[Solved] ASUS RT-AC68U DSL settings

What are your recommended DSL settings for gaming?

I am connected through FTTC VDSL PPPoE 25 Down, 3 Up - ISP can do 100 down 20 up I think

Current selection is marked with "<<<<"

Common Settings

DSL Modulation

Auto Sync-Up**<<<<**


Annex A
Annex I
Annex A/L
Annex M
Annex A/I/J/L/M**<<<<**
Annex B
Annex B//J

Country/ISP - Specific Setting

Turk Telecom

Dynamic Line Adjustment (DLA)


Seamless Rate Adaptation


G.INP (G.998.4)


ADSL Settings

Stability Adjustment


Rx AGC GAIN Adjustment

High Performance

Enhanced Sudden Noise Protection




VDSL Settings

VDSL Profile

30a multi mode**<<<<**
17a multi mode
12a multi mode
8a multi mode

Stability Adjustment

2 db
3 db
4 db
5 db
6 db
7 db
8 db
9 db
10 db
11 db
12 db
13 db
14 db
15 db
16 db
17 db
18 db
19 db
20 db
21 db
22 db
23 db
24 db
25 db
26 db
27 db
28 db
29 db
30 db

Current SNR Margin: 27.3 db

Rx AGC GAIN Adjustment

High Performance**<<<<**

Upstream Power Back Off


Enhanced Suden Noise Protection




G.vector (G.993.5)


Non-standard G.vector (G.993.5)


dlakelan Your thoughts?

Try this: @dlakelan

I'm far from an expert in DSL, I have FTTP and before that Cable, last time I had DSL was like 2009 or so, and I think it was really low speed ADSL and I wasn't running OpenWrt yet. @moeller0 is more the expert there I believe.

Well, thanks for the vote of confidence :wink:
In my limited experience, ISPs typically leave only little options for users, regarding gaming G.INP seems a good choice (this reduces average transmission delay, but will cause additional transient delay if due to noise packets/DTUs need to be retransmitted).
The Annex mode seems odd, unless you either live in the americas or this setting only relates to ADSL.

But again, for gaming I assume the two important factors are low base-line RTT/ping and also low jitter, but these each are somewhat requiring different configurations unless your link is super clean, short RTT typically means less resistance against noise, and then noise causes G.INP- or worse TCP-retransmits thereby increasing jitter (RTT variation).
That said do you actually have any issues with the current settings? If not why not simply leave it as is?

Thanks lleachii

Yeah so I had my ISP increase my DSL speeds from 3 and 1 all the way up to 100 and 25 over the course of 5 years. They even gave cable a shot and their system crashed. FTTP is about ~50 miles coming in range in 2019 so its getting here.

I am asking because I read into interpolation and fought my isp to get it turned off. I began to purchase my own modems and have to bridge a linksys router through an asus modem which came from Europe. When this modem came in it had the capability to edit the line options, something which I had seen before but could not edit(interpolation on ISP side) through my ISP provided modem(incapable of changing config).

I had been reading between cable and VDSL and how they compared so I had to find detailed information, ultimately I wanted cable because of the MTU being whole, and I didn't trust copper line. But now that the cable system is down I am stuck with DSL. Their cable system is functional but they get line drops and bad interference much like a DSL line.

I am about ~1/2 mile from the node and I have run a direct line from my modem to the ISP DSL line within 50 feet. I have never had any issues with line drops or interference I live in a rural area so I am free to run a line which is as raw as possible for latency and thoroughput.

Basically I just want to set the config and not have the modem on default. I do wish to get the Annex mode correct and like I said my line should be clean because interference and line load I don't think is an issue, there just aren't any torrent users in my area.

That is comparatively easy, for VDSL2 this only depends on your location, Europe is Annex B, the Americas are Annex A, and Japan is Annex C. Most of the Annexes you listed are only relevant for ADSL....

Ah, this is why G.INP is active instead of the more conventional interleaving (please note that with G.INP there still can be some interleaving, but since this is just happening inside the DTUs it will have no noticeable effect on latency).
Anyway on a clean noise-free line this should work well for any low-latency applications.

Thanks to path MTU Discovery and miss clamping, MTU < 1500 typically are not a big problem and will not lead to fragmentation, so why bother? This will cost you a tiny fraction of bandwith, e.g. for my ISP the maximal achievable Goodput with MTU 1492 is:
95.15072083879423328 %
While with MTU 1500 it would be:
95.67496723460026212 %
So we are talking about 0.5 percentage points and only for maximally sized packets (many games send packets smaller 1500 anyway, as far as I know)....

Also this issue is technically not related to cable versus vdsl2, it really is caused by your ISP: if the ISP uses a PPPoE tunnel from your modem to their BRAS/BNG and does not allow Baby-Jumbo frames you will see a reduced MTU towards and from the internet. Now for docsis-cable I do not know of any ISP using PPPoE, but I do know DSL ISPs either not using PPPoE or allowing baby jumbo frames. So IMHO this issue is technically interesting but will not have an immediately perceivable effect on internet usage....

I tried vectoring last night and it stabilizes the line. With no G.INP or vectoring the line is very quick but does have packet loss. G.INP it seems is the way to go. I would rather have SNR correction on the physical layer rather than the "effect" of noise cancellation.

My ISP does use PPPoE over the Cable line and as I was comparing the two I intended to buy a cable modem. I doubt I would have gotten OpenWRT on it with cake, which is important because I can DSCP mark and create rulesets in iptables.

At one point I was using satellite net to game and once DSL was implemented I always wanted to optimize the line no matter the connection mode.

Ginp - seems the best

Gvec - has some spikes

Both on - has some spikes

Both off - has some packet loss

G.vector is something that will only work well if all VDSL lines in a cable bundle use it. The trick is to measure the crosstalk interference of all sending lines at the DSLAM and the "pre-distort" the signals during transmission such that after the unavoidable crosstalk the signal looks like it was intended, clever, but it only works if all lines that actually can interfere with each other actually participate. So if your ISP uses Vectoring on your link so should you (otherwise your modem will cause uncancelled interference on your neighbors' links). And if your ISP does not use Vectoring nor should you as it will not gain you anything as the bulk of Vectoring is happening at the DSLAM.
Sidenote: the crosstalk cancelation by pre-distorting the signals works for the downstream direction only since the DSLAM has all necessary information, for the upstream the signals can not be pre-distorted as each customer modem would need to know what all other modems want to send which seems infeasible, so here the DSLAM is just decoding all links simultaneously which mathematically allows better crosstalk cancellation but that is still less effective as the downstream trick of including the known interference into the coding process, but I digress.

No cable modem allows to exchange the operating system, so I agree with the challenge of getting cake on the modem. But a lot of folks simply set the modem into bridge mode and run the PPPoE termination on an openwrt router behind the modem (for dsl this is a typical set-up, for docsis cable this is exceedingly rare, as so far I have not heard about PPPoE being used on a cable system, always a first time I guess :wink: ).

Thank you, it is helpful to know what conditions the line. Some of these options have to do with effects or additions to the line for which there is no explanation anywhere for. The only thing I can pick up is that they all add latency which at this point is not all important.

The problem area is even with layered SQM and DSCP markings I feel like the games are not running correctly. I feel like when I play video of the games of other players their games just run faster, this is evident in Overwatch at the beginning of the game. At character selection the framerate is about 60 fps, and when the characters load in game the framerate goes to 144 and the netgraph in overwatch shows this increase in speed.

I am playing at 144 fps but it feels like the netcode just operates at 60 fps(hit reg). I understand each game is coded differently and netcode is just as complex as network types but I've used advancedtomato and openwrt and I just cannot find the trick. I think the best hope is iptables but that requires an expert Linux user, most people do not code Linux but some operate networks.

The kitz site has a number of references that might be helpful, see https://kitz.co.uk/adsl/index.htm, albeit not in the easiest order (for G.INP look at https://kitz.co.uk/adsl/retransmission.htm).

You lost me there, as I don not play any games myself I have little clue about what your are taking here, how do you discern the operational frewuency of the "netcode" and what exactly is the netcode? Will this measure look different when you disable SQM versus enabling SQM?

So neither advancedtomato nor openwrt work as well as what reference exactly? Your ISPs tock router or the OEM firmware of the router you later installed openwrt on?

What exactly do you want to achive using iptables here?

Excellent resource, like I said it is very difficult finding the explanations for network terms, it is usually up to the forum posters who interpret manuals to the public and most times it does no good.

https://www.youtube.com/watch?v=nilBzupE4Cc - overwatch netgraph, a realtime graph of visual framerates and network performance


As the overwatch netgraph shows, which is really the only of its kind aside of programs like packetsniffers which give the user realtime information of the network transmissions between user and server, at the beginning of the game the frames are limited which slows the graph then the graph increases when players load. The game is not limited thoroughput anymore, and this type of "change" can be linked to network performace, the faster the graph, the faster the data transmission.

When I first seen this graph I compared my graph to the graph of other players and I realized my graph was slower. In fact my graph was the same as at the beginning of the game and never changed. I was not machine limited so I was network limited and needed to optimize my connection.

https://www.youtube.com/watch?v=hiHP0N-jMx8 - netcode, essentially the games network code and can attribute to players just not being synced what so ever.

Essentially players are hardware limited(gpu, cpu) or in my case network limited.

The best reference to a network/hardware limitation is 60hz vs 144hz monitors. 60hz v 144hz - the difference is a "muddy" feeling in the mouse.

Honestly visual differences aren't noticeably important. But there are differences in the network performances (satellite v fiber optic) which can make your network performance feel "muddy" and in the case of satellite not even work at all.

So it isn't a game network code which is the lacking factor, it is my network config.

PC > 3 ft cat6 > ASUS DSL68u(up to date firmware) > 6 ft cat 5e > Linksys 3200ACM(stock firmware), OpenWRT install > 6 ft cat 5e phoneline direct hardwired to 25 ft line > ~1/2 mile to ISP node(cable and DSL functionality)

Ultimately I want to:

  1. Optimize line(wire type, dsl wire config, modem config)
  2. Clear path between network and server(sqm(cake), firewall(iptables), dscp/packet prioritization(iptables)
  3. confirm optimization(netgraph or packetsniffer/wiresniffer type programs)

I have a pc which can handle the visual aspect. I have a line which is FTTC which should not limit my network capability. The only issue I had with my ISP was interpolation and they don't use it. So the only problem I can see is my network/modem configuration, and I believe its going to be solved using iptables.

I set one firewall port forward and installed app-luci-upnp

iptables -A FORWARD -p tcp -d --dport 1:65535 -j ACCEPT

Well, there are always the relevant ITU standards documents as authoritative reference, but these tend to be not much fun to read and IMHO lack some top-level overview, but certainly do not lack detail...

Is this a single chain, or are these two different set-ups? Sorry, for asking but I am not sure how to interpret the "," above...

Iptables is not going to help here :wink: But really, I believe there is not much you can do without help of your ISP...

I am not sure whether those iptables rules actually help more than they hurt... (and I would recommend to create an ip6tables version of each rule to prepare for IPv6 from your ISP, unless you have it already it will come sooner or later). Then again, I know there are quite a number of gamers that seem to require similarly elaborate filter/QoS rules, so I am probably biased from my non-gamer use-cases.... Personally I would try with layer-cake and per-internal-IP-fairness....

The asus is a bridged DSL modem, the linksys with openwrt is the router? I am always confused about the actual terms.

Otherwise I am making progress with the Ultimate SQM settings: Layer_cake + DSCP marks thread, this solved many of the questions I had running advancedtomato whereas I begin to run to the end of the router config and needed scripts to further sharpen the qos. It was suggested I just run cake so I did :slight_smile:

I also have other questions like do I use

nat dual-dsthost ingress
nat dual-srchost

on all sqm instances - layer_cake and piece_of_cake? Do I swap the rules on the LAN sqm instance the same way I swap the up/down speed?


Are these set correctly?

My icmp is not functioning like the udp rule, it does when assigned mac but should this be

the WAN, LAN flipping egress and ingress values confuses me and @dlakelan explained but lol

##priority function creates a rule which isolates all traffic and defaults it, while prioritizing the egress udp packets from my pc on the lan

##firewall tcp/udp
## flush mangle table
iptables -t mangle -N dscp_mark
iptables -t mangle -F dscp_mark

iptables -t mangle -A FORWARD -j dscp_mark

iptables -t mangle -A FORWARD -p udp -m hashlimit  --hashlimit-name gaming --hashlimit-above 75/sec --hashlimit-burst 50 --hashlimit-mode srcip,srcport,dstip,dstport -j CONNMARK --set-mark 0x55

iptables -t mangle -A dscp_mark -i br-lan -j DSCP --set-dscp-class CS1

iptables -t mangle -A FORWARD -p udp -m connmark ! --mark 0x55 -m conntrack --ctorigsrc -m connbytes --connbytes 0:700 --connbytes-dir both --connbytes-mode avgpkt -j DSCP --set-dscp-class CS6

## icmp gets CS6
iptables -t mangle -A dscp_mark -p icmp -d -j DSCP --set-dscp-class CS6

## game traffic
iptables -t mangle -A dscp_mark -p udp -d -j DSCP --set-dscp-class CS6
iptables -t mangle -A dscp_mark -p udp -m mac --mac-source 0000000000 -j DSCP --set-dscp-class CS6
iptables -t mangle -A dscp_mark -p tcp -d -j DSCP --set-dscp-class CS6
iptables -t mangle -A dscp_mark -p tcp -m mac --mac-source 0000000000 -j DSCP --set-dscp-class CS6

##firewall tcp/udp
iptables -A -p udp --sport 00:000 -d 000000000 -j ACCEPT
iptables -A -p udp --dport 00:000 -m mac --mac-source 0000000000 -j ACCEPT
iptables -A -p tcp --sport 00:00- d -j ACCEPT
iptables -A -p tcp --dport 00:00 -m mac --mac-source 000000000 -j ACCEPT

#tcpdump -i br-lan and udp and portrange 1-65535 and -vv -X -w /root/cap-name.pcap

These two posts by @easyteacher are what I am trying to accomplish, if the router is able to distinguish lines this way using code, I would attempt it and monitor it like you said, but I need assistance it is very complex and written in a format I am not familiar with. First, what programs would I use to monitor this type of data, I see he drew some packets from the connections and while these values are important it is not critical and uncommon - we would like to simplify this ruleset. Like say I added a checkbox to OpenWrt that said "accelerate game packets" how would this be written in relation to @easyteacher 's code ?

Basically I want to build a virtual bullet train and as long as I have the hardware to accomplish this right now, I believe configuring it is the issue. If there are any other scripts you can think of which will assist or have suggestions to my rules - I only want a pipe running from my pc to the game servers which is big as possible and super slippery for the hit reg udp packets to transfer through.

My hope is to create a rule in iptables where layer cake is combined with dscp marked udp burst and length designed in a fashion related to @easyteacher 's packet identification

Your input is greatly appreciated, I am making more progress than I have in 2 years.

These keywords (the upper for ingress the lower for egress) will work for both layer_vake.qos and piece_of_cake.qos on the WAN interface.

On LAN, I believe the nat keyword to be not needed, but the others should be swapped, correct. Now, I do not remember whether sqm works on br-lan or whether you should instantiate on the underlaying interfaces...

Not sure what you mean here.

I guess that this is outside of my comfort zone, I am no specialist in custom tailored QoS rules, I am more a proponent of simple rules that solve most of the problem, I leave it to others to spend the missing 80% of effort to solve the missing 20% of potential performance :wink:
That said, for your use case I would really be interested to learn how well say piece_of_cake with the two stanzas you cite above actually works with your games?

Well both tcpdump on the router and/or wireshark on your PC should allow you to capture all traffic, so you will have all information about the traffic possible (since you basically have a static copy of the traffic :wink: )

That is not possible, all you can ask for is "not slow down" but there is a hard ceiling for top-speed that no QoS engineering will be able to increase.

So the dual-srchost/dual-dsthost stanzas above should help to isolate hosts in your network from each other, that way your problem should reduce to making sure the gaming machine itself does not do crazy things (like concurrent downloads while actively playing a game).

Well, on windows getting dscp markings on egress is not that hard using power-shell, so what is missing is ingress, there I would hope that per-internal-IP fairness should help a lot.

You better talk to @hisham2630 and @dlakelan they have way more experience with you kind of problem. My goal is getting a simple QoS system widely deployed that does the right thing for most users and use-cases or at least no harm, and not implementing and maintaining the best QoS system for "extreme" use-cases like gaming :wink:

## icmp gets CS6
iptables -t mangle -A dscp_mark -p icmp -d -j DSCP --set-dscp-class CS6

## game traffic
iptables -t mangle -A dscp_mark -p udp -d -j DSCP --set-dscp-class CS6

These rules are the same but my icmp does not have any data in the firewall log.

Assigned game progs DSCP 46 in gpedit had to install that. Installed wireshark, I am using the Status > Real Time Graphs in OpenWrt for tcpdump, I will experiment with the br-lan sqm on the interfaces, which is another question I had, where to put the sqm

dlakelan recommended:

sqm layer cake on wan egress
sqm layer cake on br-lan (for wan ingress)
sqm piece of cake on wan ingress

I will delete the ##priority rule and add a wan ingress piece_of_cake in addition to the wan egress layer_cake as suggested by @dlakelan , this is due to wifi problems, I can't seem to throttle the wifi anyway and like you said its easier to manage the hosts in openwrt than using scripts. I barely managed to get google dns servers running.

Basically where I hit a dead end in advancedtomato is when I begin to request the following things:

Marking egress packets(check box to accelerate game packets)

Limiting the size of the ingress burst.(check box to help bursty ingress)|

And we've solved those here using iptables.

The piece of cake cleans up the sqm and allocates the resources but my main problem is my egress line, there is definitely some configuring to be done, I did not have a packet loss issue, my issue was related to latency. It just didn't perform optimally. So naturally latency > bufferbloat > cake > but like you said even lovely sqm like cake needs fine tuning i.e packet prioritization. This is only happening because I noticed streamers have great hitreg and torrent all while streaming 1080p video. I can't pay ~50 more dollars a month to stream and don't care about torrenting but I would like a clean connection. I only have 28 mb up 3.5 down to work with, I take 1.5 mb off each for sqm. When you have such little to work with you begin to optimize.

I suspect the default firewall rules are screwing up my scripts which is why my icmp won't track.

Essentially for the udp packet - identify(dscp), isolate(size, limit burst), prioritize(sqm)

We are on the right path and were going to get there. We all want the same thing; Less scripts and a OpenWrt that functions - with a simple checkbox or two for special applications.

Those rules don't cause any logs, they just set the DSCP field of the packets, you won't see logging.