.png

  10. #10
    Newbie
    Join Date
    Jan 2020
    Posts
    7

    Default

    Thanks Jim,

    didn't realize there was this report! I can't find the sessions there, only the ones I set to "High" or "Very High". I can find a session that has no priority at all in "All Sessions" though with Priority 0.

    The odd thing is that other sessions that show priority Medium (instead of empty) also have Priority 0.

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2