pfSense Support Subscription

Author Topic: Amazon AWS Backup Shaping to lower priority queue [Resolved]  (Read 428 times)

0 Members and 1 Guest are viewing this topic.

Offline davidmoore

  • Newbie
  • *
  • Posts: 3
  • Karma: +0/-0
    • View Profile
I have created an Alias specifying ALL of Amazon's IP ranges. I then created a floating rule specifying that alias and 443 as the destination. I selected qACK/qOtherLow to be the queues for this rule. All other 443 traffic should be qOtherHigh per a default wizard rule. As I'm performing my backup and I look at my Status>Queues page, I see qOtherHigh with utilization, but I don't see qOtherLow with utilization. I've confirmed that my floating rule exists at the top of the list, as I'm assuming order of operation matters. Also, when I view the rule, I show states are being matched to it. I'm confused as to why pfSense isn't queueing my backup traffic correctly. Is this possibly a bug? What other information can I provide for troubleshooting?
« Last Edit: May 19, 2017, 12:37:40 pm by davidmoore »

Offline KOM

  • Hero Member
  • *****
  • Posts: 5359
  • Karma: +666/-19
    • View Profile
Re: Amazon AWS Backup Shaping to lower priority queue
« Reply #1 on: May 19, 2017, 09:07:50 am »
For floating rules last match wins (the Quick option is unchecked), so putting your rule at the top may be part of the problem.  Also, you need to clear states before the change takes effect.

Offline davidmoore

  • Newbie
  • *
  • Posts: 3
  • Karma: +0/-0
    • View Profile
Re: Amazon AWS Backup Shaping to lower priority queue
« Reply #2 on: May 19, 2017, 09:42:33 am »
For floating rules last match wins (the Quick option is unchecked), so putting your rule at the top may be part of the problem.  Also, you need to clear states before the change takes effect.

Okay, so I read more about this and floating rules still do topdown processing, but it will choose the last rule that matches in the list unless Quick is selected. If Quick is enabled then it will stop processing that packet and go ahead and make the match.

I have quick enabled on that rule and it's at the top of the list.

Offline Nullity

  • Hero Member
  • *****
  • Posts: 973
  • Karma: +96/-9
    • View Profile
Re: Amazon AWS Backup Shaping to lower priority queue
« Reply #3 on: May 19, 2017, 12:33:46 pm »
For floating rules last match wins (the Quick option is unchecked), so putting your rule at the top may be part of the problem.  Also, you need to clear states before the change takes effect.

Okay, so I read more about this and floating rules still do topdown processing, but it will choose the last rule that matches in the list unless Quick is selected. If Quick is enabled then it will stop processing that packet and go ahead and make the match.

I have quick enabled on that rule and it's at the top of the list.

According to https://doc.pfsense.org/index.php/What_are_Floating_Rules (at the bottom of the page):

"Rules using the Queue action do not work with quick checked."
Please correct any obvious misinformation in my posts.
-Not a professional; an arrogant ignoramous.

Offline davidmoore

  • Newbie
  • *
  • Posts: 3
  • Karma: +0/-0
    • View Profile
Re: Amazon AWS Backup Shaping to lower priority queue
« Reply #4 on: May 19, 2017, 12:36:45 pm »
For floating rules last match wins (the Quick option is unchecked), so putting your rule at the top may be part of the problem.  Also, you need to clear states before the change takes effect.

Okay, so I read more about this and floating rules still do topdown processing, but it will choose the last rule that matches in the list unless Quick is selected. If Quick is enabled then it will stop processing that packet and go ahead and make the match.

I have quick enabled on that rule and it's at the top of the list.

According to https://doc.pfsense.org/index.php/What_are_Floating_Rules (at the bottom of the page):

"Rules using the Queue action do not work with quick checked."

Thanks. I think this issue is resolved.