 Okay, so we're gonna talk real quick about buffer bloat. If you're not familiar with buffer bloat, buffer bloat is based on the fact that I have a gigabit connection to my PF sense, but I don't have a gigabit connection out of my PF sense, and there's a lot of little components and a lot of moving network data that may not align. So you're trying to take a large gigabit connection at full rate of a low latency network and then squeeze it out across the internet a higher latency network that may not line up perfectly well. Good news is there's a solution for this. And in PF sense 244, they've added FQ Codel. It's an algorithm that does a great job of cutting down the buffer bloat and aligning the packets in a much better way and queuing them properly, so everything happens in order. Now this is an important part about firewalls. And in the earlier days of like the gaming, the old blue box links this firewalls that were so popular. I remember they would just fail because they couldn't handle the number of connections and they had a lot of problems with this. And a lot of people see this as connections get faster, you do have to update your hardware or update your firewalls to have algorithms to handle the volume of connections and queue the packets in a fair way to efficiently get them out of your network. Now I'm gonna leave a link here to those of you that want to know an in depth look at how token bucket regulators work and how a first in, first out queue works and how you have to regulate that, marked it a great explainer video. It's long, but man, it's a good education into Cattle Queue and how all these things work. And I'm gonna show you how to enable it really quickly here in PF Sense, because with 244, they've made it really easy. It's an easy limiter to use. It's not part of the wizard, so that's why I wanted to make a video on it. You don't just next in West your way through this, but this will help with your buffer bloat problems. So I'll leave a link to Mark's video. It's a great dive into it so you have a better understanding of what's actually going on with the buffer bloat issues and how packet queuing occurs. All right, so my current buffer bloat is a C rating right now with nothing turned on in my firewall. So no traffic shaping, just basically default setting at PF Sense. I'm getting a C rating. So we're gonna go over here, PF Sense 244, and I'm under firewalls, traffic shaper, and then limiters. And we're gonna walk through the, I'll leave a link to the slides that NetGate has on exactly how to set up these limiters, but I'm gonna walk you through it as well. First box, check. And we're gonna start with a WAN down one. So WAN, I don't believe spaces are allowed. So this is WAN down, and we're gonna set it at 60 because I have a 60 megabit connection. So we say bandwidth, bandwidth, megabits, 60, cool. Then we're gonna leave the mask at none, description, WAN down. Q management algorithm, this is the part where we choose Coddle. We choose a scheduler, which we have the first in, first out as default, and we're gonna wanna go ahead with FQ Coddle. They also have some other ones in there if you wanna experiment with them. We have found that 1,000 works for us. That's the default suggested by NetGate. You can change that. I've seen someone mention in forums that it worked better for them at 2,000 or 3,000 because they had a much faster connection. So you may have to adjust the Q length, and this is how the Qs are gonna line up, refer to Mark's video to understand how Qs work, but you can tweak these and you can go in and adjust this. So now we've gone through and enabled, called this one WAN down, no mask, description WAN down, Q type Coddle, FQ Coddle, Q link 1,000, enable explicit congestion notification, checked. These are a blank, save. Now we wanna click on it again, and we wanna add a Q underneath this. And this is gonna make sure we check the enable box. If you get to the firewall rules and you can't find this rule, it's probably because you don't have this Q enabled. I will note that. It's an easy mistake to make because the default lets you create Qs, but doesn't turn them on. So this is the WAN down, Q. I gotta spell down properly. WAN down, Q, Coddle, Q length, you can leave blank here that default seems to be working fine for me. So now we have WAN down and WAN down, Q. Now we're gonna get a new limiter. Enable WAN up. So what's my upload speed? 10, Mag, WAN up. Same thing, we're gonna go with Coddle, we're gonna go with FQ Coddle, Q length of 1,000, save. Click on the WAN up, make sure we're in the right one, add new Q under this, and you guessed it, WAN up, WAN up, Q. Description, WAN, Coddle, and leave Q length, enable this, save, apply. Change has been saved. So now I have a WAN down, WAN down, Q, WAN up, WAN up, Q. So it's ready now to create the rule. So you've created the Qs, but they're not applied to anything and that's where we create a floating rule under the firewall rules. So we go over here to firewall rules, floating, add, choose WAN, direction, out, protocol, any. Now if you're using IPv6, you can use both, I'm only using IPv4, but also make sure you're applying it to any protocol because if you don't, well, it'll only do those protocols. You can also extrapolate from this if you have some custom things you wanna do and create a series of Qs, even based on per protocol. That's a nice feature you can do in here, but for Brevity and for this setup we're doing here, we're just getting Coddle Q running, we're doing it for all the protocols. So protocol any, everything else here is pretty much the same. Also, apply the quick action immediately. Set this option to apply action to traffic that matches immediately. This is gonna basically put it at the top of the rule set because you want this to apply to on top of all your rules, not under them. So now we're gonna go here to advanced, scroll on down, in is gonna be our WAN up Q and out is our WAN down Q. That's important for those of you, it is flipped if you're really thinking about it, but yes, that's the way it should go. And the last thing we wanna make sure we do here is choose the WAN gateway as an option here because you're applying it to the gateway. If you don't do that, it won't apply properly. We're gonna hit save and apply. So now let's run the test again. Now, this is my lab one, so I'm actually doing this in production, but I'll show you my production firewall. Here's what the rule looks like in my production firewall. And I turned it on and off to do the test and it's currently on again. You can just disable this to turn it on or off. And I'd run this test with it off and now let's run the same test with it on. So we're gonna go ahead and reload the page test again. And you can see I've been playing with it to do some testing here. So I'm gonna head and run this one more time. With it on, and we should see an A plus on my buffer bloat rating. And away we go, we went from a C to A all the way across. Pretty straightforward. I'd actually gotten some of the results to be an A plus on this. And what had happened previously when I got the A plus was no one else was here at the office when I was testing this morning. So we got higher speeds. Right now, everyone's here and our systems are doing lots of things. So I know there's a lot of all my servers and connections and all the things we host here are running on it. So there's gonna be more packets in the queue. So I guess I didn't get the A plus rating this time. But this is all you have to do to get this to work. It's pretty straightforward to set these limiters up. It's really easy to do. And you can kind of extrapolate from here not to understand how to set up a limiter if you wanna create a series of limiters for different reasons or to limit different interfaces. But this kinda gets you the idea of this. We did a floating rule and applied it to everything but you can get very fine grained with this and really tweak it if you need to. But this simple basic step right here will reduce the buffer bloat on top of there. And maybe in the future I'll do some more videos about combining it with other traffic shaping. But for the most part, this seems to solve the simplicity of it of just making it work and it works better than doing the wizard but just setting the limiter. All right, thanks. Thanks for watching. If you liked this video, go ahead and click the thumbs up. Leave us some feedback below to let us know any details that you like and didn't like as well because we love hearing the feedback or if you just wanna say thanks, leave a comment. If you wanted to be notified of new videos as they come out, go ahead and hit the subscribe and the bell icon that lets YouTube know that you're interested in notifications. Hopefully they send them as we've learned with YouTube. Anyways, if you wanna contract us for consulting services, you go ahead and hit launch systems.com and you can reach out to us for all the projects that we can do and help you. We work with a lot of small businesses, IT companies, even some large companies and you can farm different work out to us or just hire us as a consultant to help design your network. Also, if you wanna help the channel in other ways, we have a Patreon. We have affiliate links. You'll find them in the description. You'll also find recommendations to other affiliate links and things you can sign up for on launch systems.com. Once again, thanks for watching and I'll see you in the next video.