Again, you are wrong. Intead of setting a class in defaults as:
option dscp_prio video
Do set a dscp mark like:
option dscp_prio AF41
And both prio and bulk will work. If you set a class then all the settings from that class will be taken. It's and expected behavior as the developer said when I asked that, and it's how it should work.
I think both are very useful. For example i would like to priorize some IPs but only on the ports I want.
Same happens to LAN, I would like to depriorize some ports from my download center.
Do you have any specific examples where this is needed on the WAN side? I'm asking because I'm reluctant to add this feature because of extra CPU cycle cost
I don't know how hard would be to implement that feature, it was just a sugestion. I assumed that if you implement it in the LAN side it would be simple to implement it in WAN side. I don't know how much will this increase CPU usage but if it doesn't take too much effort to implement it, I think it doesn't hurt to have the option for those who want to use it.
For example, for DoH i use cloudflare DNS but i use other services from cloudflare, so maybe this services have the same IP as the IP of the DNS. One of this services is something like a vpn tunnel, and i don't want that traffic to be mixed with the DSCP tag of the DNS. So i would like to only priorize port 443 for the cloudflare IP.
Maybe you have a VPS and you want to priorize traffic between you and the VPS, but not all types of traffic.
It's just that i don't really like to priorize ports without specify IPs because there could be unexpected coincidences on some ports.
Given that ports > ~1000 are not reserved, indiscriminately up-prioritizing all UDP-packets with src-port X can have undesired side effects, that should be better contained if that up-prioritizing is restricted to UDP packets from port X sent to internal host a.b.c.d. But that information would need to be available before the ingress cake instance acted based on the DSCPs.... cake itself, as you certainly know, peeks into the conntrack tables to at least get the internal IP addresses for its advanced isolation modes, but that might be harder to access from bpf code?
That only the ports specified in this IP address can be prioritized with the DSCP mark or exclude these ports from being prioritized with a !, but all other ports in this IP address are prioritized with in the DSCP mark.
# Game consoles and TorrentBox (Example of prioritizing all ports)
lan:192.168.5.20/30 CS4
lan:192.168.5.20/30 CS4
lan:192.168.5.10 LE
lan:192.168.5.10 LE
# Game consoles (Example of only prioritizing these ports)
lan:192.168.5.20/30 tcp:3074-3076 CS4
lan:192.168.5.20/30 udp:3074-3076,500,3544,4500,3659 CS4
# Game consoles (Example of excluding these ports from prioritization)
lan:192.168.5.20/30 tcp:!80,443 CS4
lan:192.168.5.20/30 udp:!80,443 CS4
I give up...what ever i try Video tin is empty and all traffic goes to best effort.
etc .
192.168.1.150 video
192.168.1.150 +video
Also missing very usefull functions and for now cannot..
Cannot set specific ip lan ..... lan:
Cannot set specific ip lan with port/port range DSCP
Cannot match by connbytes...etc 0:500, 25000:15000 and traffic transferred to set DSCP.
Etc..Match by bulk_trigger_pps ..cannot combine it with ip lan and ports or connbytes.
If i miss something or anyone knew how these can implement...please post examples to have something to "try" people like me which of course i am not developer and i don't have so much knowledge.
To have these options i have to run separate iptables rules to match by etc.. connbytes ,packet length.
If i need to run iptables rules whats the difference with SQM or other scripts????
I think it’s a question about the advantages of eBPF versus traditional iptables classification. I don’t know the answer but I believe eBPF has some “kernel-level” benefits.