Try replacing your /etc/init.d/cake-qos-simple with this:
https://raw.githubusercontent.com/lynxthecat/cake-qos-simple/add-source-port-mapping/cake-qos-simple
Then regenerate config using:
service cake-qos-simple gen_config
and regenerate nft.rules using:
service cake-qos-simple gen_nft_rules
The new config and nft.rules are saved with .new appended, and you can just overwrite your old config or nft.rules files, amalgamating any changes as necessary.
thanks much will do it a little later and report back
tried this but still didnt work..also watched a tuturial about nftables and tried to create a rule but
it failed lol...ill learn more about nftables first..dscp classify works perfect for me so ill stick with that untill i learn more about adding nftable rules..thanks much
Could you please clarify me the diference between the both cod config rules?
Do i always have to use 2 config's per game, and should i forget about the TCP's on DSCP?
Hello everyone,
Is there a way to set a rule for a range of ports in the cake-qos-simple config file? The syntax only seems to support a single source port, but my game (CS2) uses multiple ports (UDP 27000-27100). I can only confirm the ports on my end.
For now, Iāve been using Wireshark during each game and manually adding rules for each identified port, but Iām hoping thereās a more efficient method.
For context:
I also have a couple of questions:
Any suggestions or advice would be much appreciated!
Thank you in advance my lord and saviors
That should not be the case, I would start investigating why that is and fix it...
I think perhaps by specifying range using a hyphen so e.g.:
udp . 27000-27100 : goto dscp_set_voice, # CS2
But I havenāt tested this.
Iād just get Windows to set the DSCPs (on upload) because that doesnāt require you to get the port ranges right, and port ranges can change over time. cake-qos-simple will then catch and reapply the DSCPs on download.
Having Windows mark packets based on executable is very reliable in my experience.
@moeller0 can better advise on this, however I believe that itās fine to put your game traffic in voice. My understanding is that cake will allow the bandwidth for a tin to exceed the allocation providing there is spare bandwidth available.
What kind of connection do you have?
Itād be helpful to see your full cake-aurorate config and maybe a data file showing a couple of speed tests.
I've been using PowerShell to mark traffic (using -PolicyStore Activestore).
Maybe itās because Iām on Windows 11 Home edition, but setting policies through gpedit doesnāt work for me no matter what I try. I canāt imagine any other reasons for this issue.
Due to my unstable connection, Iām also wondering if the worse feeling of latency is just placebo.
Could you please advise me if the voice tin will limit my gameās bandwidth? Which tin should I use for game traffic?
I've also run into a strange problem:
@Lynx, Iām going to give Windows DSCP marking another try this evening.
Regarding my connection:
I will try to figure out Cake-autorate logging and will share the data in the Cake-autorate thread later today to gain more insight.
Thank you both so muchāI really appreciate your help! 
This depends a bit on your total capacity... if the Voice tin's capacity is greater than say 3 times the games capacity demand (to allow for occasional non smooth delivery) you should be fine, and if your game traffic rate is too high for that cake will degrade gracefully, that is gaming packets will receive not as much priority as intended, but will not ge hard dropped either...
Typically the Video tin has a larger capacity share assigned and unless there is lots of traffic already in the Voice and/or Video tin there is no harm in steering game packets into the Video tin. Priorities are relative, so if all other traffic stays in best ettort moving your game to Video or Voice will have exactly the same effect on latency (assuming your game traffic fits comfortably into the Voice tin). Does this help?
thank you it does make sense.
since i am also using cake-autorate and bandwidth could go down to as low as 8Mbps, does it mean, sometimes the voice tin gets congested?
i will be posting my autorate logs today evening in the respective thread, hopefully it will be of more help and we can discuss there. <3
Are you scrubbing DSCPs on upload using the wash option for cake?
Have another look through:
It should work. And you can verify using tcpdump or the cake stats provided with the upload or download options of the cake-qos-simple service.
yes, its washing on upload.
cake_ul_options="diffserv4 triple-isolate nat wash ack-filter noatm overhead 0"
cake_dl_options="diffserv4 triple-isolate nat nowash ingress no-ack-filter noatm overhead 0"
first, i did not have gpedit.msc on my pc because my windows 11 was home (not pro), i managed to install it using some guides online and set it up exactly as in your github page. but the packets were not being marked when i checked with wireshark and tcpdump (commands from your github).
i figured windows was not marking packets because gpedit.msc could not specify value for "-NetworkProfile" to "All/ local network" it seemed to be setting DSCP values for domain/ group (from my memory). So i had to set the DSCP vales using powershell using "-NetworkProfile All" and "-PolicyStore Activestore" (it did not mark packets if i did not use -PolicyStore too)
after using powershell to mark packets using "NetQosPolicy", i could see DSCP marks using Wireshark and on download (tcpdump -i ifb-wan -vv) - no markings on upload though (tcpdump -i wan -vv), i realize now that it could be cuz of washing.
Yes you need to take a lot of care the specific point at which you look at the packets. Itās a bit fiddly.
You can look at the cake stats for upload or temporarily disable washing.
this does not work btw, stops at "Validity check of nft.rules file failed."
I also checked setting DSCP values using gpedit.msc, still does not work.
When i set policy through gpedit.msc, it appears as below (when i check with "Get-NetQosPolicy" )
Name : CS2
Owner : Group Policy (Machine)
NetworkProfile : Domain
Precedence : 127
AppPathName : cs2.exe
JobObject :
IPProtocol : Both
DSCPValue : 16
But when i set the DSCP values with New-NetQosPolicy -Name "CounterStrike2" -AppPathNameMatchCondition "cs2.exe" -IPProtocol Both -DSCPAction 16 -NetworkProfile All -PolicyStore ActiveStore, it marks the packets properly (verified on both tcpdump and wireshark).
Working NetQosPolicy will be shows as below;
Name : counterstrike2
Owner : PowerShell / WMI
NetworkProfile : All
Precedence : 127
AppPathName : cs2.exe
JobObject :
DSCPValue : 16
Then by all means use the powershell method... as long as you can get the marking reliably enabled all is well.
As @moeller0 states if Powershell works that's fine, but the OCD in me wants to know why the policy editor method didn't work. You did include the registry key entry, right? Admittedly I have Win 11 (Pro), but I'd be surprised if that's it here.
Good to know. And it's not just relating to comma right (all entries to have comma at end, save for the last line)?
@dave14305 do you know how to specify a range in an nftables map like this:
define PROTO_DPORT_DSCP_MAP = {
tcp . 53 : goto dscp_set_voice, # DNS
udp . 53 : goto dscp_set_voice, # DNS
tcp . 853 : goto dscp_set_voice, # DNS-over-TLS
udp . 853 : goto dscp_set_voice, # DNS-over-TLS
udp . 123 : goto dscp_set_voice # NTP
}
It seems one can't just use something like X-Y.
You must add flags interval as an attribute in your map declaration.
map rules_proto_dport {
type inet_proto . inet_service : verdict
flags interval
elements = \$PROTO_DPORT_DSCP_MAP
}
yes i added the registry key. i think the problem is that gpedit applies to NetworkProfile: domain. While my PC seems to be in a "private network"
i can confirm it was not the comma.
i will try the flags interval today.
I have a new question now, i recently learned that CounterStrike 2 uses larger packets than typical ICMP packets,
overwrite_ul_ect_0_val="" # overwrite upload ECT(1) values with decimal value (e.g. 0, 1, 2, 3), else "" to disable
overwrite_ul_ect_1_val="" # overwrite upload ECT(0) values with decimal value (e.g. 0, 1, 2, 3), else "" to disable
overwrite_dl_ect_0_val="" # overwrite download ECT(1) values with decimal value (e.g. 0, 1, 2, 3), else "" to disable
overwrite_dl_ect_1_val="" # overwrite download ECT(1) values with decimal value (e.g. 0, 1, 2, 3), else "" to disable
after looking at cake-qos-simple stats, i'm fairly confident that my in-game jitter is not caused by OpenWRT, since all the measurements are in Āµs. So its likely to be either my upstream router or ISP 
is there any other solution to smooth over packets? i just want to get rid of the +25ms jitter i'm seeing for Counterstrike2.
This seems very promising, albeit I still think marking in Windows is preferable.
Pass. This is one for @moeller0.
@moeller0 is again the expert on this, and can correct me if this is bad advice, but based on this discussion here:
I suggest simply setting it to zero, particularly given the bandwidth adjustment that you are letting cake-autorate handle.
I created these to facilitate scrubbing of the so-called (Explicit Congestion Notification) ECN bits. ECT(0) and ECT(1) are just the ECN bits. What does ECT stand for? I'm not sure. Have a read here:
I think the idea is that instead of dropping packets to force the other side to reduce packets, you can actually signal bufferbloat using these ECN bits and the other side can react to that signal.
But some complain that this reaction is slow and that actually one is better off just dropping the packets.
Or in my case I thought my ISP was not handling ECN correctly (but actually from memory I think I was actually mistaken there). One can monitor ECN in action by inspecting packets in both directions using tcpdump, but it's not so easy to get this right.
So, in any case, I thought it'd be helpful to have a mechanism for disabling ECN to force cake to drop packets rather than use the ECN mechanism.
Whether this should be activated or not will depend upon the individual use case. In my case I've just left it active (as in, I do not scrub the ECN bits in cake-qos-simple).
Hmm, decoding those stats is not easy. Tailoring cake-autorate to handle gaming is its own topic and properly better addressed in the cake-autorate thread. Part of the challenge is that the only way we get a sense of whether there is extra bandwidth to allocate is by testing an increase and observing whether there is any increase in latency.
cake-autorate is highly configurable and I'm confident there will be room for improvement one way or another. How much bandwidth does CS2 actually need? Say this is less than or equal to 10Mbit/s, then it'd be interesting to see how gameplay is when setting a fixed cake bandwidth of 10Mbit/s.
So my take is Microsoft really does not want home users to use/have access to the group policy editor. The fact that it currently seems to be hidden only in a half assed way (behind a registry key everybody and their dog can set) might be explained by Microsoft aiming only as high as necessary (the more users figuring out the registry setting the less the current approach might fit the "high enough" requirement).