I want to configure SQM and it probably has been asked 100 times but someone please help

I currently have a Linksys EA6350v3 as my primary router connected to the frontier ONT, with wifi turned off as I am using orbi rbk23 as my access points, if someone could please tell me if sqm is reasonable or just downright stupid to do, i am somewhat of an openwrt noob as while I love the open source and beauty of the os im just a young teen that wants youtube to stop lagging when no one else is home and we pay for 500 up/ 500 down fiber internet. I currently updated to the latest version of openwrt supported for my EA6350v3 which is 22.03.2 and have sqm setup however when I do speedtests using cake and piece of cake i get 90 down and 240 up and if i use fq_codel + simple i get 190 and 270, while i am doing this on wifi and while my dad uses the tv to watch youtube videos, my normal speeds are 400 down 400 up when i run the orbis straight up without openwrt, and became a little slower it seems when i updated openwrt for some reason, if anyone would like to help me with the setup it would be greatly appreciated at the end of the day im willing to put more money into the setup (like maybe 100-200) (but if its not going to help because im cheap i would like to see what the community can make out of this)however right now I dont really need the capability to use all 500 up and down i just need to be able to watch like 4 1080p videos at once, also i do not want to use the wireless capabilities of the ea6350 because i need the range the orbis provide however I am willing to return them (paid $150) in favor of a better setup for multiple rooms, and i also am not double natting as the orbis are in ap mode and have ethernet connections running to each other, if needed i can ssh into the router but your gonna have to tell me the commands (sorry) and am willing to try anything and can draw a diagram of my setup if needed

sqm/cake needs considerable CPU power, more than ipq4018 can provide; you are firmly in x86_64-land (or RPi4) for sqm at 500/500 MBit/s.

There are quite a few 4-port 'firewall mini PCs' on amazon/ aliexpress starting around ~200 EUR/ USD, examples for cheaper options can be found here:

hmm been testing recently with fq_codel+simple and getting 300 down/ 200 up what are the major downsides for my usecase, and since im using ookla speedtest could these numbers be misleading me. That speed for me is perfectly fine tbh but if you know can you tell me of the downsides of this setup currently? also i can run a waveform bufferbloat test for you and share results. also off topic any software you recommend not related to this that helps you enjoy wrt?

heres my results for now https://www.waveform.com/tools/bufferbloat?test-id=349b2d09-481d-460a-b5cd-1126f0581940

For low latencies, the router should always be able to cope with maximum line-speed plus a healthy margin. While you can reduce the target speed for sqm until your router's performance matches expectations, that's hardly a good solution - and especially in your situation (with the wireless side being offloaded to external devices), getting a device that has the necessary performance is relatively easy.


sorry to ask more but what would you recommend for a raspberry pi setup that’s simple and effective

RPi4 (the USB2 system bus of the RPi3 and lower is a bottleneck) and an rtl815x based USB3 ethernet card (as wan), e.g. a TP-Link UE300 seems to be popular among RPi4 users.

Personally I'm using an (baytrail-d) Atom J1900 based 4-port igb device[0] I scored very cheap[1] on the used market - and given the prices you can achieve there (with some patience and persistence), that could be a considerably cheaper option. The RPi4 can be a very capable wired router, but they're still way overpriced. A few contemporary x86_64 thin clients or USFF sized mini computers may also do the job[2].

[0] quick/ synthetic testing suggested a ceiling of ~830 MBit/s with sqm/cake, more modern Atom SOCs should be capable to handle full 1 GBit/s (or more); I only need mine for handle 400/200 at 11 watts.
[1] around 50 EUR/ USD is reasonable for these in used condition; avoid the old AMD Jaguar cores (pcengines APU1/2/3/4/5, Cyberoam CR15iNG/ CR25iNG, etc.), anything powered by a VIA CPU or Atom SOCs older than at least baytrail-d.
[2] as long as they have a fast enough CPU, space to add a (second-) PCIe ethernet card, get along with a reasonable idle power consumption (e.g. 3-20 watts) and come for a good price.

1 Like

i know rpi4s seem hard to come by but if i could somehow find one what amount of ram do you think would be sufficient for 500 up and down also if say i was to upgrade to 1 or 2 gig internet what would you recommend for a sqm setup would a rpi4 still be good? more or less ram?

I would not pay full money for any modern (general purpose-) device with less than 2 GB RAM myself (>=4 GB, to be honest), but routing and sqm don't need much RAM. My gateprotect FW-7543B (OpenWrt/ master, x86_64, 32 GB SSD, 4 GB RAM) idles at just under 96 MB RAM usage after 55 days uptime (with sqm/cake and considerable adblock blocklists), so technically even the 1 GB RPi4 should do easily - the installed flash size shouldn't really matter either (anything above 128 MB will do).

Resist the urge to overload your router with non-routing tasks, keep its attack surface small.


I'm in the x86 camp, too. Small dedicated boxes with multiple NICs are so easily acquired these days, and Linux is so well tested on x86 that it's sort of a no-brainer for me.

The only thing I've found that's a true memory hog under OpenWrt is Snort, which is an intrusion detection/prevention system (IDS/IPS). It builds these huge tables from rules to match traffic patterns and filter out intruders. I see it regularly gobbling 250-300 MB of RAM at startup, that's on top of everything else. Second biggest RAM user that I've observed is the category of ad-blockers and IP ban packages; they either have name lists or IP address lists, and I've seen some popular ones eat up maybe 40-50 MB of RAM worst case.

As slh indicates, SQM is basically algorithmic and has tiny data requirements. On the other hand, it does have huge CPU requirements, which is another reason I like the x86, it's easy to get a multi-core Celeron with 3+ GHz clock for relatively cheap.

while quite stupid I have perhaps figured out a solution to a router with many very what ifs. I currently have a ps4 that is capable of running linux which i have looked up and would seem to satisfy the gigabit requirement, and i could run a usb 3 ethernet card if supported by the drivers. i do not use the ps4 which is good, and getting drivers could be a problem however past this i think the hardware is more than likely sufficient. only problem is im screwed if a power outage happens as getting the ps4 to boot linux is a quite annoying process, however it good be a good temporary start to see how much benefit i get from bufferbloat reduction and full sqm capabilities

That, plus 1) you'll learn a ton and 2) sounds like fun!

I'm a big fan of the basic (networking- and other 'essential') infrastructure to be as hands-off as reasonably possible. While power outages aren't really common around here (so no need for a UPS), short time/ short notice power cuts due to construction/ repairs do happen from time to time (1-2 times a year) and blown fuses (e.g. lawn mower or other heavy machinery) certainly do happen -irregularly, but- often enough, my network not recovering from that on its own, would be a hard no-go for me (VoIP 'landline' phones and surveillance cameras depend on it, maybe I'm not even around for hours when others in the household need connectivity (phone)).

The PS4 is quite dated by now, linux access was only possible via virtualization, neither of which really suggests that much processing/ packet forwarding power - and it's not going to be low (idle-) power for 24/7 operations either, so imho not a good choice to begin with, apart from the bootstrapping/ cold boot complications (and no bare-iron access will be problematic in terms of connecting a USB network card or setting VLANs as well).

While I don't know where you are located, you should find something decent (along the lines of Tips for getting cheap used x86-based firewall with full Gbit NAT (a PC Engines APU) if you are in the US) for 35-75 EUR, if not - skylake/ kabylake SFF Dell/Fujitsu/HP/Lenovo core-i5 systems will be in that price range, USFF ones a tad above that. And brandnew N51xx/ N100 'firewall PCs' from Jeff Bezos' bookstore or Jack Ma's market place are starting around 180-230 EUR.

...keep it simple, keep it reliable - don't muck around it for the sake of it, neither of these need to be expensive.

This is a question only you can answer as it is mostly about policy... with your equipment you will not be able to run sqm close to your line rate. (And yes, cake does more than HTB+fq_codel and certainly more than TBF+fq_codel so it requires more CPU cycles).
Personally, with my old router (netgear wndr3700v2) I was limited to sqm at ~80Mbps (combined for both directions), so I ran my 100/40 link shaped at ~49/29 Mbps as for my use-cases less capacity but with lower latency-under-load-increase was simply more usable than more throughput but also more latency. However I since switched to a more capable router that allows traffic shaping at the ~140 Mbps combined required to essentially run my link close to maximum throughput. But whether that is true for you as well I can and will not predict.... (the point is however, just because a link operates at X Mbps that does not mean one can not shape it down to Y with Y << X and still have usable internet access).

There are no real downsides to simple.qos, it is just cake offers a few additional fancy options (not active by default), like:
a) per-internal-IP isolation, where capacity is equitably shared between active internal IPs (so essentially end devices) and within each IP address equitably between flows; this solves issues, like my son's bit-torrent client spoiling the internet access for everyone (this is an illustrative example my kids do not torrent (yet?)).
b) adaptive tighter control for ingress traffic
c) easy configuration for DSCP based QoS (but that is a rabbit hole I do not want to send you down :wink: )

Why? It is relatively easy to test what performs better higher capacity without SQM or lower capacity with SQM, easy enough that I would certainly recommend everybody to test that and select the better option. That then gives ideally more time to upgrade the rputer to something more performant without feeling urgency :wink:

I fully endorse that! However, I run a small (mostly read) fileshare from the router, but that is fully replaceable should it die (for persistent logs I want/need additional storage anyway, so it was easy enough to add a fileshare to make music available for the whole family). My point is if you are careful you can have the router do a few additional things, just make sure you do not care much if these should break...

I note that especially cake not only requires a healthy portion of CPU cycles, but it also needs them in a timely fashion, so sqm occasionally runs into trouble on systems that aggressively power/frequency scale (which bugs me, as I would like both, responsive internet access and saving energy).


i ended up buying a rpi4 and a tplink ue300 adapter which i will recieve in the mail tomorrow, I would like to run a plex server on it as well to be honest however i think that will be more time than its worth as I could just buy something cheaper as Im just looking for something power efficient tbh. Any advice on setup and besides installing sqm software are there any basic tweaks to make my router setup as reliable as possible. Im honestly slightly worried about running into issues with ipv6 and the guides on disabling it are confusing me a little as it seems like things have changed slightly over time on how to disable ipv6.

also you have mentioned that simple qos would offer similar performance I am guessing to cake, but that cake offers additional options while piece of cake and simple provide similar performance it seems, would changing my queue discipline from fq_codel to cake result in a noticeable performance difference? as I do not understand most of these terms as I am not deep into networking would you mind explaining the benefits of dscp configuration. Also with cake how would i configure per internal ip isolation or is that something i should just look up?

No, both piece_of_cake.qos and layer_cake.qos will ignore the qdisc field in /etc/config/sqm and always use cake, simple.qos however honors this field and hence can use either fq_codel or cake as leaf qdisc.
A raspberry pi4b should be fast enough to allow any qdisc to scale up to your internet access speed (maybe requiring a bit of careful configuration).

layer_cake/simple will use DSCPs to steer flows/packets into typically 3 to 4 different priority tiers allowing you to special case some traffic (at the expense of other traffic). Personally I always recommend to use up-prioritisation as sparingly as possible and only if one can see/measure a noticeable improvement. Others have different takes on that topic though.

Look here:

that should get you started :wink:

also with fq_codel and simple qos was still getting a decent bufferbloat even with no devices connected and just a pc with a ethernet connection wired into the router :sob: is this possibly because my routers cpu cant handle sqm or because my isp just sucks ass or could be both? as i am getting the rpi4 tomorrow i guess ill figure out soon anyways lmao

also besides openwrt forums and wiki what is the best way to learn most of these things starting at like baby networking terms so i can read up

Well... The field of "networking" is so huge it's really impossible to say. I read RFCs (here's one I'm picking through this week https://www.rfc-editor.org/rfc/rfc3633), various blogs (here are a couple I've read through recently https://labs.apnic.net/index.php/2022/11/02/comparing-quic-and-tcp/ https://thermalcircle.de/doku.php?id=blog:linux:nftables_demystifying_ipsec_expressions) and I follow related projects on either their site or github (https://git.openwrt.org/openwrt/openwrt.git https://git.netfilter.org/nftables/log/).

When I see a term/acronym I don't know, I look it up (often wikipedia has a good answer), then write up a definition for it (the act of writing cements it in my head) and any related terms I uncover, then stick them in the glossary in my local wiki (I'm running dokuwiki on an Ubuntu server under apache, and by the way, the OpenWrt wiki is also a dokuwiki instance). Here's a short section cut out of the middle as an example:

Hardware and PHY

  • PON - Passive Optical Network
  • EPON - Ethernet Passive Optical Network
  • XGPON - 10Gb Passive Optical Network, may be assymmetrical, also sometimes called 10G-PON.
  • XGSPON - S = Symmetrical, otherwise same as XGPON.
1 Like