I think I have firewall4
assuming it works on firewall4 what should i do next or what should i get
firewall4 is nftables based and more importantly does not support /etc/firewall.user anymore. It might however still be possible to issue the commands directly on a command line:
iptables -t mangle -A FORWARD -p tcp -m tcp --tcp-flags SYN,RST SYN -m comment --comment "custom: Zone wan MTU fixing" -j TCPMSS --set-mss 216
ip6tables -t mangle -A FORWARD -p tcp -m tcp --tcp-flags SYN,RST SYN -m comment --comment "custom6: Zone wan MTU fixing" -j TCPMSS --set-mss 216
just make sure you put the numeric MSS into the command as shown above. Mind you, my router is still on OpenWrt 19.07, so I have not tested that, it might fail.
That's it, but what should I watch? i'm on wireshark
Well if you clamp the MSS to say 216 bytes then you expect that all TCP frames (to and from the internet) are closer to 216 bytes than >1500 Bytes. The MSS is the TCP payload size so for IPv4/TCP without options the ethernet payload size for MSS 216 during a speedtest should be around:
216 (TCP payload) + 20 (TCP header) + 20 (IPv4 header) = 256 Byte
Since we do not know your encapsulation fully (at least I do not) the actual size might be a bit more, but certainly much smaller than the ~1500 default MTU (-> 1460 default MSS).
Well, that does not look like it worked, the reported MSS should be the one you configured.
root@OpenWrt:~# vi /etc/firewall.user
root@OpenWrt:~# vi /etc/firewall.user
forced_MSS=216
iptables -t mangle -A FORWARD -p tcp -m tcp --tcp-flags SYN,RST SYN -m comment --comment "custom: Zone wan MTU fixing" -j TCPMSS --set-mss 216
ip6tables -t mangle -A FORWARD -p tcp -m tcp --tcp-flags SYN,RST SYN -m comment --comment "custom6: Zone wan MTU fixing" -j TCPMSS --set-mss 216
The problem with firewall4 is not so much that /etc/firewall.user does not exist, but that even if the file is created firewall4 will not 'load' it.
If you run the following on the router's command line:
iptables -t mangle -A FORWARD -p tcp -m tcp --tcp-flags SYN,RST SYN -m comment --comment "custom: Zone wan MTU fixing" -j TCPMSS --set-mss 216
what output do you get?
I will change the router but the test must be with sqm?
Now if I am in openwrt 19-07
Well, the test whether the SQM shaper rate and overhead setting are conservative enough is easier to perform with SQM active...
In theory, you can do this test without SQM and try to deduce the actual per-packet-overhead, but that requires almost perfect speedtests with less than 1% variation, so this is rather theoretical.
With OpenWrt 19 simply add the content above to /etc/firewall.user (best do this in the GUI Network -> Firewall -> Custom rules; if you click save there it will be automatically loaded).
This looks like it worked!
This is expected that the throughput gets lower, after all the headers will take up a larger fraction of each packet. The test here is "does bufferbloat" increase (assuming you test with SQM enabled).
Here is a quick formula to estimate the expected maximal speedtest result for a given $MSS:
"SQM shaper rate" * (($MSS) / ($MSS + 20 + 20 + "SQM overhead setting"))
so for a shaper rate of 100Mbps and an overhead 18Bytes for DOCSIS and MSS (1500-20-20) = 1460 we would get:
100 * ((1460) / (1460 + 20 + 20 + 18)) = 96.18 Mbps
for MSS 216 we would get
100 * ((216) / (216 + 20 + 20 + 18)) = 78.83 Mbps
or 100-100*78.83/96.18 = 18.04 %-age point reduction if we apply the same reduction factor to your 126 Mbps we get:
126 * (78.83/96.18) = 103.27 Mbps
which is pretty close to the 103 you report. That indicates that your router has no problems with the slightly higher packet-rate at the smaller MSS.
I'm confused so what value should I put in the download
I typically recommend to run a few reliable speedtests and then plug these goodput numbers into SQM (where they will be interpreted as gross throughput numbers). But I really do not remember the details of your contract or link by heart so can only guess.
well my ISP told me where I live you can only have a 100Mbps link or well that said that was the limit but doing a speed test I got 127Mbps the highest and lowest 124Mbps on upload it is 32 Mbps.