No. I am afraid not. There is no Luci GUI interface for the app just yet.
Config guide ?
Not from reading the text file or the git repository.
Not able to limit speed. I had to limit down to 4100kbps on SQM because my router crashes if above it.
Router - TL-WR850N v2 22.03.2
Packages
Removed - opkg, ca-bundle, uclient-fetch
Added - luci luci-app-wireguard luci-app-pbr stubby qosify
firmware compiled using firmware selector
My qosify config -
config defaults
list defaults /etc/qosify/*.conf
option dscp_prio video
option dscp_icmp +besteffort
option dscp_default_udp besteffort
option prio_max_avg_pkt_len 500
config class besteffort
option ingress CS0
option egress CS0
config class bulk
option ingress LE
option egress LE
config class video
option ingress AF41
option egress AF41
config class voice
option ingress CS6
option egress CS6
option bulk_trigger_pps 100
option bulk_trigger_timeout 5
option dscp_bulk CS0
config interface wan
option name wan
option disabled 0
option bandwidth_up 15mbit
option bandwidth_down 10mbit
option overhead_type docsis
# defaults:
option ingress 1
option egress 1
option mode diffserv4
option nat 1
option host_isolate 1
option autorate_ingress 0
option ingress_options ""
option egress_options ""
option options ""
config interface guest
option name wan
option disabled 0
option bandwidth_up 2mbit
option bandwidth_down 1mbit
option overhead_type none
# defaults:
option ingress 1
option egress 1
option mode diffserv4
option nat 1
option host_isolate 1
option autorate_ingress 0
option ingress_options ""
option egress_options ""
option options ""
config device wandev
option disabled 1
option name wan
option bandwidth 100mbit
How are class and priority configured ?
What does each class do? And how does it define priority? What is the order? voice>video>bulk>besteffort
What does these options do ? -
- option ingress CS6
- option egress CS6
- option bulk_trigger_pps 100
- option bulk_trigger_timeout 5
- option dscp_bulk CS0
video
class should be AF3
config class video
option ingress AF41
option egress AF41
- how does
dns:
work ? - How to verify if it works ?
- What is the syntax ?
What is nflxvideo when netflix uses *.oca.nflxvideo.net address ?
dns:*nflxvideo* video
tc -s qdisc
#(look at the per tin statistics for number of packets and bytes)- Create the traffic you expect to be marked/sorted into a specific cake bin. Preferably only that traffic (or only that traffic in significant portions)
tc -s qdisc
#(look at the per tin statistics for number of packets and bytes again)
You want to see that the counter for your targeted cake tin increased between 1) and 3) roughly in the order of traffic you generated in 2).
In addition you can look at packet-captures and see whether you find the expected DSCPs on each packet; this should be easy for ingress traffic, but for egress you will need to capture from the wan interface and will not be able to see the internal IP addresses (at least for NATed IPv4).
DNS is an acronym for Domain Name System. It is like an address book for the internet. Each time, for example, you type google.com into your web browser , your DNS resolver looks up the ip address of your typed url (172.217.169.14) and your web browser takes you to that address. Since google.com is easier to remember than 172.217.169.14, it is an easier way to organise the internet. If you want to go deeper into that rabbit hole, read up about IPv6 addresses.
Qosify will classify any address that includes the term nflxvideo into the desired priority tin. The asterik is known as a wildcard so number of words and or digits in your example can precede or proceed that word. This is useful because providers, such as Netflix, might use the term "nflxvideo", but the rest of the address might be different for example: example.nlfxvideo.net; goodexample.nlfxvideo.com. Both of these addresses, in the example, might be used by Netflix, but because you have used the wildcards (asterik) both addresses will be put in your preferred priority tin.
It might be helpful for you too lookup some of the information that you have asked. Some of it pertains to some basic knowledge of how the internet works and you will probably find an answer quicker.
-
I know what DNS is. but why read bout IPv6?
I meant doedns:
use rDNS IP to get domain from the IP(which is imperfect) or builds a database of IPs of the given domain ? -
How to specify that the give is a
domain
ordomain+tld
notsubdomain
What if a website isnflxvideo.amazon.com
?
tc -s qdis
Where to look exactly ?
How to capture packets ?
Can I do it on router or is there a way to forward a copy of it PC or redirect all traffic in/out on WAN interface to PC that then goes back to router (routerWAN>PC>Router) ?
IPv4 uses ‘A’ records to store IP addresses where IPv6 uses ‘AAAA’ records to store IPv6 addresses. ‘AAAA’ records, or quad-A records as they’re sometimes called, are functionally equivalent to ‘A’ records and are written in the same basic way. Reverse DNS records for IPv6 use PTR records just like in IPv4, but the trailing domain ‘in-addr.arpa’ for IPv4 has been changed to ‘ip6.arpa’ for IPv6. For PTR records the IPv6 address is still written in reverse nibble format just like in IPv4, only this time it’s much longer.
Something is lost in translation here. Hope someone here can help.
As far as I know this snoops your router's DNS requests to build its set of IP addresses for each wildcard. And yes that is imperfect as in a word with CDNs multiple wildly different service might be served from the same IP address, but mostly it works well enough as far as I can tell.
It is tc -s qdisc
, the last c
is kind of important. To run this commend you need to log into your router via SSH (see here).
tcpdump, but keep in mind that packet captures can get fairly large quickly, so storing these on a router typically is a bad idea unless you added some storage (flash disk or harddisk) and write the capture only to that (opkg update; opkg install tcpdump
, see here).
Well if you log into to your router vis ssh and issue tc -s qdisc
on the command prompt what output do you get? "not working" is a bit too generic to allow any kind of diagnosis.
Earlier I was getting a table with 4 columns and some line since I have change the config. Now I get this which completely different -
qdisc noqueue 0: dev lo root refcnt 2
Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0)
backlog 0b 0p requeues 0
qdisc fq_codel 0: dev eth0 root refcnt 2 limit 10240p flows 1024 quantum 1514 target 5ms interval 100ms memory_limit 4Mb ecn drop_batch 64
Sent 115681090 bytes 172858 pkt (dropped 11, overlimits 0 requeues 379)
backlog 0b 0p requeues 379
maxpacket 1434 drop_overlimit 0 new_flow_count 1090 ecn_mark 0
new_flows_len 0 old_flows_len 0
qdisc fq_codel 0: dev ifb-dns root refcnt 2 limit 10240p flows 1024 quantum 1514 target 5ms interval 100ms memory_limit 4Mb ecn drop_batch 64
Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0)
backlog 0b 0p requeues 0
maxpacket 0 drop_overlimit 0 new_flow_count 0 ecn_mark 0
new_flows_len 0 old_flows_len 0
qdisc noqueue 0: dev br-lan root refcnt 2
Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0)
backlog 0b 0p requeues 0
qdisc noqueue 0: dev eth0.1 root refcnt 2
Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0)
backlog 0b 0p requeues 0
qdisc noqueue 0: dev eth0.2 root refcnt 2
Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0)
backlog 0b 0p requeues 0
qdisc noqueue 0: dev WireGuard root refcnt 2
Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0)
backlog 0b 0p requeues 0
qdisc noqueue 0: dev wlan0 root refcnt 2
Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0)
backlog 0b 0p requeues 0```
Yes, this shows that you do not have any active cake instance, but the tc command itself was working just fine. Now, the next question is why was there no cake instance?
Qosify is not working when using my config classes
Removed #ADDED BY ME
(see below) configs classes and just kept the default configs
Ping @nbd - Can't use my config classes
@moeller0 - Working now
Config Classes
config defaults
list defaults /etc/qosify/*.conf
option dscp_prio video
option dscp_icmp +besteffort
option dscp_default_udp besteffort
option prio_max_avg_pkt_len 500
#CLASSES
#Pre-Configured
#config class besteffort
# option ingress CS0
# option egress CS0
#config class bulk
# option ingress LE
# option egress LE
#config class video
# option ingress AF41
# option egress AF41
#config class voice
# option ingress CS6
# option egress CS6
# option bulk_trigger_pps 100
# option bulk_trigger_timeout 5
# option dscp_bulk CS0
#ADDED BY ME
config class networkcontrol
option ingress CS6
option egress CS6
option bulk_trigger_pps 100
option bulk_trigger_timeout 5
option dscp_bulk CS0
config class telephony
option ingress EF
option egress EF
config class browsing
option ingress CS4
option egress CS4
config class videocall
option ingress AF41
option egress AF41
config class video
option ingress AF32
option egress AF32
config class scavenger
option ingress CS1
option egress CS1
config class loweffort
option ingress LE
option egress LE
config class besteffort
option ingress BE
option egress BE
#Interfaces
config interface wan
option name wan
option disabled 0
option bandwidth_up 15mbit
option bandwidth_down 90mbit
option overhead_type "docsis"
# defaults:
option ingress 1
option egress 1
option mode diffserv4
option nat 1
option host_isolate 1
option autorate_ingress 0
option ingress_options ""
option egress_options ""
option options ""
config interface guest
option name guest
option disabled 0
option bandwidth_up 4mbit
option bandwidth_down 4mbit
option overhead_type none
# defaults:
option ingress 1
option egress 1
option mode diffserv4
option nat 1
option host_isolate 1
option autorate_ingress 0
option ingress_options ""
option egress_options ""
option options ""
#config device wandev
# option disabled 1
# option name wan
# option bandwidth 100mbit
Config QoS Ports
# DNS
tcp:53 networkcontrol
udp:53 networkcontrol
tcp:853 networkcontrol
udp:853 networkcontrol
# NTP
udp:123 networkcontrol
#VoWiFi
udp:500 telephony
udp:4500 telephony
tcp:143 telephony
# SSH
tcp:22 +videocall
#tcp:22 +video
# HTTPS/QUIC
tcp:443 +browsing
#tcp:443 +besteffort
#Websites
dns:*spotify* +browsing
##Communication
dns:*3gppnetwork.org* telephony
dns:*matrix.org* messaging
#VideoSocialMedia
dns:*googlevideo* video
dns:*nflxvideo* video
dns:*facebook* video
dns:*instagram* video
dns:*whatsapp* video
#Downloading
dns:*play.google.com* loweffort
## Microsoft
dns:*update.microsoft* besteffort
dns:*windowsupdate* besteffort
dns:*windows* besteffort
dns:*microsoft* besteffort
root@OpenWrt:~# tc -s qdisc
qdisc noqueue 0: dev lo root refcnt 2
Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0)
backlog 0b 0p requeues 0
qdisc fq_codel 0: dev eth0 root refcnt 2 limit 10240p flows 1024 quantum 1514 target 5ms interval 100ms memory_limit 4Mb ecn drop_batch 64
Sent 276039195 bytes 1655709 pkt (dropped 0, overlimits 0 requeues 1389)
backlog 0b 0p requeues 1389
maxpacket 1494 drop_overlimit 0 new_flow_count 1519 ecn_mark 0
new_flows_len 0 old_flows_len 0
qdisc noqueue 0: dev br-lan root refcnt 2
Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0)
backlog 0b 0p requeues 0
qdisc noqueue 0: dev eth0.1 root refcnt 2
Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0)
backlog 0b 0p requeues 0
qdisc cake 8001: dev eth0.2 root refcnt 2 bandwidth 15Mbit diffserv4 dual-srchost nat nowash no-ack-filter split-gso rtt 100ms noatm overhead 18 mpu 64
Sent 2554 bytes 18 pkt (dropped 0, overlimits 0 requeues 0)
backlog 0b 0p requeues 0
memory used: 4288b of 4Mb
capacity estimate: 15Mbit
min/max network layer size: 40 / 204
min/max overhead-adjusted size: 64 / 222
average network hdr offset: 1
Bulk Best Effort Video Voice
thresh 937496bit 15Mbit 7500Kbit 3750Kbit
target 19.4ms 5ms 5ms 5ms
interval 114ms 100ms 100ms 100ms
pk_delay 0us 32us 0us 0us
av_delay 0us 2us 0us 0us
sp_delay 0us 2us 0us 0us
backlog 0b 0b 0b 0b
pkts 0 18 0 0
bytes 0 2554 0 0
way_inds 0 0 0 0
way_miss 0 5 0 0
way_cols 0 0 0 0
drops 0 0 0 0
marks 0 0 0 0
ack_drop 0 0 0 0
sp_flows 0 0 0 0
bk_flows 0 1 0 0
un_flows 0 0 0 0
max_len 0 218 0 0
quantum 300 457 300 300
qdisc clsact ffff: dev eth0.2 parent ffff:fff1
Sent 4583 bytes 35 pkt (dropped 0, overlimits 0 requeues 0)
backlog 0b 0p requeues 0
qdisc noqueue 0: dev wlan0 root refcnt 2
Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0)
backlog 0b 0p requeues 0
qdisc noqueue 0: dev WireGuard root refcnt 2
Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0)
backlog 0b 0p requeues 0
qdisc fq_codel 0: dev ifb-dns root refcnt 2 limit 10240p flows 1024 quantum 1514 target 5ms interval 100ms memory_limit 4Mb ecn drop_batch 64
Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0)
backlog 0b 0p requeues 0
maxpacket 0 drop_overlimit 0 new_flow_count 0 ecn_mark 0
new_flows_len 0 old_flows_len 0
qdisc cake 8002: dev ifb-eth0.2 root refcnt 2 bandwidth 90Mbit diffserv4 dual-dsthost nat nowash ingress no-ack-filter split-gso rtt 100ms noatm overhead 18 mpu 64
Sent 1616 bytes 12 pkt (dropped 0, overlimits 0 requeues 0)
backlog 0b 0p requeues 0
memory used: 2080b of 4500000b
capacity estimate: 90Mbit
min/max network layer size: 52 / 156
min/max overhead-adjusted size: 70 / 174
average network hdr offset: 1
Bulk Best Effort Video Voice
thresh 5625Kbit 90Mbit 45Mbit 22500Kbit
target 5ms 5ms 5ms 5ms
interval 100ms 100ms 100ms 100ms
pk_delay 0us 33us 0us 0us
av_delay 0us 1us 0us 0us
sp_delay 0us 1us 0us 0us
backlog 0b 0b 0b 0b
pkts 0 12 0 0
bytes 0 1616 0 0
way_inds 0 0 0 0
way_miss 0 2 0 0
way_cols 0 0 0 0
drops 0 0 0 0
marks 0 0 0 0
ack_drop 0 0 0 0
sp_flows 0 1 0 0
bk_flows 0 0 0 0
un_flows 0 0 0 0
max_len 0 170 0 0
quantum 300 1514 1373 686
qdisc clsact ffff: dev ifb-eth0.2 parent ffff:fff1
Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0)
backlog 0b 0p requeues 0
I have never used qosify myself, so have no idea whether multiple interface sections are supported at all. (if in doubt you can use sqm-scripts/luci-app-sqm to configure your guest interface with a cake shaper).
I would guess that this is not optional assuming that qosify wants to find a "device" for the wan "interface" section, but again, never used qosify* so I might be completely wrong here.
*) Turns out my own needs for prioritization are minimal to not existing, so I never bothered testing this, as my router is still on OpenWrt 21-based TurrisOS; I really do not want to trade in the automatic updates from a source I happen to trust just to be able to "play" with qosify.