Ports are always considered to be the “remote” port from the interface’s perspective. The code checks src or dst port, depending on ingress or egress direction of the flow.
2 Likes
Thanks! Given the prevalence of NAT for IPv4 that decision makes some sense (as the internal host's port might be re-mapped arbitrarily (so that the internal port number varies depending on which side of the NAT boundary a packet is looked at) and hence is not reliably predictable)...
Hello, how does one use this package?
I couldn't seem to get any hints or guides. Either that or something's wrong with my installation.
Environment is
x86/64 OpenWrt SNAPSHOT r19704-efff48529b / LuCI Master git-22.137.71281-d6dbedd
My OpenWRT setup is a transparent CAKE bridge between my ONT and downstream router.
I was previously using CAKE-autorate in combination with luci-sqm-scripts. Ingress interface is br-lan.4001 and egress is br-lan.4000.
qosify is marked as running in services, and is enabled. I have tried installing the latest qosify package in snapshot for x86_64. I haven't had any luck with ubus calls. Either they error or don't return a thing. ubus call qosify dump works.
ubus call qosify config returns nothing, trying ubus call qosify config reset returns Command failed: Parsing message data failed. ubus call qosify reset returns Command failed: Method not found.
qosify-status returns nothing.
Does anyone have a guide to get it working or something? I'm lost.
Hey guys I am trying to get GeforceNOW streaming service into the video bucket. I tried reinstalling, reboot and reload from the terminal but I still cannot get it the right bucket. I tried removing the plus sign also from the conf. Initially i had it using AF41 but change it to +video but still cannot get packets into the video bucket. Everything seems to just move to best effort bucket.
root@openwrt:~# qosify-status
===== interface wan: active =====
egress status:
qdisc cake 8001: root refcnt 9 bandwidth 940Mbit diffserv4 dual-srchost nat nowash no-ack-filter split-gso rtt 100ms noatm overhead 44 mpu 84
Sent 1775067802 bytes 11643046 pkt (dropped 0, overlimits 163299 requeues 14)
backlog 0b 0p requeues 14
memory used: 88096b of 15140Kb
capacity estimate: 940Mbit
min/max network layer size: 28 / 1500
min/max overhead-adjusted size: 84 / 1544
average network hdr offset: 14
Bulk Best Effort Video Voice
thresh 58750Kbit 940Mbit 470Mbit 235Mbit
target 5ms 5ms 5ms 5ms
interval 100ms 100ms 100ms 100ms
pk_delay 0us 8us 1us 4us
av_delay 0us 3us 0us 1us
sp_delay 0us 2us 0us 1us
backlog 0b 0b 0b 0b
pkts 0 11637948 2 5096
bytes 0 1774605932 108 461762
way_inds 0 5403063 0 0
way_miss 0 77567 2 466
way_cols 0 0 0 0
drops 0 0 0 0
marks 0 0 0 0
ack_drop 0 0 0 0
sp_flows 0 5 1 1
bk_flows 0 1 0 0
un_flows 0 0 0 0
max_len 0 27252 54 132
quantum 1514 1514 1514 1514
ingress status:
qdisc cake 8002: root refcnt 2 bandwidth 940Mbit diffserv4 dual-dsthost nat nowash ingress no-ack-filter split-gso rtt 100ms noatm overhead 44 mpu 84
Sent 53579288614 bytes 39800133 pkt (dropped 17, overlimits 17701976 requeues 0)
backlog 0b 0p requeues 0
memory used: 1957760b of 15140Kb
capacity estimate: 940Mbit
min/max network layer size: 46 / 1500
min/max overhead-adjusted size: 90 / 1544
average network hdr offset: 14
Bulk Best Effort Video Voice
thresh 58750Kbit 940Mbit 470Mbit 235Mbit
target 5ms 5ms 5ms 5ms
interval 100ms 100ms 100ms 100ms
pk_delay 0us 69us 5us 14us
av_delay 0us 15us 0us 6us
sp_delay 0us 1us 0us 2us
backlog 0b 0b 0b 0b
pkts 0 39799346 2 802
bytes 0 53579254954 120 56500
way_inds 0 607963 0 0
way_miss 0 100126 2 264
way_cols 0 0 0 0
drops 0 17 0 0
marks 0 0 0 0
ack_drop 0 0 0 0
sp_flows 0 5 1 0
bk_flows 0 1 0 0
un_flows 0 0 0 0
max_len 0 68130 60 130
quantum 1514 1514 1514 1514
/etc/qosify/00-defaults.conf
# DNS
tcp:53 voice
tcp:5353 voice
udp:53 voice
udp:5353 voice
# GFN
tcp:49003-49007 +video
udp:49003-49007 +video
# NTP
udp:123 voice
# SSH
tcp:22 +video
# HTTP/QUIC
tcp:80 +besteffort
tcp:443 +besteffort
udp:80 +besteffort
udp:443 +besteffort
/etc/config/qosify
config defaults
list defaults /etc/qosify/*.conf
option dscp_prio video
option dscp_icmp +besteffort
option dscp_default_udp besteffort
option prio_max_avg_pkt_len 500
config class besteffort
option ingress CS0
option egress CS0
config class bulk
option ingress LE
option egress LE
config class video
option ingress AF41
option egress AF41
config class voice
option ingress CS6
option egress CS6
option bulk_trigger_pps 100
option bulk_trigger_timeout 5
option dscp_bulk CS0
config interface wan
option name wan
option disabled 0
option bandwidth_up 940mbit
option bandwidth_down 940mbit
option overhead_type ethernet
# defaults:
option ingress 1
option egress 1
option mode diffserv4
option nat 1
option host_isolate 1
option autorate_ingress 0
option ingress_options ""
option egress_options ""
option options "overhead 44"
config device wandev
option disabled 1
option name wan
option bandwidth 100mbit
By default, the wan interface is disabled in /etc/config/qosify. Set disabled to 0 and review other settings there.
Customize IPs, ports or DNS names in /etc/qosify/00-defaults.conf.
Tech readme at:
https://git.openwrt.org/?p=project/qosify.git;a=blob;f=README;h=10d0c55b8a4d067b3d65ae9974e599c26aead763;hb=HEAD
Are these the remote destination ports (versus the local machine’s ports)? Qosify only works with remote port numbers. Also remove the + to ensure it always matches, regardless of original DSCP value.
Sorry. managed to get it working. I'm a complete newbie to OpenWRT. Setting disabled to 0 worked. Then I tried to change the interface to the br-lan.4000. Couldn't get that to work, so I tried using device instead, and it worked.
I suppose what confused me was the lack of error messages of probably invalid config. Is there any way to have the program act more verbose next time I change the settings?
Yes, I believe those are remote ports. I followed the guide on bottom of https://nvidia.custhelp.com/app/answers/detail/a_id/4504/ for the necessary ports needed to prioritise service.
From the linked text:
'Turn off any network firewalls. Some Firewalls can affect performance or even prevent you from connecting to our data centers.'
In all honesty I recommend to NOT use nvidia's streaming game service until they remove such actively misleading advice from their recommendations page. They clearly are part of the problem here....
Other than that I would recommend to use tcpdump on the router while playing to confirm the port (ranges) actually used and check whether these are local and/or remote ports.
2 Likes
Hi, LinksysWRT — @4C696E6B737973575254 love your ASCII nickname ;-),
It won't work, GeForce NOW ports should be marked on origin (source ports), see below my iptables rules for them:
udp multiport sports 49003:49005 match-set pentanet dst /* GeForce Now AF41 VI */ DSCP set 0x22
udp spt:49006 match-set pentanet dst /* GeForce Now EF VO */ DSCP set 0x2e
tcp spt:49006 match-set pentanet dst /* GeForce Now EF VO */ DSCP set 0x2e
tcp dpt:322 match-set pentanet dst /* GeForce Now AF41 VI */ DSCP set 0x22
Qosify won't help, it matches destination ports on egress not source ports.
3 Likes
Okay that makes sense. Thank you for the clarification. 
1 Like
is it possible to prioritize only traffic from 1 device or best case szenario 1 device sends prio packets and gets automatically the game server port to prio also the ingress packets ?
my problem is that i have a very big port range to cover, my pc sends packets with port 3074udp and the game server range is always between 30000udp-45000udp, i think because of that many packets get falsely a dscp prio tag for egress.
ha ha thank you!!! If i use sports and dports with -m set --match-set latsens then i can specify exactly to my games and ports on the ps5 and even if my kids are playing online as well the ports i use in conjunction with the ipset give me priority... wow omg finally found a way TKS VERY MUCH!!!!
1 Like
Late to the scene here. Thank you for your sharing your config file. It made it easier to compile a list of sites for gaming, streaming ect. A question about Qosify. I am struggling to see any benefit in terms of latency reduction. I am using the Belkin RT3200 and seeing at least a 20ms difference in latency when the download link is under load. I am also seeing full download speeds when, in fact, I think if cake was active, would probably not be the case?
Here is my config file for Qosify under /etc/qosify/00-defaults.conf
# HTTP/HTTPS/QUIC
tcp:80 browsing
tcp:443 browsing
udp:80 browsing
udp:443 browsing
dns:*.cloudfront.net* streaming
dns:*.akamaiedge.net* streaming
dns:*.demonware.net* gaming
dns:*.choopa.net* gaming
dns:*.activision.com* streaming
dns:*.vultrusercontent.com* gaming
dns:*.eu-central-1.compute.amazonaws.com* gaming
dns:*.eu-west-3.compute.amazonaws.com* gaming
dns:*.eu-west-3.compute.amazonaws.com* gaming
# Microsoft (Download)
dns:*1drv* bulk
dns:*backblaze* bulk
dns:*backblazeb2* bulk
dns:*ms-acdc.office* bulk
dns:*onedrive* bulk
dns:*sharepoint* bulk
dns:*update.microsoft* bulk
dns:*windowsupdate* bulk
# MEGA (Download)
dns:*mega* bulk
# Dropbox (Download)
dns:*dropboxusercontent* bulk
# Google (Download)
dns:*drive.google* bulk
dns:*googleusercontent* bulk
# Steam (Download)
dns:*steamcontent* bulk
# Epic Games (Download)
dns:*download.epicgames* bulk
dns:*download2.epicgames* bulk
dns:*download3.epicgames* bulk
dns:*download4.epicgames* bulk
dns:*epicgames-download1* bulk
# BitTorrent
tcp:6881-7000 bulk
tcp:51413 bulk
udp:6771 bulk
udp:6881-7000 bulk
udp:51413 bulk
# Usenet
tcp:119 bulk
tcp:563 bulk
# YouTube
dns:*googlevideo* besteffort
# Facebook
dns:*fbcdn* besteffort
# Twitch
dns:*ttvnw* besteffort
# TikTok
dns:*tiktok* besteffort
# Netflix
dns:*nflxvideo* besteffort
# Amazon Prime Video
dns:*aiv-cdn* besteffort
dns:*aiv-delivery* besteffort
dns:*pv-cdn* besteffort
# Disney Plus
dns:*disney* besteffort
dns:*dssott* besteffort
# HBO
dns:*hbo* besteffort
dns:*hbomaxcdn* besteffort
# SSH
tcp:22 network_services
# NTP
udp:123 network_services
# DNS
tcp:53 network_services
tcp:5353 network_services
udp:53 network_services
udp:5353 network_services
##
# Live Streaming to YouTube Live, Twitch, Vimeo and LinkedIn Live
tcp:1935-1936 broadcast_video
tcp:2396 broadcast_video
tcp:2935 broadcast_video
# DNS over TLS (DoT)
tcp:853 multimedia_conferencing
udp:853 multimedia_conferencing
# Zoom, Microsoft Teams, Skype and FaceTime (they use these same ports)
udp:3478-3497 multimedia_conferencing
# Zoom
dns:*zoom* multimedia_conferencing
tcp:8801-8802 multimedia_conferencing
udp:8801-8810 multimedia_conferencing
# Skype
dns:*skype* multimedia_conferencing
# FaceTime
udp:16384-16387 multimedia_conferencing
udp:16393-16402 multimedia_conferencing
# GoToMeeting
udp:1853 multimedia_conferencing
udp:8200 multimedia_conferencing
# Webex Meeting
tcp:5004 multimedia_conferencing
udp:9000 multimedia_conferencing
# Jitsi Meet
tcp:5349 multimedia_conferencing
udp:10000 multimedia_conferencing
# Google Meet
udp:19302-19309 multimedia_conferencing
# TeamViewer
tcp:5938 multimedia_conferencing
udp:5938 multimedia_conferencing
# Voice over Internet Protocol (VoIP)
tcp:5060-5061 telephony
udp:5060-5061 telephony
# Voice over WiFi or WiFi Calling (VoWiFi)
udp:500 telephony
udp:4500 telephony
and here is my config file from /etc/config/qosify
config defaults
list defaults /etc/qosify/*.conf
option dscp_icmp +besteffort
option dscp_default_tcp unmarked_traffic
option dscp_default_udp unmarked_traffic
config class unmarked_traffic
option ingress CS1
option egress CS1
option prio_max_avg_pkt_len 1270
option dscp_prio CS4
option bulk_trigger_pps 600
option bulk_trigger_timeout 10
option dscp_bulk CS1
config class browsing
option ingress CS0
option egress CS0
option prio_max_avg_pkt_len 575
option dscp_prio AF31
option bulk_trigger_pps 1000
option bulk_trigger_timeout 10
option dscp_bulk CS1
config class bulk
option ingress CS1
option egress CS1
config class besteffort
option ingress CS0
option egress CS0
config class network_services
option ingress CS2
option egress CS2
config class broadcast_video
option ingress CS3
option egress CS3
config class gaming
option ingress CS4
option egress CS4
config class multimedia_conferencing
option ingress AF41
option egress AF41
config class streaming
option ingress AF32
option egress AF32
option prio_max_avg_pkt_len 575
option dscp_prio AF31
config class telephony
option ingress EF
option egress EF
config interface wan
option name wan
option disabled 1
option bandwidth_up 42mbit
option bandwidth_down 850mbit
option overhead_type docsis
# defaults:
option ingress 1
option egress 1
option mode diffserv4
option nat 1
option host_isolate 1
option autorate_ingress 0
option ingress_options ""
option egress_options "wash"
option options ""
config device wandev
option disabled 1
option name wan
option bandwidth 850mbit
Why do I not see a reduction in latency? I have a GLiNet 1800AX, for comparison, that successfully manages latency to a range of about 4ms between unloaded and loaded downstream scenarios. I am currently running OpenWRT 22.03.0-rc1 build for my Belkin RT3200. Any help would be appreciated.
They are both disabled? Best to turn one one me thinks; interface wan probably.
3 Likes
I feel slightly silly now. Hahaha. Thanks for pointing the obvious out to me.
1 Like
Don't feel silly, happens to most of us occasionally...
Hi moller can you help me ?
I have a Linksys EA8500, my internet is an ADSL line of 10 Megabits downstream and 700k upstream (use PPPoE). I have read your input for SQM I used your ATM overhead detector and followed the instructions to configure SQM, I don't know if I did it right but I leave here the configuration:
config queue 'wan'
option ingress_ecn 'ECN'
option egress_ecn 'ECN'
option debug_logging '0'
opción verbosity '5'
opción qdisc 'cake'
opción qdisc_advanced '1'
opción qdisc_really_really_advanced '1
opción squash_dscp '0'
opción squash_ingress '0'
opción download '0'
opción script 'layer_cake.qos'
opción eqdisc_opts 'diffserv4 nat dual-srchost'
opción linklayer 'atm'
opción interfaz 'pppoe-wan'
opción upload '630'
opción linklayer_advanced '1'
opción linklayer_adaptation_mechanism 'default'
opción tcMPU '96'
opción enabled '1'
opción overhead '40'
opción tcMTU '1540'
opción tcTSIZE '96'
configurar cola
opción debug_logging '0'
opción verbosity '5'
opción qdisc 'cake'
opción qdisc_advanced '1'
opción ingress_ecn 'ECN'
opción qdisc_really_really_advanced '1'
opción squash_dscp '0'
opción squash_ingress '0'
opción egress_ecn 'ECN'
opción script 'piece_of_cake.qos'
opción download '0'
opción eqdisc_opts 'diffserv4 dual-dsthost ingress nat'
opción linklayer_advanced '1'
option linklayer_adaptation_mechanism 'default'
opción interfaz 'eth1'
opción linklayer 'atm'
opción upload '9649'
opción tcMPU '96'
opción enabled '1'
opción overhead '40'
opción tcMTU '15440'
opción tcTSIZE '96'
I don't know if this is well done in SQM, but now I am testing QosiFy, I am a total newbie, I leave what I have configured in QoSify and I would like you to help me to correct if I have something wrong and also how to configure QoSify for a 100 Megas symmetrical internet connection of PPPoE authentication.
/etc/config/qosify
config defaults
list defaults /etc/qosify/*.conf
option dscp_icmp +besteffort
option dscp_default_tcp unmarked_traffic
option dscp_default_udp unmarked_traffic
config class unmarked_traffic
option ingress CS1
option egress CS1
option prio_max_avg_pkt_len 1256
option dscp_prio CS4
option bulk_trigger_pps 600
option bulk_trigger_timeout 4
option dscp_bulk CS1
config class browsing
option ingress CS0
option egress CS0
option prio_max_avg_pkt_len 575
option dscp_prio AF31
option bulk_trigger_pps 1000
option bulk_trigger_timeout 4
option dscp_bulk CS1
config class bulk
option ingress CS1
option egress CS1
option prio_max_avg_pkt_len 575
option dscp_prio CS1
option bulk_trigger_pps 1000
option bulk_trigger_timeout 30
option dscp_bulk CS0
config class besteffort
option ingress CS0
option egress CS0
config class network_services
option ingress CS2
option egress CS2
config class broadcast_video
option ingress CS3
option egress CS3
option egress AF32
option prio_max_avg_pkt_len 575
option dscp_prio AF31
config class gaming
option ingress CS4
option egress CS4
config class multimedia_conferencing
option ingress AF41
option egress AF41
config class streaming
option ingress AF32
option egress AF32
option prio_max_avg_pkt_len 575
option dscp_prio AF31
config class telephony
option ingress EF
option egress EF
config interface wan
option name wan
option disabled 0
option bandwidth_up 637kbit
option bandwidth_down 9620kbit
config interface GuestWifi
option name GuestWifi
option disabled 0
option bandwidth_up 1024kbit
option bandwidth_down 300kbit
# defaults:
option ingress 1
option egress 1
option mode diffserv4
option nat 1
option host_isolate 1
option autorate_ingress 0
option ingress_options "nat dual-dsthost ingress mpu 88 overhead 40"
option egress_options "nat dual-srchost mpu 88 overhead 40 wash"
#config device wandev
#option disabled 1
#option name wan
#option bandwidth 10230kbit
/etc/qosify/*.conf
# HTTP/HTTPS/QUIC
tcp:80 browsing
tcp:443 browsing
udp:80 browsing
udp:443 browsing
# NTP
udp:123 network_services
# DNS
tcp:53 networtk_services
tcp:5353 networtk_services
udp:53 networtk_services
udp:5353 networtk_services
# DNS over TLS (DoT)
tcp:853 multimedia_conferencing
udp:853 multimedia_conferencing
# HTTP/HTTPS/QUIC
tcp:80 browsing
tcp:443 browsing
udp:80 browsing
udp:443 browsing
# Microsoft (Download)
dns:*1drv* bulk
dns:*backblaze* bulk
dns:*backblazeb2* bulk
dns:*ms-acdc.office* bulk
dns:*onedrive* bulk
dns:*sharepoint* bulk
dns:*update.microsoft* bulk
dns:*windowsupdate* bulk
# MEGA (Download)
dns:*mega* bulk
dns:*zippyshare.com besteffort
# Dropbox (Download)
dns:*dropboxusercontent* bulk
# Google (Download)
dns:*drive.google* bulk
dns:*googleusercontent* bulk
# YouTube
dns:*googlevideo* besteffort
# Servicios de Streaming
dns:*nflxvideo* besteffort
dns:*aiv-cdn* besteffort
dns:*aiv-delivery* besteffort
dns:*pv-cdn* besteffort
dns:*disney* besteffort
dns:*dssott* besteffort
dns:*hbo* besteffort
dns:*hbomaxcdn* besteffort
# BitTorrent
tcp:6881-7000 bulk
tcp:51413 bulk
udp:6771 bulk
udp:6881-7000 bulk
udp:51413 bulk
# Live Streaming (Servicios IPTV)
tcp:1935-1936 broadcast_video
tcp:2396 broadcast_video
tcp:2935 broadcast_video
tcp:7283 broadcast_video
######### Video Game Zone add by game or service #########
# pubg mobile
tcp:49610 gaming
tcp:46602 gaming
tcp:44748 gaming
tcp:20820 gaming
tcp:32651 gaming
tcp:48983 gaming
tcp:64133 gaming
tcp:26857 gaming
tcp:29845 gaming
tcp:37739 gaming
tcp:36750 gaming
tcp:11735 gaming
tcp:7407 gaming
tcp:33253 gaming
tcp:47547 gaming
tcp:9952 gaming
tcp:10167 gaming
tcp:12522 gaming
tcp:52298 gaming
tcp:38289 gaming
tcp:3295 gaming
tcp:61950 gaming
tcp:52354 gaming
dns:*5004-shadow.igamecj* gaming
dns:*me-du.shadow.igamecj* gaming
dns:*as-sg.shadow.igamecj* gaming
dns:*kj-se.shadow.igamecj* gaming
dns:*3022-shadow.igamecj* gaming
dns:*as-sg-m.shadow.igamecj* gaming
dns:*as-in.shadow.igamecj* gaming
dns:*as-mb.shadow.igamecj* gaming
dns:*as-hk.shadow.igamecj* gaming
dns:*sa-sap.shadow.igamecj* gaming
dns:*3021-shadow.igamecj* gaming
dns:*4008-shadow.igamecj* gaming
dns:*as-hk.shadow.igamecj* gaming
dns:*4009-shadow.igamecj* gaming
dns:*4010-shadow.igamecj* gaming
dns:*4007-shadow.igamecj* gaming
dns:*4006-shadow.igamecj* gaming
dns:*sa-sap-m.shadow.igamecj* gaming
dns:*sa-scl.shadow.igamecj* gaming
dns:*5005-shadow.igamecj* gaming
dns:*kj-tk.shadow.igamecj* gaming
dns:*api.club.gpubgm* gaming
dns:*us.voice.gcloudcs* gaming
dns:*naspeed.igamecj* gaming
# Zoom, Microsoft Teams, Skype y FaceTime
udp:3478-3497 multimedia_conferencing
# Zoom
dns:*zoom* multimedia_conferencing
tcp:8801-8802 multimedia_conferencing
udp:8801-8810 multimedia_conferencing
# Skype
dns:*skype* multimedia_conferencing
# FaceTime
udp:16384-16387 multimedia_conferencing
udp:16393-16402 multimedia_conferencing
# GoToMeeting
udp:1853 multimedia_conferencing
udp:8200 multimedia_conferencing
# Google Meet
udp:19302-19309 multimedia_conferencing
# TeamViewer
tcp:5938 multimedia_conferencing
udp:5938 multimedia_conferencing
# Voice over Internet Protocol (VoIP)
tcp:5060-5061 telephony
udp:5060-5061 telephony
# Voice over WiFi or WiFi Calling (VoWiFi)
udp:500 telephony
udp:4500 telephony
I am a total noob and if you think I should read something I would appreciate it if you could tell me what it is.
1 Like
ipq8064 isn't fast enough to handle 610 MBit/s with sqm/ cake, it isn't even fast enough to do that without any kind of sqm. Your limits with sqm would be around 150 MBit/s.
1 Like
I wasn't sure how much bandwidth this Linksys EA8500 could handle, thanks for the clarification, although I did know it wasn't much because it's a dualcore with several years.
Yes, I know but for me it is enough at the moment, my ISP at this moment does not want to install fiber and the maximum that another company offers is 100 MBits/s, as I said, I currently only have ADSL of 10 MBits/s and this router is enough For me, in the future I plan to buy something more powerful and use this Linksys as an AP.
Thanks for the information, I had already read something about it but I am clear that I need something with at least four cores and a good clock speed.