Device: Xiaomi R3g v1
Network: Altice MEO Portugal ipv4 and ipv6
ADSL2+ over ISP Router in bridge mode
Speed: Download 13000kbit, Upload 925kbit
ISP have IPTV over multicast in ipv4.
Using max 3400kbit of download
Traffic of iptv going of ethernet tagged with AF41.
Box have dhcp reserved with 192.168.2.200
I using igmpproxy on wan
config igmpproxy
option quickleave 1
option verbose 0
config phyint
option network wan
option zone wan
option direction upstream
list altnet ---/32
list altnet ---/16
list altnet ---/20
list altnet ---/23
config phyint
option network lan
option zone lan
option direction downstream
list altnet 192.168.2.200/32
SQM config
config queue
option debug_logging '0'
option verbosity '5'
option ingress_ecn 'ECN'
option tcMTU '2047'
option tcTSIZE '128'
option qdisc 'cake'
option qdisc_advanced '1'
option squash_dscp '0'
option squash_ingress '0'
option qdisc_really_really_advanced '1'
option linklayer_advanced '1'
option shaper_burst '1'
option script 'layer_cake.qos'
option interface 'eth0.2'
option linklayer 'atm'
option overhead '44'
option tcMPU '0'
option egress_ecn 'NOECN'
option upload '825'
option enabled '1'
option download '12350'
option linklayer_adaptation_mechanism 'cake'
option iqdisc_opts 'diffserv8'
option eqdisc_opts 'diffserv8'
I have Wireguard VPN and IPv6 Tunnel Broker for static ipv6
config interface 'loopback'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
config interface 'lan'
option type 'bridge'
option proto 'static'
option netmask '255.255.255.0'
option ip6assign '64'
option igmp_snooping '1'
option ipaddr '192.168.2.1'
list ip6class 'wan6'
option ifname 'eth0.1'
config device 'lan_eth0_1_dev'
option name 'eth0.1'
option macaddr '---'
config interface 'wan'
option proto 'dhcp'
list dns '1.1.1.1'
list dns '1.0.0.1'
option peerdns '0'
option metric '10'
option ifname 'eth0.2'
config interface 'wan6'
option proto 'dhcpv6'
option reqprefix 'auto'
option reqaddress 'try'
option peerdns '0'
list dns '2606:4700:4700::1111'
list dns '2606:4700:4700::1001'
option ifname 'eth0.2'
config interface 'wan6_tun'
option proto '6in4'
option username '---'
option peeraddr '---'
list ip6prefix '---'
option ip6addr '---'
option tunnelid '---'
option password '---'
config interface 'wg0'
option proto 'wireguard'
option private_key '---'
option listen_port '51820'
list addresses '192.168.5.1/24'
list addresses '---::1/64'
config wireguard_wg0
option route_allowed_ips '1'
option persistent_keepalive '25'
list allowed_ips '192.168.5.2/32'
list allowed_ips '---::2/128'
option description 'Samsung'
option public_key '---'
config wireguard_wg0
option public_key '---'
option route_allowed_ips '1'
option persistent_keepalive '25'
list allowed_ips '192.168.5.3'
list allowed_ips '---::3/64'
option description 'OMEN-HP'
config switch
option name 'switch0'
option reset '1'
option enable_vlan '1'
config switch_vlan
option device 'switch0'
option vlan '1'
option ports '6t 3 2'
option vid '1'
config switch_vlan
option device 'switch0'
option vlan '2'
option ports '6t 1'
option vid '2'
I have more aria2 deamon run on router
config aria2 'main'
option bt_enable_lpd 'true'
option enable_dht 'true'
option follow_torrent 'true'
option save_session_interval '30'
option enabled '1'
option user 'root'
option dir '/mnt/sda1/.aria2/incomplete'
option config_dir '/mnt/sda1/.aria2/conf'
option pause_metadata 'true'
option rpc_auth_method 'token'
option rpc_secret '---'
option rpc_secure 'true'
option rpc_certificate '/etc/ssl/server.cert'
option rpc_private_key '/etc/ssl/server.key'
option enable_proxy '0'
option check_certificate 'true'
option ca_certificate '/etc/ssl/certs/ca-certificates.crt'
option http_accept_gzip 'true'
option max_connection_per_server '16'
option enable_dht6 'true'
option enable_peer_exchange 'true'
option bt_remove_unselected_file 'true'
option bt_seed_unverified 'true'
option listen_port '60001'
option dht_listen_port '60001'
option seed_ratio '0.0'
option seed_time '0'
option disk_cache '0'
option file_allocation 'falloc'
list extra_settings 'dscp=8'
list extra_settings 'enable-http-pipelining=true'
list extra_settings 'on-download-complete=/mnt/sda1/.aria2/scripts/mvcompleted.sh'
list extra_settings 'quiet=false'
option enable_logging '1'
option log '/mnt/sda1/.aria2/log/aria2.log'
option log_level 'warn'
I have more adblock, ddns, minidlna. But it's not important for this.
I need tagged traffic of aria2 for CS1 (Bulk), of box Meo(over wan its correct tagged, i need for go to wan).
Possible i need tag on MS Team and Zoom.
I wait for experts ...