When administering a network of hundreds of computers, phones and tablets that all share a 3 Mbit/s link, one of the more important requirements is some form of traffic shaping. In fact, when you’re watching your emails download at a cool rate of five words a minute because someone is uploading the complete works of Shakespeare (the Blu-ray edition) onto YouTube, the choice becomes that of traffic shaping or homicide. While homicide is the easy option, unfortunately it has become illegal in most countries, so we have to go with the hard option if we want to avoid jail time.

The idea behind traffic shaping isn’t that complex. Imagine that each packet you send and receive is a car and your internet connection is the highway. Now, imagine that your highway has no lines painted on it and that every car pushes its way through as fast as possible. If you only have a few cars on the highway, this setup works fine. Traffic gets through as quickly as possible as there’s no build-up at either end. This is a normal connection with no traffic shaping.

Now, imagine this same highway with a huge amount of traffic. Two words: Traffic jam. Traffic gets backed up at the end of the highway, and, due to the lack of organization, everybody (including the emergency services) has to wait until they’ve managed to push their way through. Obviously not a very optimal way to organize traffic. This is a normal connection when you’re uploading or downloading a movie. Everything else slows to a crawl.

The thing is, not all traffic is created equal. In the real world, we’d like to think that emergency services will be able to make it through any traffic jam quickly, and most of us wish that the truck convoys would get off the road when traffic is really bad. In the same way, some internet traffic depends on being delivered in realtime (think Skype, video conferencing or SSH sessions), while normal traffic should be reasonably fast (think web browsing), and some traffic is best allowed through only when the road is empty (think large downloads or P2P stuff).

Traffic shaping allows us to separate our metaphorical highway into multiple lanes that can expand or shrink depending on need within limits that we set. And in our school, we need lots of lanes. You see, normally you would split your traffic into the three segments listed above, but we want to have our traffic split among teachers, students and guests, with each of their lanes further split in the above segments (realtime, normal, slow).

For the last few years we’ve used a CentOS 5 box running a customized version of the Wonder Shaper script to shape our traffic, but (mainly because of my deficiencies) it’s not quite been the wonder we’ve been looking for. Slow teacher traffic was put into the fast student lane and a guest watching a YouTube video would slow down the net for everyone else.

After some major problems adopting our Wonder Shaper script to multiple WANs (we have two ISPs, one giving us 2M/1M and the other 1M/512K), I finally decided to look around and see what the alternatives were. PfSense is something that I had been playing around with and I decided to try its traffic shaping capabilities.

It’s amazing! You create queues (lanes in our metaphorical highway), and each queue can contain other queues. So we have a teacher’s queue, a student’s queue, a guest queue and a few other top level queues. Inside each top-level queue is a set of child queues for realtime, normal and slow internet. For example, our teachers get an average bandwidth of 30% and a maximum bandwidth of 50%. In other words, if our internet connection is being fully utilized, teachers will get 30%. If nobody is on the net at all, teachers can get up to 50%. But, it gets even better. Within these percentages, realtime stuff gets 30% of the teacher’s bandwidth, normal web stuff gets another 30%, junk (Facebook, YouTube) gets 25% with a hard limit of 60% of the teachers’ maximum bandwidth, and any bulk stuff gets 15% with a hard limit of 30% of the teachers’ maximum bandwidth.

Duplicate the same percentages for the students, and then again for our guests (except they get a lower average bandwidth and much lower maximum bandwidth) and you get the picture. Add in the bandwidth set aside for our servers, and you end up with lane rules that are incredibly complex, but with smoothly-moving traffic that doesn’t get piled up at either end of the highway. And you didn’t have to kill anyone to achieve it.

If there’s interest, I’ll publish a more technical post including a partial rule list and explain how I got this mess to work with squid (which was necessary for being able to sort the different web destinations into different queues).

Updated 2018-08-14 to point to archive of wondershaper since www.lartc.org is down

One of the advantages of being on furlough in the States has been the ready supply of cheap(er) electronics that can be bought over the net. I’ve become a huge fan of Amazon and eBay, but one of the downsides of online retailers as opposed to retailers where you meet the salespeople face-to-face is that it is much harder to tell the difference between one that has integrity and one that… doesn’t.

In the beginning of November, my wife and I decided to buy a digital camera as the LCD display on our old one was broken. After much research, we settled on the Sony HX9V, and I found it on an online site called AjRichies.com (not linking for obvious reasons) for $30 cheaper than Best Buy. I went ahead and placed an order. And that’s when the fun began.

It started with a phone call from a guy with a distinctive New York accent the next day to “clarify” my billing information. At the end of the conversation, Mr. New York tells me that I’ve gotten a great camera, but the stock battery that comes with it is only good for 30 minutes. He suggests that I get a long-life battery that will last for 3 hours – only $39.95. A 6X increase in capacity for $39.95 sounds pretty good, so we go for it. The guy then tries to talk me into getting a high-speed SD card, but we decide to pass on it as we already have a perfectly good 4GB SD card.

Almost two weeks later, I receive notice that they’ve shipped the package, and they also ask me to review them at ResellerRatings.com. A further two weeks later, my order arrives. When I open up the box, there’s the camera and there’s the spare battery. I looked at the battery and it’s some no-name brand rated at 1350mAh. I then open the camera box and look at the stock battery. It is rated at 900mAh. 1350. 900. The 1350mAh battery has only 50% more capacity than the stock battery. So either the stock battery will last for 2 hours of continuous shooting or the “long-life” battery will only last 45 minutes. Either way, the guy on the phone lied to me.

I decide to return the battery, and that’s when I realize what I’ve gotten myself into. I come across this site that has a lot of comments detailing how AjRichies.com (before a name change) works. It seems that their normal modus operandi is to list an item really cheap and then phone you with an upsell when you buy their item. It appears that if you decide against the upsell, there’s a good chance they’ll cancel your order, and, if you do order an extra item or two and then want to return them, they charge you a 15% restocking fee.

Bearing this in mind, I call up customer service and tell them that I want to return the long-life battery. They tell me that I’ve called sales and they’ll transfer me to customer service. I wait on hold for a good ten minutes, and, next thing I know, I’m talking to Mr. New York again.

First he tells me that he is sales and I should have called customer service. I explain that sales had transferred me to him, and beg him to help me. So he asks what the problem is and I explain that I want to return the long-life battery. He then tries to tell me that a 1350mAh battery can last six times longer than a 900mAh battery (something akin to a used-car salesman telling you that a car that gets 45 mpg gets six times better mileage than a car that gets 30mpg). When I insist on returning the battery, he tells me that I need to talk to customer service and transfers me. After waiting on hold for 25 minutes, I finally hang up. Round one goes to AjRichies.com.

I call up customer service again, and it’s Mr. New York again. When I ask if I’m talking to customer service, he says yes, and then (I assume as he recognizes my voice) quickly backpedals and tells me that he’ll transfer me to customer service. The next guy I speak to goes through the same process of trying to convince me to stick with the battery, and, only after much arguing, finally agrees to give me an RMA number so I can return the battery. I ask him how much I’ll get back, and he tells me something like $33.96. After pointing out that they had lied to me, he finally agrees to waive the 15% restocking fee, but it’s still my responsibility to pay shipping. Round two goes to me (mostly).

So I ship the battery back to them, and then wait until they’ve transferred the money back into my credit card account. I then go to ResellerRatings.com and leave this review. Within minutes, I receive an email requesting that I call them. By next morning, they obviously decide that they’ve waited for my call long enough. I receive a phone call from “Adam” in customer service.

He starts by asking why I’m unhappy. I summarize my point of view of the whole situation and tell him that I’m not happy being lied to, being put on hold indefinitely and feeling like I’m being taken advantage of. He argues that I’ve gotten the camera “$100 cheaper than anywhere else”, suggesting that I’ve gotten off lightly because they have given me the full refund for the battery, and basically says that a couple of phone calls is a cheap price to pay for the camera.

When I point out that I did have to pay shipping to return the battery to them, he immediately jumps on my statement and offers to pay me $10 to cover shipping and the time I’d wasted. But this is contingent on me changing my review at ResellerRatings.com. He then tries to cajole me into changing my review while I’m on the phone with him. When I politely decline he says, “We try and sell a nice product cheap, but I guess we can’t please everyone,” and ends the call.

So why did I refuse to change my review? In the end it comes down to this. I expect the companies I deal with to have integrity. If your sales strategy involves deceiving your customers, you do not have integrity. If the only time you’ll do right by your customers is when they’re twisting your arm, you do not have integrity. If you offer to pay customers to change their reviews, you do not have integrity. And I will not sacrifice my integrity to bolster yours, whether you pay me $10, $100 or $1 million.

On ResellerRatings.com, AjRichies.com currently has 80% positive reviews. I’ll leave the reason for this to your conjecture.