CAKE QoS Script (OpenWrt)

This is the script that I made months ago (to self-learning) and until today I have time to share it.

Quick Overview

  1. The script launches the CAKE qdisc (like SQM would do), and you do not need SQM at all.
  2. The script uses the veth method on the ingress side to make the DSCP marking work and fix this problem:

With dual-dsthost enabled, a single host with many tcp sessions (like when torrenting) is prevented from hogging all the bandwidth, but if you are actually using that host, the torrent will still hog that host's bandwidth and to fix that problem you need QoS using DSCP marking, so that the torrent traffic and other such hogs goes into the "bulk class", then that host will see a big improvement in all other traffic types.

  1. It has rules to prioritize non-bulk unmarked traffic like gaming and VoIP, that means you don't need to add game ports, but if you want you can also add game ports and static IP of game consoles to prioritize that traffic (although it is not necessary).
  2. It has rules to give high priority to known Video conferencing, VoIP and VoWiFi ports.
  3. Easily change the default OpenWrt settings like default qdisc, TCP congestion control and ECN.
  4. irqbalance and Packet Steering options to equally distribute the load of packet processing over all available cores and probably increase performance.
  5. It has Init Script so that from the LuCI web interface (System -> Startup) you can Enable, Disable, Start, Restart and Stop the script.
  6. It has Hotplug to automatically reload the script.

Pre-requisites

To use this script, you need to install these packages:

  • tc-tiny
  • kmod-sched-cake
  • kmod-veth
  • kmod-tcp-bbr
  • irqbalance
  • htop (Optional)

Copy and paste this into your SSH client:

opkg update && opkg install tc-tiny kmod-sched-cake kmod-veth kmod-tcp-bbr irqbalance

Install

Copy and paste this into your SSH client:

rm /root/cake.sh; rm /etc/init.d/cake; rm /etc/hotplug.d/iface/99-cake; rm /etc/nftables.d/*-rules.nft; wget -O /root/cake.sh "https://raw.githubusercontent.com/Last-times/CAKE-QoS-Script-OpenWrt/main/cake.sh"; chmod 755 /root/cake.sh

The cake.sh script is located in the /root/ folder on the router and you have to edit this:

  1. Change the CAKE settings according to your connection type and also change the other settings (like rules, ports, IP address, irqbalance, etc.).
  2. You can delete the ports and IP address from the script, because are just examples.
  3. Once you've finished editing the script, use this command to run the script:
./cake.sh

Or download the script to edit it with the notepad and then place the edited script into the /root/ folder on the router, then change the permissions of the script with this command chmod 755 /root/cake.sh and run the script with the command above ./cake.sh

CLI

Command to run the script:

./cake.sh

Others important commands:

# To check if the DSCP marking is working
tc -s qdisc


# To check your CAKE settings
tc qdisc | grep cake


# To check the veth devices
ip link show


# To check the nftables rules
nft list ruleset


# To check if changed the default OpenWrt settings
sysctl net.core.default_qdisc
sysctl net.ipv4.tcp_congestion_control
sysctl net.ipv4.tcp_ecn


# To check if irqbalance or packet steering are enabled or disabled
uci show irqbalance.irqbalance.enabled
uci show network.globals.packet_steering


Tip

  • Don't use Software flow offloading, it will break the rules and CAKE.

Uninstall/Remove

Copy and paste this into your SSH client:

/etc/init.d/cake stop; rm /root/cake.sh; rm /etc/init.d/cake; rm /etc/hotplug.d/iface/99-cake; rm /etc/nftables.d/*-rules.nft; sed -i "/default_qdisc/d; /tcp_congestion_control/d; /tcp_ecn/d" /etc/sysctl.conf; uci set dhcp.odhcpd.loglevel="4"; uci set irqbalance.irqbalance.enabled="0"; uci del network.globals.packet_steering; uci commit && reload_config

DSCP Information

3 Likes

i will test your script fo4 compared to qosify

1 Like

They both do the same, probably you didn't set the interface properly.

I'm gonna take a look into the script to take some references with your dscp markings, thanks ^^

2 Likes

ok my interface is wan
I would like the equivalent of cake and piece of cake but I don't know how there is only diffserv4 so qosify would use layer cake?

ok but how configurate for playstation

i will do let to base ?

1 Like

First remove all your iptables rules, remove all your firewall DSCP rules, disable SQM, don't use Software flow offloading and don't use VPN to play games, so you don't have problems.

Ports: (You can also use EF instead of CS4)

# PlayStation
tcp:3478-3480		CS4
udp:3478-3479		CS4

# Call of Duty
tcp:3074-3076		CS4
udp:3074-3079		CS4
udp:3658		CS4

# FIFA
tcp:3659		CS4
udp:3659		CS4

i'am put AF41 for video and my games works better

all trafficprio in video no dropped packets you should be test mate

2 Likes

Bulk, Best Effort, Video and Voice are categories to prioritize your traffic and the DSCP marking is used to place your traffic in those categories.

The DSCP marking doesn't help you FIX the bufferbloat, it's CAKE that fixes that problem and the DSCP marking only helps you use the categories in CAKE to prioritize one traffic over another and ensure a certain amount of bandwidth for that traffic.

The traffic in the last category in CAKE always has higher priority than the others.

  • Voice > Video > Best Effort > Bulk

When you use diffserv4 (Priority Queue parameter), the DSCP marks CS5, CS4 (default Video) and AF2x, CS2 (default Best Effort) are one category higher than their default category.

diffserv4: (Tins)

  • Voice: CS6, EF, VA, CS5, CS4
  • Video: AF4x, AF3x, CS3, AF2x, CS2
  • Best Effort: CSO, AF1x
  • Bulk: CS1, LE

WMM AC Mapping: (RFC 8325)

  • Voice: CS6, EF, VA
  • Video: CS5, AF4x, CS4, AF3x, CS3
  • Best Effort: CSO, AF2x, CS2, AF1x
  • Background: CS1, LE

This image shows that DSCP mark is used in each category (Tin) in CAKE and use it as a base to prioritize your ports in each category (Tin) and always try that your DSCP marks do not conflict with the WMM AC Mapping and read the Traffic Characteristics, Application Examples and Tolerance section to know the use of each DSCP mark:

Others Application Examples:

About the second imagen I think:

  • Real-time gaming = Competitive games like Fortnite, League of Legends, Dota 2, COD, etc.
  • Interactive gaming = NVIDIA GeForce NOW, Google Stadia and Mobile games like Clash Royale.

I recommend that all game ports use the DSCP marks CS4 or EF, because those DSCP marks were created for that use.

3 Likes

@elan
When you mention;

# PlayStation (TCP)
tcp:1935	CS4
tcp:3074	CS4
tcp:3478-3480	CS4

# PlayStation (UDP)
udp:3074-3079	CS4
udp:3478-3479	CS4

I honest think for consoles such as PS and Xbox that is better going via IP:Port as is a better approach? I can understand if no one shares there internet connection then this is perfect but for them who shares with 10 users then it going to be an issue.

@Dopam-IT_1987
Keep in mind, Some games will uses P2P connections rather then server to server, So in this case you maybe experience lags that wont have nothing to do with QoS. :point_up:

2 Likes

this script is amazing for my connection

my settings if you want :wink:

#!/bin/sh
############################################################


### Interfaces ###

## Go to: "Network -> Interfaces" and write the name of those interfaces here.

## Change this to the name of your "LAN interface", if you have altered it from the OpenWrt default.
LAN="br-lan"


## Change this to the name of your "WAN interface".
WAN="wan"


############################################################


### Download methods ###

DOWN_METHOD="veth"  # Write: "veth" | "normal"
                    # "veth"   The 'DSCP marks' work on download and upload in "Cake".
                    # "normal" The 'DSCP marks' only work on upload in "Cake".


######################################################################################################################


### CAKE settings ###

DOWNRATE="56000"  # Change this to about 80-95% of your download speed (in kbit).
UPRATE="16000"     # Change this to about 80-95% of your upload speed (in kbit).
                   # Do a Speed Test: https://www.speedtest.net/
                   # Not recommendable: Don't write anything in "DOWNRATE" or "UPRATE" to use 'qdisc shaper' with no limit on the bandwidth ('unlimited' parameter).
                   # Not recommendable: Write "0" in "DOWNRATE" or "UPRATE" to disable 'qdisc shaper' on download or upload.

AUTORATE_INGRESS="no"  # Write: "yes" | "no"
                       # Enable CAKE automatic rate estimation for ingress.
                       # For it to work you need to write your bandwidth in "DOWNRATE" to specify an initial estimate.
                       # This is most likely to be useful with cellular links, which tend to change quality randomly.

## Make sure you set these parameters correctly for your connection type or don't write any value and use a presets or keywords below.
OVERHEAD="22"  # Write values between "-64" and "256"
MPU=""       # Write values between "0" and "256"
FRAMING="ptm"   # Write: "ptm" | "atm" | "noatm"
             # These values overwrite the presets or keyboards below.
             # Read: https://openwrt.org/docs/guide-user/network/traffic-shaping/sqm#configuring_the_sqm_bufferbloat_packages
             # Read: https://openwrt.org/docs/guide-user/network/traffic-shaping/sqm-details#sqmlink_layer_adaptation_tab

## Only use these presets or keywords if you don't write a value above in OVERHEAD, MPU and FRAMING.
COMMON_LINK_PRESETS="conservative"  # Write the keyword below:
                                    # "conservative"     Failsafe     (overhead 48 - atm)
                                    # "ethernet"         Ethernet     (overhead 38 - mpu 84 - noatm)
                                    # "docsis"           Cable Modem  (overhead 18 - mpu 64 - noatm)
                                    # "pppoe-ptm"        VDSL2        (overhead 30 - ptm)
                                    # "bridged-ptm"      VDSL2        (overhead 22 - ptm)
                                    # "pppoa-vcmux"      ADSL         (overhead 10 - atm)
                                    # "pppoa-llc"        ADSL         (overhead 14 - atm)
                                    # "pppoe-vcmux"      ADSL         (overhead 32 - atm)
                                    # "pppoe-llcsnap"    ADSL         (overhead 40 - atm)
                                    # "bridged-vcmux"    ADSL         (overhead 24 - atm)
                                    # "bridged-llcsnap"  ADSL         (overhead 32 - atm)
                                    # "ipoa-vcmux"       ADSL         (overhead 8  - atm)
                                    # "ipoa-llcsnap"     ADSL         (overhead 16 - atm)
                                    # If you are unsure, then write "conservative" as a general safe value.
                                    # These keywords have been provided to represent a number of common link technologies.
                                    ######################################################################################
                                    # For true ATM links (ADSL), one often can measure the real per-packet overhead empirically,
                                    # see: https://github.com/moeller0/ATM_overhead_detector for further information how to do that.

## This keyword is not for standalone use, but act as a modifier to some previous presets or keywords.
ETHER_VLAN_KEYWORD=""  # Write values between "1" and "3" or don't write any value.
                       # In addition to those previous presets or keywords it is common to have VLAN tags (4 extra bytes) or PPPoE encapsulation (8 extra bytes).
                       # "1" Adds '4 bytes' to the overhead  (ether-vlan)
                       # "2" Adds '8 bytes' to the overhead  (ether-vlan ether-vlan)
                       # "3" Adds '12 bytes' to the overhead (ether-vlan ether-vlan ether-vlan)
                       # This keyword "ether-vlan" may be repeated as necessary in 'EXTRA PARAMETERS'.
                       # Read: https://man7.org/linux/man-pages/man8/tc-cake.8.html#OVERHEAD_COMPENSATION_PARAMETERS

DOWN_PRIORITY_QUEUE="diffserv4"  # Write: "besteffort" | "diffserv3" | "diffserv4" | "diffserv8"
UP_PRIORITY_QUEUE="diffserv4"    # Write: "besteffort" | "diffserv3" | "diffserv4" | "diffserv8"
                                 # CAKE can divide traffic into tins based on the Diffserv field.
                                 # "besteffort" only has 'one tin' or priority tier.
                                 # "diffserv3" has '3 tins' or different priority tiers.
                                 # "diffserv4" has '4 tins' or different priority tiers.
                                 # "diffserv8" has '8 tins' or different priority tiers. <- Broken

PER_HOST_ISOLATION="yes"  # Write: "yes" | "no"
                          # Per-Host Isolation or 'dual-dsthost' (download) and 'dual-srchost' (upload), prevents a single host/client
                          # that has multiple connections (like when torrenting) from hogging all the bandwidth
                          # and provides better traffic management when multiple hosts/clients are using the internet at the same time.

DOWN_NAT="no"  # Write: "yes" | "no"
UP_NAT="yes"   # Write: "yes" | "no"
               # Perform a NAT lookup before applying flow-isolation rules to improve fairness between hosts "inside" the NAT.
               # Don't use "nat" parameter in download when use 'Veth method' or flow-isolation stops working.
               # Only use "nat" parameter in download when use 'Normal method'.
               ## Recommendation: Don't use "nat" in download on the "Veth interfaces" and only use "nat" in download and upload on the "WAN interface".

DOWN_WASH="no"  # Write: "yes" | "no"
UP_WASH="yes"   # Write: "yes" | "no"
                # "wash" only clears all DSCP marks after the traffic has been tinned.
                # Don't wash incoming (download) DSCP marks, because also wash the custom DSCP marking from this script and the script already washes the marks below.
                # Wash outgoing (upload) DSCP marks to ISP, because may be mis-marked from ISP perspective.
                ## Recommendation: Don't use "wash" on ingress (download) so that "WMM" can make use of the custom DSCP marking and just use "wash" on egress (upload).

INGRESS_MODE="yes"  # Write: "yes" | "no"
                    # Enabling "ingress mode" ('ingress' parameter) will tune the AQM to always keep at least two packets queued *for each flow*.
                    # Basically will drop and/or delay packets in a way that the rate of packets leaving the shaper is smaller or equal to the configured shaper-rate.
                    # This leads to slightly more aggressive dropping, but this also ameliorates one issue we have with post-bottleneck shaping,
                    # namely the inherent dependency of the required bandwidth "sacrifice" with the expected number of concurrent bulk flows.
                    # Thus, being more lenient and keeping a minimum number of packets queued will improve throughput in cases
                    # where the number of active flows are so large that they saturate the bottleneck even at their minimum window size.

UP_ACK_FILTER="auto"  # Write: "yes" | "no" | "auto"
                      # Write "auto" or don't write anything, so that the script decide to use this parameter, depending on the bandwidth you wrote in "DOWNRATE" and "UPRATE".
                      # If your up/down bandwidth is at least 1x15 asymmetric, you can try the 'ack-filter' option.
                      # It doesn't help on your downlink, nor on symmetric links.
                      # 'ack-filter' only makes sense for egress (upload), so don't add 'ack-filter' keyword for the ingress side (download).
                      # Don't recommend turning it on more symmetrical link bandwidths the effect is negligible at best.

## Don't write 'ms', just write the number.
RTT="40"  # Write values between "1" and "1000" or don't write any value to use the default value (100).
        # This parameter defines the time window that your shaper will give the endpoints to react to shaping signals (drops or ECN).
        # The default "100ms" is pretty decent that works for many people, assuming their packets don't always need to cross long distances.
        # If you are based in Europe and access data in California I would assume 200-300ms to be a better value.
        # The general trade off is higher RTTs cause higher bandwidth utilization at the cost of increased latency under load (or rather longer settling times).
        # If your game servers are "40ms" RTT away, you should configure cake accordingly (this will lead to some bandwidth sacrifices for flows with a longer RTT).
        # Again setting RTT too high will increase the latency under load (aka the Bufferbloat) while increasing bandwidth utilization.
        # You should measure the RTT for cake while your network is not loaded.
        # Use ping to measure the Round Trip Time (RTT) on servers you normally connect.
        # Example: ping -c 20 openwrt.org (Linux)
        # Example: ping -n 20 openwrt.org (Windows)

DOWN_EXTRA_PARAMETERS=""  # Add any custom parameters separated by spaces.
UP_EXTRA_PARAMETERS=""    # Add any custom parameters separated by spaces.
                          # These will be appended to the end of the CAKE options and take priority over the options above.
                          # There is no validation done on these options. Use carefully!
                          # Look: https://man7.org/linux/man-pages/man8/tc-cake.8.html


######################################################################################################################


### DSCP marks ###

## Before changing the DSCP marks, first look at the images of the post and read this:
## Information: https://datatracker.ietf.org/doc/html/rfc8325


## Default Chain for iptables
CHAIN="FORWARD"  # Write: "FORWARD" | "POSTROUTING"


## Wash all DSCP marks and now this is the default DSCP for all unmarked traffic.
STANDARD_DEFAULT="CS0"


## Network services
SSH="CS2"
NTP="CS2"
DNS="CS2"
ICMP="CS0"
DOT="AF41"  # DNS over TLS (DoT)


## Prioritize traffic
TELEPHONY="EF"                  # VoIP and VoWiFi (WiFi Calling).
MULTIMEDIA_CONFERENCING="AF41"  # Zoom, Microsoft Teams, Skype, GoToMeeting, Webex Meeting, Jitsi Meet, Google Meet, FaceTime and TeamViewer.
REAL_TIME_GAMING="CS4"          # PC Game Ports and Game Consoles (Need to be added below).
MULTIMEDIA_STREAMING="AF31"     # Browsing and Multimedia Streaming to Watch YouTube, Netflix, Twitch and QUIC Protocol (TCP/UDP ports 80, 443 and 8080).
BROADCAST_VIDEO="CS3"           # Live Streaming to YouTube Live, Twitch, Vimeo and LinkedIn Live.
HIGH_THROUGHPUT_DATA="AF11"     # Web Traffic (TCP ports 80, 443 and 8080).
LOW_PRIORITY_DATA="CS1"         # Bulk traffic such as BitTorrent, Usenet or TCP downloads that have transferred more than 10 seconds worth of packets.

                                ## The DSCP marks "LE" and "VA" (aka. "VOICE-ADMIT") don't work.
                                ## You can test changing the DSCP mark "CS4" to "EF" in the game category.


############################################################


### DSCP ports settings ###

## You can delete the ports below, they are just an example.


## PC Game Ports (List 1)
TCP_GAME_PORTS_LIST_1="25565"
UDP_GAME_PORTS_LIST_1="19132:19133,25565"
                       # Define a list of TCP and UDP ports used by PC Games.
                       # Use a comma to separate the values or ranges A:B as shown.
                       # Up to 15 ports can be specified. A port range (port:port) counts as two ports.


## PC Game Ports (List 2)
TCP_GAME_PORTS_LIST_2="3074"
UDP_GAME_PORTS_LIST_2="3074,3659,30000:45000"
                       # Define a second list of TCP and UDP ports used by PC Games.
                       # Use a comma to separate the values or ranges A:B as shown.
                       # Up to 15 ports can be specified. A port range (port:port) counts as two ports.


## BitTorrent Ports
TCP_BULK_PORTS="6881:6889,6969,51413"
UDP_BULK_PORTS="6881:6889,6969,51413"
                # Define a list of TCP and UDP ports used for 'bulk traffic' such as BitTorrent.
                # Set your BitTorrent client to use a known port and include it here.
                # Use a comma to separate the values or ranges A:B as shown.
                # Recommendation: On your BitTorrent client (qBittorrent) only use the "uTP" protocol.


## Custom Ports [OPTIONAL]
DSCP_OTHER_PORTS="CS0"  # Change this DSCP mark wherever you want.

TCP_OTHER_PORTS=""
UDP_OTHER_PORTS=""
                 # Define a list of TCP and UDP ports and mark wherever you want.
                 # Use a comma to separate the values or ranges A:B as shown.
                 # Up to 15 ports can be specified. A port range (port:port) counts as two ports.


############################################################


### DSCP IP address settings ###

## To add static IP addresses in OpenWrt go to: "Network -> DHCP and DNS -> Static Leases -> Click 'Add'"
## You can delete the IP addresses below, they are just an example.


## Game Consoles (Static IP)
IPV4_GAME_CONSOLES_STATIC_IP="192.168.2.160"
                              # Define a list of IP addresses that will cover all ports (except 80,443,8080 and BitTorrent ports).
                              # Write a single IP or a CIDR block for a range of IP addresses A/B and use a comma to separate them as shown.
                              # CIDR Address Range "192.168.1.20/30" = '192.168.1.20' to '192.168.1.23'
                              # IPv4 CIDR: https://www.subnet-calculator.com/cidr.php

IPV6_GAME_CONSOLES_STATIC_IP="fd30:9abe:f0ab::15,fd30:9abe:f0ab::20/126"
                              # Go to: "Network -> Interfaces -> Global network options (tab) -> IPv6 ULA-Prefix"
                              # and replace that IP with this "fd30:9abe:f0ab::" or replace the IP of the script with that IP, but don't change the CIDR notation "/48" in the router or add it in the script.

                              # In the IPv6 address simply change the number after the double colon "::" for the last number of your static IP (IPv4).
                              # The last number "::15" or CIDR "::20/126" is the static IP of '192.168.1.15' and CIDR '192.168.1.20/30' (IPv4).
                              # CIDR Address Range "::20/126" = '::20' to '::23'
                              # IPv6 CIDR: https://www.vultr.com/resources/subnet-calculator-ipv6/ (Display: short)


## TorrentBox (Static IP)
IPV4_TORRENTBOX_STATIC_IP="192.168.1.10"
                           # Define a list of IP addresses and mark 'all traffic' as bulk.
                           # Write a single IP or a CIDR block for a range of IP addresses A/B and use a comma to separate them as shown.

IPV6_TORRENTBOX_STATIC_IP="fd30:9abe:f0ab::10"
                           # Go to: "Network -> Interfaces -> Global network options (tab) -> IPv6 ULA-Prefix"
                           # and replace that IP with this "fd30:9abe:f0ab::" or replace the IP of the script with that IP, but don't change the CIDR notation "/48" in the router or add it in the script.

                           # In the IPv6 address simply change the number after the double colon "::" for the last number of your static IP (IPv4).
                           # The last number "::10" is the static IP of '192.168.1.10' (IPv4).


## Custom IP address [OPTIONAL]
DSCP_OTHER_STATIC_IP="CS0"  # Change this DSCP mark wherever you want.

IPV4_OTHER_STATIC_IP=""
IPV6_OTHER_STATIC_IP=""
                      # Define a list of IP addresses and mark 'all traffic' wherever you want.
                      # Write a single IP or a CIDR block for a range of IP addresses A/B and use a comma to separate them as shown.



## Custom IP address + Ports (List 1) [OPTIONAL]
DSCP_OTHER_STATIC_IP_PORTS_LIST_1="CS0"  # Change this DSCP mark wherever you want.

IPV4_OTHER_STATIC_IP_PORTS_LIST_1=""
IPV6_OTHER_STATIC_IP_PORTS_LIST_1=""
                                   # Define a list of IP addresses to 'only' use the ports from this rule.
                                   # Write a single IP or a CIDR block for a range of IP addresses A/B and use a comma to separate them as shown.

TCP_OTHER_STATIC_IP_PORTS_LIST_1=""
UDP_OTHER_STATIC_IP_PORTS_LIST_1=""
                                  # Define a list of TCP and UDP ports.
                                  # Use a comma to separate the values or ranges A:B as shown.
                                  # Up to 15 ports can be specified. A port range (port:port) counts as two ports.


## Custom IP address + Ports (List 2) [OPTIONAL]
DSCP_OTHER_STATIC_IP_PORTS_LIST_2="CS0"  # Change this DSCP mark wherever you want.

IPV4_OTHER_STATIC_IP_PORTS_LIST_2=""
IPV6_OTHER_STATIC_IP_PORTS_LIST_2=""
                                   # Define a list of IP addresses to 'only' use the ports from this rule.
                                   # Write a single IP or a CIDR block for a range of IP addresses A/B and use a comma to separate them as shown.

TCP_OTHER_STATIC_IP_PORTS_LIST_2=""
UDP_OTHER_STATIC_IP_PORTS_LIST_2=""
                                  # Define a list of TCP and UDP ports.
                                  # Use a comma to separate the values or ranges A:B as shown.
                                  # Up to 15 ports can be specified. A port range (port:port) counts as two ports.


######################################################################################################################


### Firewall ###

FIREWALL_RESTART="no"  # Write: "yes" | "no"
                       # "yes" Restart the firewall to flush the iptables.
                       # "no"  Delete the rules from the chain without restarting the firewall.
                       # This option is for when you change DSCP flags and add ports or IP addresses.
                       # Restarting the firewall will cause you to lose all current connections, but is more reliable to clear the iptables and DSCP flags.
                       ## Recommendation: "no", and just use "yes" when the iptables don't clear properly.


############################################################


### Change the 'Default settings' in OpenWrt ###

DEFAULT_QDISC="cake"  # Write: "fq" | "fq_codel" | "cake"
                      # "fq"       Great qdisc for end hosts, preferably endhost without virtual machines running.
                      # "fq_codel" Great all around qdisc. (Default in OpenWrt)
                      # "cake"     Great for WAN links, but computationally expensive with little advantages over 'fq_codel' for LAN links.


TCP_CONGESTION_CONTROL="bbr"  # Write: "cubic" | "bbr"
                              # "cubic" (Default in OpenWrt)
                              # "bbr"   New congestion control by Google, maybe this can improve network response.


ECN="2"  # Write values between "0" and "2"
         # "0" Disable ECN. Neither initiate nor accept ECN. (Default in OpenWrt)
         # "1" Enable ECN. When requested by incoming connections and also request ECN on outgoing connection attempts.
         # "2" Enable ECN. When requested by incoming connections, but do not request ECN on outgoing connections.
         # Read: https://www.bufferbloat.net/projects/cerowrt/wiki/Enable_ECN/


############################################################


### irqbalance and Packet Steering ###

IRQBALANCE="yes"  # Write: "yes" | "no"
                  ## If you disable it with "no", you must also "reboot" the router for it to take effect.
                  # Help balance the cpu load generated by interrupts across all of a systems cpus and probably increase performance.
                  # The purpose of irqbalance is to distribute hardware interrupts across processors/cores on a multiprocessor/multicore system in order to increase performance.


PACKET_STEERING="yes"  # Write: "yes" | "no"
                       ## If you disable it with "no", you must also "reboot" the router for it to take effect.
                       # Enable packet steering across all CPUs. May help or hinder network speed.
                       # It's another (further) approach of trying to equally distribute the load of (network-) packet processing over all available cores.
                       # In theory this should also 'always' help, in practice it can be worse on some devices.
                       # It enables some kind of steering that seems different than what irqbalance does. I'm guessing it sets some of the manual IRQ or TX/RX IRQ assignments.

                       ## Enabling packet-steering can go either way, it may improve your throughput or it can worsen your results.
                       ## This is hardware (and to come extent protocol-, as in PPPoE vs DHCP vs whatever) dependent, so you need to
                       ## test both and compare your speedtests (and CPU load, keep "htop" open over SSH) for both configuration settings.


############################################################


### Hotplug ###

HOTPLUG="yes"  # Write: "yes" | "no"
               # Hotplug to automatically reloads the script.


######################################################################################################################

#########################     #########################     #########################
### DO NOT EDIT BELOW ###     ### DO NOT EDIT BELOW ###     ### DO NOT EDIT BELOW ###
### DO NOT EDIT BELOW ###     ### DO NOT EDIT BELOW ###     ### DO NOT EDIT BELOW ###
#########################     #########################     #########################

### CAKE settings ###







big thanks to @elan

if your script is right you are a message like this

and no error

@segal_72 maybe can help for your connexion mate :wink:

2 Likes

Nice one @Dopam-IT_1987 will have to switch from qos-scripts https://oldwiki.archive.openwrt.org/doc/uci/qos and give this ago.

## PC Game Ports (List 2)
TCP_GAME_PORTS_LIST_2="3074"
UDP_GAME_PORTS_LIST_2="3074,3659,30000:45000"
                       # Define a second list of TCP and UDP ports used by PC Games.
                       # Use a comma to separate the values or ranges A:B as shown.
                       # Up to 15 ports can be specified. A port range (port:port) counts as two ports.

@elan what your thoughts on making game console use ports 1024-65535 since there isnt other P2P software on consoles? Do you think is better this way or @Dopam-IT_1987 way of things?

TCP_GAME_PORTS_LIST_2="1024-65535"
UDP_GAME_PORTS_LIST_2="1024-65535"
2 Likes

I use these pages to find the ports.

Game Ports:

Game Streaming Ports:

Live Streaming Ports:

Application Ports and Domains:

Information of all Ports:

1 Like

@elan would there be a way to be able to activate or deactivate it as desired a bit like sqm with the options enabled disabled start restart stop? thank you

a little bit like this

#!/bin/sh /etc/rc.common
# nftables start/restart based on Example script
# Copyright (C) 2007 OpenWrt.org
 
START=10
STOP=15
 
start() {        
        echo start
        # commands to launch application
	echo y | /root/cake.sh
}                 

restart() {
	  echo restart
	  echo y | /root/cake.sh
}

stop() {          
        echo stop
        # commands to kill application
	 	
}

i'm very happy is work very good after

i just need restart firewall after ..

edit : but i has just impression than script disabled in download not upload ? anyone has an idea ?

@dlakelan @moeller0 maybe can your help to create a initsscript interface to launch or disabled script ?

1 Like

I already added, you can test it if you want.

1 Like

He work nice, thanks

2 Likes

I've obviously configured something incorrectly, when I ran the script I lost all connection to the internet

!/bin/sh
############################################################


### Interfaces ###

## Go to: "Network -> Interfaces" and write the name of those interfaces here.

## Change this to the name of your "LAN interface", if you have altered it from the OpenWrt default.
LAN="eth0.1"


## Change this to the name of your "WAN interface".
WAN="eth0.2"


############################################################


### Download methods ###

DOWN_METHOD="veth"  # Write: "veth" | "normal"
                    # "veth"   The 'DSCP marks' work on download and upload in "Cake".
                    # "normal" The 'DSCP marks' only work on upload in "Cake".


######################################################################################################################


### CAKE settings ###

DOWNRATE="102000"  # Change this to about 80-95% of your download speed (in kbit).
UPRATE="15000"     # Change this to about 80-95% of your upload speed (in kbit).
                   # Do a Speed Test: https://www.speedtest.net/
                   # Not recommendable: Don't write anything in "DOWNRATE" or "UPRATE" to use 'qdisc shaper' with no limit on the bandwidth ('unlimited' parameter).
                   # Not recommendable: Write "0" in "DOWNRATE" or "UPRATE" to disable 'qdisc shaper' on download or upload.

AUTORATE_INGRESS="no"  # Write: "yes" | "no"
                       # Enable CAKE automatic rate estimation for ingress.
                       # For it to work you need to write your bandwidth in "DOWNRATE" to specify an initial estimate.
                       # This is most likely to be useful with cellular links, which tend to change quality randomly.

## Make sure you set these parameters correctly for your connection type or don't write any value and use a presets or keywords below.
OVERHEAD=""  # Write values between "-64" and "256"
MPU=""       # Write values between "0" and "256"
FRAMING=""   # Write: "ptm" | "atm" | "noatm"
             # These values overwrite the presets or keyboards below.
             # Read: https://openwrt.org/docs/guide-user/network/traffic-shaping/sqm#configuring_the_sqm_bufferbloat_packages
             # Read: https://openwrt.org/docs/guide-user/network/traffic-shaping/sqm-details#sqmlink_layer_adaptation_tab

## Only use these presets or keywords if you don't write a value above in OVERHEAD, MPU and FRAMING.
COMMON_LINK_PRESETS="conservative"  # Write the keyword below:
                                    # "conservative"     Failsafe     (overhead 48 - atm)
                                    # "ethernet"         Ethernet     (overhead 38 - mpu 84 - noatm)
                                    # "docsis"           Cable Modem  (overhead 18 - mpu 64 - noatm)
                                    # "pppoe-ptm"        VDSL2        (overhead 30 - ptm)
                                    # "bridged-ptm"      VDSL2        (overhead 22 - ptm)
                                    # "pppoa-vcmux"      ADSL         (overhead 10 - atm)
                                    # "pppoa-llc"        ADSL         (overhead 14 - atm)
                                    # "pppoe-vcmux"      ADSL         (overhead 32 - atm)
                                    # "pppoe-llcsnap"    ADSL         (overhead 40 - atm)
                                    # "bridged-vcmux"    ADSL         (overhead 24 - atm)
                                    # "bridged-llcsnap"  ADSL         (overhead 32 - atm)
                                    # "ipoa-vcmux"       ADSL         (overhead 8  - atm)
                                    # "ipoa-llcsnap"     ADSL         (overhead 16 - atm)
                                    # If you are unsure, then write "conservative" as a general safe value.
                                    # These keywords have been provided to represent a number of common link technologies.
                                    ######################################################################################
                                    # For true ATM links (ADSL), one often can measure the real per-packet overhead empirically,
                                    # see: https://github.com/moeller0/ATM_overhead_detector for further information how to do that.

## This keyword is not for standalone use, but act as a modifier to some previous presets or keywords.
ETHER_VLAN_KEYWORD=""  # Write values between "1" and "3" or don't write any value.
                       # In addition to those previous presets or keywords it is common to have VLAN tags (4 extra bytes) or PPPoE encapsulation (8 extra bytes).
                       # "1" Adds '4 bytes' to the overhead  (ether-vlan)
                       # "2" Adds '8 bytes' to the overhead  (ether-vlan ether-vlan)
                       # "3" Adds '12 bytes' to the overhead (ether-vlan ether-vlan ether-vlan)
                       # This keyword "ether-vlan" may be repeated as necessary in 'EXTRA PARAMETERS'.
                       # Read: https://man7.org/linux/man-pages/man8/tc-cake.8.html#OVERHEAD_COMPENSATION_PARAMETERS

DOWN_PRIORITY_QUEUE="diffserv4"  # Write: "besteffort" | "diffserv3" | "diffserv4" | "diffserv8"
UP_PRIORITY_QUEUE="diffserv4"    # Write: "besteffort" | "diffserv3" | "diffserv4" | "diffserv8"
                                 # CAKE can divide traffic into tins based on the Diffserv field.
                                 # "besteffort" only has 'one tin' or priority tier.
                                 # "diffserv3" has '3 tins' or different priority tiers.
                                 # "diffserv4" has '4 tins' or different priority tiers.
                                 # "diffserv8" has '8 tins' or different priority tiers. <- Broken

PER_HOST_ISOLATION="yes"  # Write: "yes" | "no"
                          # Per-Host Isolation or 'dual-dsthost' (download) and 'dual-srchost' (upload), prevents a single host/client
                          # that has multiple connections (like when torrenting) from hogging all the bandwidth
                          # and provides better traffic management when multiple hosts/clients are using the internet at the same time.

DOWN_NAT="no"  # Write: "yes" | "no"
UP_NAT="yes"   # Write: "yes" | "no"
               # Perform a NAT lookup before applying flow-isolation rules to improve fairness between hosts "inside" the NAT.
               # Don't use "nat" parameter in download when use 'Veth method' or flow-isolation stops working.
               # Only use "nat" parameter in download when use 'Normal method'.
               ## Recommendation: Don't use "nat" in download on the "Veth interfaces" and only use "nat" in download and upload on the "WAN interface".

DOWN_WASH="no"  # Write: "yes" | "no"
UP_WASH="yes"   # Write: "yes" | "no"
                # "wash" only clears all DSCP marks after the traffic has been tinned.
                # Don't wash incoming (download) DSCP marks, because also wash the custom DSCP marking from this script and the script already washes the marks below.
                # Wash outgoing (upload) DSCP marks to ISP, because may be mis-marked from ISP perspective.
                ## Recommendation: Don't use "wash" on ingress (download) so that "WMM" can make use of the custom DSCP marking and just use "wash" on egress (upload).

INGRESS_MODE="yes"  # Write: "yes" | "no"
                    # Enabling "ingress mode" ('ingress' parameter) will tune the AQM to always keep at least two packets queued *for each flow*.
                    # Basically will drop and/or delay packets in a way that the rate of packets leaving the shaper is smaller or equal to the configured shaper-rate.
                    # This leads to slightly more aggressive dropping, but this also ameliorates one issue we have with post-bottleneck shaping,
                    # namely the inherent dependency of the required bandwidth "sacrifice" with the expected number of concurrent bulk flows.
                    # Thus, being more lenient and keeping a minimum number of packets queued will improve throughput in cases
                    # where the number of active flows are so large that they saturate the bottleneck even at their minimum window size.

UP_ACK_FILTER="auto"  # Write: "yes" | "no" | "auto"
                      # Write "auto" or don't write anything, so that the script decide to use this parameter, depending on the bandwidth you wrote in "DOWNRATE" and "UPRATE".
                      # If your up/down bandwidth is at least 1x15 asymmetric, you can try the 'ack-filter' option.
                      # It doesn't help on your downlink, nor on symmetric links.
                      # 'ack-filter' only makes sense for egress (upload), so don't add 'ack-filter' keyword for the ingress side (download).
                      # Don't recommend turning it on more symmetrical link bandwidths the effect is negligible at best.

## Don't write 'ms', just write the number.
RTT="60"  # Write values between "1" and "1000" or don't write any value to use the default value (100).
        # This parameter defines the time window that your shaper will give the endpoints to react to shaping signals (drops or ECN).
        # The default "100ms" is pretty decent that works for many people, assuming their packets don't always need to cross long distances.
        # If you are based in Europe and access data in California I would assume 200-300ms to be a better value.
        # The general trade off is higher RTTs cause higher bandwidth utilization at the cost of increased latency under load (or rather longer settling times).
        # If your game servers are "40ms" RTT away, you should configure cake accordingly (this will lead to some bandwidth sacrifices for flows with a longer RTT).
        # Again setting RTT too high will increase the latency under load (aka the Bufferbloat) while increasing bandwidth utilization.
        # You should measure the RTT for cake while your network is not loaded.
        # Use ping to measure the Round Trip Time (RTT) on servers you normally connect.
        # Example: ping -c 20 openwrt.org (Linux)
        # Example: ping -n 20 openwrt.org (Windows)

DOWN_EXTRA_PARAMETERS=""  # Add any custom parameters separated by spaces.
UP_EXTRA_PARAMETERS=""    # Add any custom parameters separated by spaces.
                          # These will be appended to the end of the CAKE options and take priority over the options above.
                          # There is no validation done on these options. Use carefully!
                          # Look: https://man7.org/linux/man-pages/man8/tc-cake.8.html


######################################################################################################################


### DSCP marks ###

## Before changing the DSCP marks, first look at the images of the post and read this:
## Information: https://datatracker.ietf.org/doc/html/rfc8325


## Default Chain for iptables
CHAIN="FORWARD"  # Write: "FORWARD" | "POSTROUTING"


## Wash all DSCP marks and now this is the default DSCP for all unmarked traffic.
STANDARD_DEFAULT="CS0"


## Network services
SSH="CS2"
NTP="CS2"
DNS="CS2"
ICMP="CS0"
DOT="AF41"  # DNS over TLS (DoT)


## Prioritize traffic
TELEPHONY="EF"                  # VoIP and VoWiFi (WiFi Calling).
MULTIMEDIA_CONFERENCING="AF41"  # Zoom, Microsoft Teams, Skype, GoToMeeting, Webex Meeting, Jitsi Meet, Google Meet, FaceTime and TeamViewer.
REAL_TIME_GAMING="CS4"          # PC Game Ports and Game Consoles (Need to be added below).
MULTIMEDIA_STREAMING="AF31"     # Browsing and Multimedia Streaming to Watch YouTube, Netflix, Twitch and QUIC Protocol (TCP/UDP ports 80, 443 and 8080).
BROADCAST_VIDEO="CS3"           # Live Streaming to YouTube Live, Twitch, Vimeo and LinkedIn Live.
HIGH_THROUGHPUT_DATA="AF11"     # Web Traffic (TCP ports 80, 443 and 8080).
LOW_PRIORITY_DATA="CS1"         # Bulk traffic such as BitTorrent, Usenet or TCP downloads that have transferred more than 10 seconds worth of packets.

                                ## The DSCP marks "LE" and "VA" (aka. "VOICE-ADMIT") don't work.
                                ## You can test changing the DSCP mark "CS4" to "EF" in the game category.


############################################################


### DSCP ports settings ###

## You can delete the ports below, because are just examples.


## PC Game Ports (List 1)
TCP_GAME_PORTS_LIST_1="25565"
UDP_GAME_PORTS_LIST_1="30000:65535,3074"
                       # Define a list of TCP and UDP ports used by PC Games.
                       # Use a comma to separate the values or ranges A:B as shown.
                       # Up to 15 ports can be specified. A port range (port:port) counts as two ports.


## PC Game Ports (List 2)
TCP_GAME_PORTS_LIST_2=""
UDP_GAME_PORTS_LIST_2=""
                       # Define a second list of TCP and UDP ports used by PC Games.
                       # Use a comma to separate the values or ranges A:B as shown.
                       # Up to 15 ports can be specified. A port range (port:port) counts as two ports.


## BitTorrent Ports
TCP_BULK_PORTS="6881:6889,6969,51413"
UDP_BULK_PORTS="6881:6889,6969,51413"
                # Define a list of TCP and UDP ports used for 'bulk traffic' such as BitTorrent.
                # Set your BitTorrent client to use a known port and include it here.
                # Use a comma to separate the values or ranges A:B as shown.
                # Recommendation: On your BitTorrent client (qBittorrent) only use the "uTP" protocol.


## Custom Ports [OPTIONAL]
DSCP_OTHER_PORTS="CS0"  # Change this DSCP mark wherever you want.

TCP_OTHER_PORTS=""
UDP_OTHER_PORTS=""
                 # Define a list of TCP and UDP ports and mark wherever you want.
                 # Use a comma to separate the values or ranges A:B as shown.
                 # Up to 15 ports can be specified. A port range (port:port) counts as two ports.


############################################################


### DSCP IP address settings ###

## To add static IP addresses in OpenWrt go to: "Network -> DHCP and DNS -> Static Leases -> Click 'Add'"
## You can delete the IP addresses below, because are just examples.


## Game Consoles (Static IP)
IPV4_GAME_CONSOLES_STATIC_IP="192.168.1.188"
                              # Define a list of IP addresses that will cover all ports (except 80,443,8080 and BitTorrent ports).
                              # Write a single IP or a CIDR block for a range of IP addresses A/B and use a comma to separate them as shown.
                              # CIDR Address Range "192.168.1.20/30" = '192.168.1.20' to '192.168.1.23'
                              # IPv4 CIDR: https://www.subnet-calculator.com/cidr.php

IPV6_GAME_CONSOLES_STATIC_IP="fd30:9abe:f0ab::15,fd30:9abe:f0ab::20/126"
                              # Go to: "Network -> Interfaces -> Global network options (tab) -> IPv6 ULA-Prefix"
                              # and replace that IP with this "fd30:9abe:f0ab::" or replace the IP of the script with that IP, but don't change the CIDR notation "/48" in the router or add it in the script.

                              # In the IPv6 address simply change the number after the double colon "::" for the last number of your static IP (IPv4).
                              # The last number "::15" or CIDR "::20/126" is the static IP of '192.168.1.15' and CIDR '192.168.1.20/30' (IPv4).
                              # CIDR Address Range "::20/126" = '::20' to '::23'
                              # IPv6 CIDR: https://www.vultr.com/resources/subnet-calculator-ipv6/ (Display: short)


## TorrentBox (Static IP)
IPV4_TORRENTBOX_STATIC_IP="192.168.1.10"
                           # Define a list of IP addresses and mark 'all traffic' as bulk.
                           # Write a single IP or a CIDR block for a range of IP addresses A/B and use a comma to separate them as shown.

IPV6_TORRENTBOX_STATIC_IP="fd30:9abe:f0ab::10"
                           # Go to: "Network -> Interfaces -> Global network options (tab) -> IPv6 ULA-Prefix"
                           # and replace that IP with this "fd30:9abe:f0ab::" or replace the IP of the script with that IP, but don't change the CIDR notation "/48" in the router or add it in the script.

                           # In the IPv6 address simply change the number after the double colon "::" for the last number of your static IP (IPv4).
                           # The last number "::10" is the static IP of '192.168.1.10' (IPv4).


## Custom IP address [OPTIONAL]
DSCP_OTHER_STATIC_IP="CS0"  # Change this DSCP mark wherever you want.

IPV4_OTHER_STATIC_IP=""
IPV6_OTHER_STATIC_IP=""
                      # Define a list of IP addresses and mark 'all traffic' wherever you want.
                      # Write a single IP or a CIDR block for a range of IP addresses A/B and use a comma to separate them as shown.


######################################################################################################################


### Firewall ###

FIREWALL_RESTART="yes"  # Write: "yes" | "no"
                       # "yes" Restart the firewall to flush the iptables.
                       # "no"  Delete the rules from the chain without restarting the firewall.
                       # This option is for when you change DSCP flags and add ports or IP addresses.
                       # Restarting the firewall will cause you to lose all current connections, but is more reliable to clear the iptables and DSCP flags.
                       ## Recommendation: "no", and just use "yes" when the iptables don't clear properly.


############################################################


### Change the 'Default settings' in OpenWrt ###

DEFAULT_QDISC="cake"  # Write: "fq" | "fq_codel" | "cake"
                      # "fq"       Great qdisc for end hosts, preferably endhost without virtual machines running.
                      # "fq_codel" Great all around qdisc. (Default in OpenWrt)
                      # "cake"     Great for WAN links, but computationally expensive with little advantages over 'fq_codel' for LAN links.


TCP_CONGESTION_CONTROL="bbr"  # Write: "cubic" | "bbr"
                              # "cubic" (Default in OpenWrt)
                              # "bbr"   New congestion control by Google, maybe this can improve network response.


ECN="2"  # Write values between "0" and "2"
         # "0" Disable ECN. Neither initiate nor accept ECN. (Default in OpenWrt)
         # "1" Enable ECN. When requested by incoming connections and also request ECN on outgoing connection attempts.
         # "2" Enable ECN. When requested by incoming connections, but do not request ECN on outgoing connections.
         # Read: https://www.bufferbloat.net/projects/cerowrt/wiki/Enable_ECN/


############################################################


### irqbalance and Packet Steering ###

IRQBALANCE="yes"  # Write: "yes" | "no"
                  ## If you disable it with "no", you must also "reboot" the router for it to take effect.
                  # Help balance the cpu load generated by interrupts across all of a systems cpus and probably increase performance.
                  # The purpose of irqbalance is to distribute hardware interrupts across processors/cores on a multiprocessor/multicore system in order to increase performance.


PACKET_STEERING="yes"  # Write: "yes" | "no"
                       ## If you disable it with "no", you must also "reboot" the router for it to take effect.
                       # Enable packet steering across all CPUs. May help or hinder network speed.
                       # It's another (further) approach of trying to equally distribute the load of (network-) packet processing over all available cores.
                       # In theory this should also 'always' help, in practice it can be worse on some devices.
                       # It enables some kind of steering that seems different than what irqbalance does. I'm guessing it sets some of the manual IRQ or TX/RX IRQ assignments.

                       ## Enabling packet-steering can go either way, it may improve your throughput or it can worsen your results.
                       ## This is hardware (and to come extent protocol-, as in PPPoE vs DHCP vs whatever) dependent, so you need to
                       ## test both and compare your speedtests (and CPU load, keep "htop" open over SSH) for both configuration settings.


######################################################################################################################

got this after running the script

root@OpenWrt:~# sh cake.sh
RTNETLINK answers: Not supported
Cannot find device "eth0.2"

WAN is listed as eth0.2 under interfaces so I'm not sure why it can't find it?

Use maybe a snapshot firmware if you can like mine and elan :wink:

You can launch this script with this command

./cake.sh

If you are a long message with finish amen :pray: is good

1 Like

Thanks, I followed your instructions and I think it's partially working as I still have internet on my PC.

One thing I noticed in the firewall, the IP address I assigned to my console is listed with the ports found in the script next to bittorrent

I've tried jumping into a multiplayer match but my console won't pick up the internet. For some reason it was getting assigned 192.168.2.188

I manually assigned it 192.168.1.188 but it didn't work. Any idea?

1 Like

hello,
I would like to understand what is decisive for the choice between cs4, EF, or VA? the drop rate? Better latency ? more responsive ?

in which wash-down situation can be activated?

when script is active and functional wireshark will show class DSCP CS4 over game machine IP configure?

ok so you br-lan is 192.168.1.1 or 192.168.2.1

you have a modem router behind the box or not ?