for add this information i download the packages "tee"
and i write on firewall.user for example
iptables -A POSTROUTING -t mangle -o br-lan ! -s 192.168.2.160 -j TEE --gateway 192myip of PC wired
iptables -A PREROUTING -t mangle -i br-lan ! -d 192.168.2.160 -j TEE --gateway 192.168.my ip of pc wired
I’m not 100% certain since I don’t use TEE or Wireshark much, but if you’re taking the traffic input on br-lan before it is sent through the wan tc filter with bpf (qosify) you won’t see the modified dscp yet.
The PREROUTING rule captures the original traffic before qosify can modify it. So I think this is just a flaw in the wireshark capture setup.
Others with more experience may correct me if I’m wrong.
What rules? They’re not quite iptables rules and they’re definitely not qosify rules. If those are in your /etc/qosify/*.conf files then they are being ignored due to invalid formats.
I was reading more of the qosify code and it looks to me like the priority of rules is:
IP rules (whether IP or DNS names) without + sign.
udp, tcp, or dscp_icmp port rules without + sign.
Default tcp or udp DSCP values (dscp_default_udp or dscp_default_tcp)
Non-bulk packets smaller than prio_max_avg_pkt_len get the dscp_prio value.
Bulk flows with packets per second greater than bulk_trigger_pps get the dscp_bulk value until they fall below that rate for bulk_trigger_timeout seconds(?).
Original DSCP from sending application or iptables rules, if set and no defaults set in #3.
IP rules (whether IP or DNS names) with + sign (e.g. +CS6).
udp, tcp, or dscp_icmp port rules with + sign (e.g. +CS6).
I’m posting this more as a statement of my level of understanding on how the config is interpreted, but glad to be corrected by @nbd and make edits.
Small corrections: The dscp_prio and dscp_bulk marking only happens in cases where there are no ip/port rules. Original DSCP is preserved whenever the final DSCP mark is one with a +
Few questions, is there is possibility to see output of already classified traffic by qosify?
Could someone please clarify, to which interface belong this config part?
config device wandev
option disabled 1
option name wan
option bandwidth XXmbit
Can someone please help me to sort out the correct config for the interfaces and devices:
Im using wrt3200 with a pppoe authenticated by vlan 20, so my config is next:
So the output is: interface pppoe-wan with device wan.20
But I have a few questions.
By default CS3 is used for HTTP/S,Quick (when no DSCP value is set)
This can not be overwrriten by the auto bulk detection feature?
So to put http/s,quick upload/downloads into the background queue.
I have to remove the default CS3 mapping?
Would be nice to have the inital http/s,quick packets go into a higher prio class and move them into the bulk class when higher traffic load is detected?
Does the dns matching feature overwrite any other rules?
For example, setting a dns name mapping to AF31/AF41, will this overwrite the default CS3 mapping of HTTP/S,Quick?
Should DNS really be in the CS5 class?
Someone else has the problem that qosify doesn't start and boot?
I tried to find some guidelines for proper mapping of services...
Streaming Video (like youtube,netflix, etc) should go into the AF3x class?
Live streaming video (video class, twitch streaming, etc) should go into the AF4x class?
Some RFC recommend to put DNS,DHCP, etc into the Default CS0 class. Some other suggest AF2x.
UDP Games to CS4? What about Games that use TCP?
Mail (SMTP/S,IMAP,POP3) into Bulk? Or AF1x?
Hi, Im using wrt3200acm, only as a modem and i can achive 850 with qosify without irqbalance, packet steering and offloading… but i havent tested yet the performance
I wonder, with the IETF pushing for some DSCPs being used end-to-end, whether an additional rule could be implemented that allows re-mapping based on the received DSCP?
So kind of a - only remap if the original ingress DSCP was not CS0.
As an example we had reports of ISPs dumping large fractions of normal traffic marked as CS1, which does not play well with cake's bulk/background tier unless such marked traffic truly is intended for background priority, same also applies to WMM default mapping.
Speaking of WMM/WiFi, is there a chance we could expose hostapd's qos_map feture in LuCI there is some pretty problematic stuff regarding DSCPs coming down the IETF RFC pipeline, that tries to "exploit" default WMM DSCP to AC mappings and it would really be great if OpenWrt would be prepared to deal with that gracefully (I am not saying things will go pear-shaped, only that the designers of the DSCPs are overly optimistic in regards to safety on on-aware WiFi networks)....
With cake, and this seems to be cake exclusive, sparse flows get a boost anyway (and all new flows are sparse especially during the handshake phase where they "ping-pong").
Similar, DNS tends to be sparse and hence needs little additional care in cake/fq_codel (unless you have enough DNS traffic to fill the queues).
My take is, keep as much in CS0 as possible and only move stuff to higher/lower priority tiers if you:
a) either know a priori that they deserve that, think a backround bit-torrent client, or UDP traffic to/from your gaming machine, or
b) figured out by looking at your traffic that special care is required, like your ISP mis-marking incoming packets (like interactive https packets anding up in CS1).
BTW, with cake the traditional names of the DSCPs are pretty irrelevant the only important thing is which of the 3/4/8 priority tier in cake's diffserv mode that DSCP maps into (and in addition which WiFI access class it maps into).
The DSCPs by themselves really do nothing, this is all about the matching per-hop-behaviour (PHB) that the IETF recommends to apply to each of the named DSCPs. So in your home network you are free to do what ever you want.