In the qosify config, you would need to be sure you’re using the + syntax to say “only mark this traffic if it is CS0 (unmarked). Otherwise qosify will overwrite it.
This is what I have done now. I've given both my torrent client and Jellyfin their own IPs on my LAN and used firewall rules to write their DSCP markings for web traffic. In Qosify, those ports are marked with +.
I can't say for sure, because the only testing I've done so far has been playing games while the connection is loaded and seeing if I lag - but it seems to be very solid. I've still had to limit connections in my torrent client a bit and I think I'll have to eventually try and replace my WiFi with powerline or MoCA, but so far the stability I'm seeing has been unrivaled.
Hello beautiful people. Could you help me with this, please
I´ve tried many things but I can't get qosify to work. I'm using this config taken from a couple users of this topic (I don't remember the names, sorry)
/etc/config/qosify
config defaults
list defaults /etc/qosify/*.conf
#option dscp_icmp +besteffort
#option dscp_default_tcp unmarked_traffic
#option dscp_default_udp unmarked_traffic
config class unmarked_traffic
option ingress CS1
option egress CS1
option prio_max_avg_pkt_len 1256
option dscp_prio CS4
option bulk_trigger_pps 250
option bulk_trigger_timeout 10
option dscp_bulk CS1
config class bulk
option ingress CS1
option egress CS1
config class bulk_upload_only
option ingress CS0
option egress CS1
config class besteffort
option ingress CS0
option egress CS0
config class video_broadcast
option ingress CS3
option egress CS3
config class video_network_sparse
option ingress CS3
option egress CS3
option bulk_trigger_pps 100
option bulk_trigger_timeout 5
option dscp_bulk CS0
config class video_network
option ingress CS3
option egress CS3
config class video_gaming
option ingress CS4
option egress CS4
config class video_conferencing
option ingress AF42
option egress AF42
config class voice_telephony
option ingress EF
option egress EF
config class voice_network
option ingress CS6
option egress CS6
config interface wan
option name wan
option disabled 0
option bandwidth_up 30mbit
option bandwidth_down 500mbit
option overhead_type docsis
# defaults:
option ingress 1
option egress 1
option mode diffserv4
option nat 1
option host_isolate 1
option autorate_ingress 0
option ingress_options ""
option egress_options "wash"
option options ""
/etc/qosify/00-defaults.conf
#
# Bulk Tin
#
# Microsoft Onedrive
dns:*1drv* bulk_upload_only
dns:*onedrive* bulk_upload_only
dns:*.storage.live.com bulk_upload_only
# Microsoft (Download)
dns:*backblaze* bulk_upload_only
dns:*backblazeb2* bulk_upload_only
dns:*ms-acdc.office* bulk_upload_only
dns:*sharepoint* bulk_upload_only
dns:*update.microsoft* bulk
dns:*windowsupdate* bulk
# MEGA (Download)
# dns:*mega* bulk
# Dropbox
dns:*dropboxusercontent* bulk
# Google
dns:*drive.google* bulk
dns:*googleusercontent* bulk
# Steam (Download)
dns:*steamcontent* bulk
# Epic Games (Download)
dns:*download.epicgames* bulk
dns:*download2.epicgames* bulk
dns:*download3.epicgames* bulk
dns:*download4.epicgames* bulk
dns:*epicgames-download1* bulk
# BitTorrent
tcp:6881-7000 bulk
tcp:51413 bulk
udp:6771 bulk
udp:6881-7000 bulk
udp:51413 bulk
# Usenet
tcp:119 bulk
tcp:563 bulk
# Netflix
dns:nflxvideo.net bulk
dns:*.nflxvideo.net bulk
#
# Best Effort Tin
#
# Nothing here
#
# Video Tin
#
# SSH
tcp:22 video_network_sparse
# Microsoft Remote Desktop (RDP)
tcp:3389 video_network
udp:3389 video_network
#Moonlight & Steam Link
udp:27031 video_network
udp:27036 video_network
udp:47998-48000 video_network
udp:48002 video_network
udp:48010 video_network
tcp:27036-27037 video_network
tcp:47984 video_network
tcp:47989 video_network
tcp:48010 video_network
# Parsec - Remote Desktop
udp:8000-8010 video_network
udp:9000 video_network
# TeamViewer - Remote Desktop
tcp:5938 video_network
udp:5938 video_network
# Streaming music
dns:mvod.itunes.apple.com video_network
dns:streamingaudio.itunes.apple.com video_network
dns:aod.itunes.apple.com video_network
dns:tidal.com video_network
dns:*.tidal.com video_network
# GeForce Now
tcp:49006 video_gaming
udp:49003-49006 video_gaming
#dns:cloudmatchbeta.nvidiagrid.net video_gaming
dns:nvidiagrid.net video_gaming
dns:*.nvidiagrid.net video_gaming
# Xbox
tcp:3074 video_gaming
udp:88 video_gaming
#udp:500 video_gaming # UDP port already used in "VoWiFi" rules
udp:3074 video_gaming
udp:3544 video_gaming
#udp:4500 video_gaming # UDP port already used in "VoWiFi" rules
dns:gssv-play-prod.xboxlive.com video_gaming
dns:*.gssv-play-prod.xboxlive.com video_gaming
dns:xboxlive.com video_gaming
dns:*.xboxlive.com video_gaming
# Call of Duty
#tcp:3074 video_gaming # TCP port already used in "Xbox" rules
tcp:3075-3076 video_gaming
#udp:3074 video_gaming # UDP port already used in "Xbox" rules
udp:3075-3079 video_gaming
udp:3658 video_gaming
#Fortnite
tcp:433 video_gaming
tcp:3478-3479 video_gaming
tcp:5060 video_gaming
tcp:5062 video_gaming
tcp:5222 video_gaming
tcp:6250 video_gaming
tcp:12000-65000 video_gaming
udp:3478-3479 video_gaming
udp:5060 video_gaming
udp:5062 video_gaming
udp:6250 video_gaming
udp:12000-65000 video_gaming
# FIFA
tcp:3659 video_gaming
udp:3659 video_gaming
# Supercell Games
tcp:9339 video_gaming
udp:9339 video_gaming
#
# Voice Tin
#
# Telephony
udp:3478-3497 +voice_telephony
# Zoom
dns:*.zoom.us +voice_telephony
tcp:8801-8802 +voice_telephony
udp:8801-8810 +voice_telephony
# Skype
dns:*skype* +voice_telephony
# Google Meet
udp:19302-19309 +voice_telephony
# Voice over Internet Protocol (VoIP)
tcp:5060-5061 +voice_telephony
udp:5060-5061 +voice_telephony
# Voice over WiFi or WiFi Calling (VoWiFi)
udp:500 +voice_telephony
udp:4500 +voice_telephony
#AudioRelay
udp:59100 +voice_telephony
I'm using wireshark to see if these is marked as indicated, but everything seems to be marked as CS0 and nothing else. I've tried with Geforce Now, Steam, Netflix... nothing has the DSCP I configured. Am I missing something?
Also, this is my init scripts, I don't know if some of these are causing conflict or something.
Don't know if it's relevant: The ISP modem is set as bridge and all the things are managed through my Xiaomi Mi Router 4A
This is output for qosify-status couple minutes after run a game on GFN. Nothing seems to pass through video tin. Some of the traffic is adding to the Voice and Best Effort columns though, so I'm assuming it's doing something right?
root@OpenWrt:~# qosify-status
===== interface wan: active =====
egress status:
qdisc cake 800a: root refcnt 2 bandwidth 30Mbit diffserv4 dual-srchost nat wash no-ack-filter split-gso rtt 100ms noatm overhead 18 mpu 64
Sent 497143 bytes 3316 pkt (dropped 0, overlimits 133 requeues 0)
backlog 0b 0p requeues 0
memory used: 20160b of 4Mb
capacity estimate: 30Mbit
min/max network layer size: 40 / 1500
min/max overhead-adjusted size: 64 / 1518
average network hdr offset: 14
Bulk Best Effort Video Voice
thresh 1875Kbit 30Mbit 15Mbit 7500Kbit
target 9.69ms 5ms 5ms 5ms
interval 105ms 100ms 100ms 100ms
pk_delay 0us 191us 23us 199us
av_delay 0us 24us 0us 14us
sp_delay 0us 13us 0us 14us
backlog 0b 0b 0b 0b
pkts 0 3190 3 123
bytes 0 485774 270 11099
way_inds 0 0 0 0
way_miss 0 120 3 3
way_cols 0 0 0 0
drops 0 0 0 0
marks 0 0 0 0
ack_drop 0 0 0 0
sp_flows 0 2 1 0
bk_flows 0 1 0 0
un_flows 0 0 0 0
max_len 0 1514 90 1270
quantum 300 915 457 300
ingress status:
qdisc cake 800b: root refcnt 2 bandwidth 500Mbit diffserv4 dual-dsthost nat nowash ingress no-ack-filter split-gso rtt 100ms noatm overhead 18 mpu 64
Sent 26982078 bytes 25800 pkt (dropped 1, overlimits 72 requeues 0)
backlog 0b 0p requeues 0
memory used: 230688b of 15140Kb
capacity estimate: 500Mbit
min/max network layer size: 46 / 1500
min/max overhead-adjusted size: 64 / 1518
average network hdr offset: 14
Bulk Best Effort Video Voice
thresh 31250Kbit 500Mbit 250Mbit 125Mbit
target 5ms 5ms 5ms 5ms
interval 100ms 100ms 100ms 100ms
pk_delay 0us 926us 0us 149us
av_delay 0us 268us 0us 18us
sp_delay 0us 12us 0us 8us
backlog 0b 0b 0b 0b
pkts 0 21708 0 4093
bytes 0 26728848 0 254504
way_inds 0 0 0 0
way_miss 0 51 0 11
way_cols 0 0 0 0
drops 0 1 0 0
marks 0 0 0 0
ack_drop 0 0 0 0
sp_flows 0 3 0 1
bk_flows 0 1 0 0
un_flows 0 0 0 0
max_len 0 3028 0 1292
quantum 953 1514 1514 1514
Could you help me and tell me what am I doing wrong. I'd appreciate a lot.
Tricky, but there are avenues:
a) use an ipset (best populated by dnsmasq if possible) to collect the IP addresses behind that web-site, then use nftables hashlimit to set a limit for the whole IP set.*
b) do the same with tc, you still need to collect the IP addresses somehow and then use TC's hash approach to steer only the targeted IP addresses to a shaping/policing qdisc.
c) aim for good enough, and deploy cake's per-internal IP fairness and accept that that website might swamp the traffic to the machine reading from that website, but it should not hog all of your capacity...
*) Note this easily can have side effects if the targeted web-site shares an IP address with some other service you do not want to throttle.
1 Like
I've also been testing Qosify for a while in order to get it working properly with GeForce Now.
In case you haven't set it up yet, here is my configuration that works with adding GeForce Now to the Video tin priority:
# GeForceNow
udp:49003 +video
udp:49004 +video
udp:49005 +video
udp:49006 +video
# GeForceNowSpeedtest
udp:5001 +video
udp:5002 +video
dns:*.nvidiagrid.net +video
To save this configuration, you can:
- Login with SSH to your router and write
cat > /etc/qosify/05-geforcenow.conf - Copy and paste the configuration from above
- Press CTRL + D to save it
- Restart Qosify by typing
/etc/init.d/qosify restartand press Return
That's it. This should work right away, if you already configured your speed and enabled WAN in the default Qosify config.
The next time you start the GeForce Now app, you can either do a speed test or run a game, and it should show the traffic going into the video tin. You can check this using the qosify-status command.
If you don't have the default Qosify config, here is how it should look like when you type uci show qosify:
qosify.@defaults[0]=defaults
qosify.@defaults[0].defaults='/etc/qosify/*.conf'
qosify.@defaults[0].dscp_prio='video'
qosify.@defaults[0].dscp_icmp='+besteffort'
qosify.@defaults[0].prio_max_avg_pkt_len='500'
qosify.@defaults[0].dscp_default_udp='besteffort'
qosify.besteffort=class
qosify.besteffort.ingress='CS0'
qosify.besteffort.egress='CS0'
qosify.bulk=class
qosify.bulk.ingress='LE'
qosify.bulk.egress='LE'
qosify.video=class
qosify.video.ingress='AF41'
qosify.video.egress='AF41'
qosify.voice=class
qosify.voice.ingress='CS6'
qosify.voice.egress='CS6'
qosify.voice.bulk_trigger_pps='100'
qosify.voice.bulk_trigger_timeout='5'
qosify.voice.dscp_bulk='CS0'
qosify.wan=interface
qosify.wan.name='wan'
qosify.wan.overhead_type='none'
qosify.wan.ingress='1'
qosify.wan.egress='1'
qosify.wan.mode='diffserv4'
qosify.wan.autorate_ingress='0'
qosify.wan.disabled='0'
qosify.wan.host_isolate='1'
qosify.wan.nat='1'
qosify.wan.bandwidth_up='100mbit'
qosify.wan.bandwidth_down='100mbit'
qosify.wandev=device
qosify.wandev.disabled='1'
qosify.wandev.name='wan'
qosify.wandev.bandwidth='100mbit'
If you have any additional questions about the configuration, please feel free to let me know.
2 Likes
I am curious if any of this work on qosify, has also triggered any demand for new features in CAKE?
I have assembled the feature requests and ideas I know about, for review, here:
6 Likes
Looks great and incredibly ambitious - but wouldn't that require an army of coders motivated by the green stuff?
I just wanted to capture all the requirements before trying to find any funding. It is 1/3 trivial, 1/3 difficult, and 1/3 possibly impossible at the moment.
/me passes the doobie
5 Likes
Just a quick question regarding a potential interaction between the qosify and dns-https-proxy packages. If my DNS queries are encrypted using HTTPS, will my DNS filter configuration on qosify still work? My presumption (rightly or wrongly) is that it won't since it is encrypted. Edits: making my question clearer and other fixed grammar and spelling.
True, qosify is only snooping for unencrypted DNS on port 53 on the WAN interface.
Could someone help me understand. What is the PLUS symbol before the class for? Example +video
Another question. I use nextdns cli will it work?
+ means “only change the DSCP if it is still CS0.” Useful if you want to honor any DSCP set by the client or the firewall.
Encrypted NextDNS CLI won’t be visible to qosify.
1 Like
Thank you friend for the quick reply
I am considering dropping CS1 support as background for cake in favor of the newer, less problematic LE codepoint. I imagine this idea will cause howls...
Kvetch here: https://docs.google.com/document/d/1tTYBPeaRdCO9AGTGQCpoiuLORQzN_bG3TAkEolJPh28/edit
2 Likes
I for one am all for it. CS1as background essentially was a failed expeiment that shold haveben ended long ago. It also bodes ominously for all other end2end DSCPs, as scavenger/background arguably is the only one that network operators should actually want end users to use, and yet failure....
Hi! Sorry for stupid question, but does this module has a silver bullet for regular users? Like luci-app-sqm with 1 click enable and easy tutorial?
Or maybe any users configs?
Just trying to decide myself, should I (or somebody else) switch from sqm-scripts to this module and what kind of performance changes it provide.
It's not really one click or silver bullet for everything, but might be worth to try it out on your specific setup and see if the results benefit your connection and requirements.
Here is my recommended configuration:
https://forum.openwrt.org/t/qosify-new-package-for-dscp-marking-cake/111789/1278?u=getvladimir
If you're setting up Qosify from the very beginning, here is an easy step-by-step tutorial:
https://gist.github.com/GetVladimir/2ff48f4729884148f0567bb63ffd8b43#how-to-setup-sqm-qos-for-geforce-now-on-openwrt-routers-with-qosify-cake-for-no-packet-loss-and-frame-loss
If you have any specific questions, please feel free to ask.
1 Like
@nbd Is it feasible to watch DNS on the LAN interface instead of WAN, so that users running encrypted DNS can still benefit from the dns: config options? This assumes that the LAN-to-router queries and responses are still 53/udp.
4 Likes
I just wanna say thanks for making this. I believe I was having some issues.
This was from when I was testing luci sqm package. The description is wrong, I did several tests and didn't bother changing the text each time.
But then I tried qosify, only added ethernet and got this
This is the stats after flent test with qosify:
egress status:
qdisc cake 8019: root refcnt 9 bandwidth 144Mbit diffserv4 dual-srchost nat nowash no-ack-filter split-gso rtt 100ms noatm overhead 38 mpu 84
Sent 1058750021 bytes 1038036 pkt (dropped 575, overlimits 1484584 requeues 32)
backlog 0b 0p requeues 32
memory used: 1005152b of 7200000b
capacity estimate: 144Mbit
min/max network layer size: 28 / 1500
min/max overhead-adjusted size: 84 / 1538
average network hdr offset: 14
Bulk Best Effort Video Voice
thresh 9Mbit 144Mbit 72Mbit 36Mbit
target 5ms 5ms 5ms 5ms
interval 100ms 100ms 100ms 100ms
pk_delay 2.74ms 1.68ms 0us 1.19ms
av_delay 1.2ms 1.4ms 0us 770us
sp_delay 31us 6us 0us 7us
backlog 0b 0b 0b 0b
pkts 127317 567892 0 343402
bytes 65656322 729306238 0 264658011
way_inds 0 0 0 0
way_miss 2 46 0 96
way_cols 0 0 0 0
drops 252 39 0 284
marks 0 0 0 0
ack_drop 0 0 0 0
sp_flows 1 1 0 3
bk_flows 0 0 0 0
un_flows 0 0 0 0
max_len 15140 37850 0 13626
quantum 300 1514 1514 1098
ingress status:
qdisc cake 801a: root refcnt 2 bandwidth 144Mbit diffserv4 dual-dsthost nat nowash ingress no-ack-filter split-gso rtt 100ms noatm overhead 38 mpu 84
Sent 1055203400 bytes 972136 pkt (dropped 277, overlimits 1278090 requeues 0)
backlog 0b 0p requeues 0
memory used: 292608b of 7200000b
capacity estimate: 144Mbit
min/max network layer size: 46 / 1500
min/max overhead-adjusted size: 84 / 1538
average network hdr offset: 14
Bulk Best Effort Video Voice
thresh 9Mbit 144Mbit 72Mbit 36Mbit
target 5ms 5ms 5ms 5ms
interval 100ms 100ms 100ms 100ms
pk_delay 0us 40us 0us 76us
av_delay 0us 26us 0us 1us
sp_delay 0us 8us 0us 1us
backlog 0b 0b 0b 0b
pkts 0 972404 0 9
bytes 0 1055622028 0 750
way_inds 0 0 0 0
way_miss 0 48 0 8
way_cols 0 0 0 0
drops 0 277 0 0
marks 0 0 0 0
ack_drop 0 0 0 0
sp_flows 0 1 0 0
bk_flows 0 1 0 0
un_flows 0 0 0 0
max_len 0 1514 0 90
quantum 300 1514 1514 1098
One thing I can't understand tho, why is my upload and download speed so low. I've got 150/150 fiber. If I run a flent download or upload test I get around 130-ish, but with this test I only get what you see in the image.
And if you see anything wrong or maybe a tweak, please do let me know 
Edit: Oh I forgot, I'm using an APU2E4 22.03.5.
1 Like