pfSense FQ_CoDel & Bufferbloat

I’ll start with – Tom from Lawrence Systems absolutely nailed the tutorial for this!

Bufferbloat is something that sits in my mind, recently I’ve picked up the gaming mantle again and latency has been greatly improved by me now being on FTTP as opposed to the old SoGEA FTTC service. Improving that latency though and making it more even is something I’ve always been on top of previously using a USG3 (smart queues), then SFQ on MikroTik before FQ_CoDel when ROS7 launched and then more recently FQ_CoDel with pfSense. Other queue algorithms are about and work to a degree but FQ_CoDel is the one I’ve had most success with.

I followed some YT videos in the past and thought I’d taken in the documentation properly but it turns out I hadn’t, Tom nailed it with this recent video though and following this moved me from an A to an A+ on the bloat test.

It’s super simple and in general if you’re doing anything latency dependant I’d highly advise implementing some kind of FQ_CoDel

Windows Home Lab?

I’ve got an IT based project on again! It’s been an absolute age since I’ve been “interested” in my IT and computers and servers and all things good like this but I’ve got a project on my hands, add in as well I currently have a renewed interest in learning and relearning some network essentials and generally needing to sharpen back up on these things (more to come on that in the future).

So…
I had a spare HP Gen8 Microserver with one of the 1260 Xeon’s (4c8t) and 16GB RAM so a decent little box by most accounts. A quick amazon order for 2 Oracle SSD>HDD mounting brackets and I’ve got 2 Crucial 240GB SSD’s in the first two 6Gb SATA drive bays.

A quick hop over onto Gamers Outlet and I’d bagged a Server 2022 license and probably 10 minutes of installing later I have a decent little server running. This is being used now in 2 parts, firstly for my project to look at guest accounts, remote desktop access and how to lock down users. The second part of it is to spin up a HyperV environment and get some MikroTik CHR’s talking to each other! A return to MikroTik world albeit brief as I don’t envisage my work going that way again any time soon, it was good to use Tik to understand the concepts and replicate in my own way.

More to come as the IT project unfolds and yeah maybe more networky stuff…

ReInstalled pfSense CE

I said I wasn’t going to but then I’ve lost access to some of the packages I was using and am unable to install any more so it was time to sidegrade to the CE from Plus. I’ve watched Tom from Lawrence Systems YouTube video on how to do it a couple of times and to be fair the process was perfectly easy.
Backup>Reinstall>Restore

Whilst my firewall was down I took advantage and upgraded the BIOS which had eluded me on the last shutdown but this time it was done without issues.

Back up and running and absolutely nothing specal to report which is kind of what you want of a firewall. No problems, no oddities.

Still got this odd “can’t reach Gb” problem on the WAN which I think is down to signle core performance but I can lve with it for now being as changes may be coming soon in that department anyway.

10Gb Firewall > Core Switch

My Intel X520 card have arrived and have been far better than expected. They’re both like new, one even has the LP bracket with it and all 4 Intel SFP’s are like brand new.
I moved both my LAN and WAN interfaces to the R210’s onboard coppers and installed the new card, connected up with a temporary fibre patch cable and it came straight up. LAN moved back onto the 10Gb along with the VLAN’s and we are now live with 10Gb Firewall>Switch>CaveSwitch – Complete 10Gb backbone.

Will it make a difference day to day? Nope. But it’s been an itech I’ve been dying to scratch and now I have a spare X520 to install into the backup server and get rid of the 4 ether LACP.

10Gb Upgrade has started!

I’ve ran a 10Gb link from Attic to ManCave for quite a while now and it’s always been in the back of my mind to stretch it out a little bit more. The unRAID server now using a 2.5Gb into the Cave switch eased things a bit however I have just managed to win an auction for two Intel 10Gb PCIe SFP+ cards with SFP+’s so the plan is to put one in the Dell firewall so we have 10Gb Firewall to Attic Switch and then I’ll still have a spare whih may go in the unRAID box or it may go in the Backup Box.