Ultimate SQM settings: Layer_cake + DSCP marks

lol, no problem man.
just make it now like what you see it.
also put veth0 into lan firewall zone then done!

Funny. This is not working for me at all! I did the same as u did!

are you sure, double check your settings!
sometimes a reboot is required like in my case.

Ok, I got it working now as well with the same firewall settings (Which are actually default/same from snapshot clean install)

I must say this QoS is amazing, was full speed torrenting and websites just open as fast as with unsaturated link!

Finally it all works great! Now I can just fool around with tagging as needed :slight_smile:

1 Like

Oh, that's nice new!, another happy customer :wink:
enjoy your days!, let me know if you want to prioritize other traffic like browsing,or voip and videos!
*Note:
use this command to save a list of installed packages, so you can install them later after sysupgrade:

opkg list-installed | cut -f 1 -d ' ' > /etc/config/packages.list

then after sysupgrade use this:

opkg update
opkg install $(cat /etc/config/packages.list)

also copy /etc/config to a safe place on your pc!
BTW: when i set QOS policy in PS, i can see them in gpedit

Yeah, not for me. They dont appear at all ;-(

Must be difference in windows version/build perhaps. I find using NetQosPolicy more reliable so far.

Using gpedit.msc does nothing for me at all. even after reboot the rules not work. I tried both user and computer configuration QoS section.

1 Like

i forget to say that you should add these to /etc/iproute2/rt_dsfield

# Differentiated field values
# These include the DSCP and unused bits
0x0     default
# Newer RFC2597 values
0x28    AF11
0x30    AF12
0x38    AF13
0x48    AF21
0x50    AF22
0x58    AF23
0x68    AF31
0x70    AF32
0x78    AF33
0x88    AF41
0x90    AF42
0x98    AF43
# Older values RFC2474
0x20    CS1
0x40    CS2
0x60    CS3
0x80    CS4
0xA0    CS5
0xC0    CS6
0xE0    CS7
# RFC 2598
0xB8    EF

you should create this file!

Already did :slight_smile: Thanks u :slight_smile:

1 Like

good!
remember when tag a port or iprange, tag on both source and destination.
something like:

$IPT -t mangle -A PREROUTING -p udp -m multiport --sport $sport1 -j DSCP --set-dscp-class CS6 
$IPT -t mangle -A PREROUTING -p udp -m multiport --dport $sport1 -j DSCP --set-dscp-class CS6
$IPT -t mangle -A PREROUTING -p udp -m iprange --src-range 5.135.129.0-5.135.129.255 -j DSCP --set-dscp-class CS6
$IPT -t mangle -A PREROUTING -p udp -m iprange --dst-range 5.135.129.0-5.135.129.255 -j DSCP --set-dscp-class CS6

Yes, however I think i prefer tagging outbound with Windows QoS, sort of makes sense? Dont know if it will make a difference in overhead, or client side is 'double' prioritized to an extend.

I mean prioritizing / tagging based on executable looks much more granular to me, it can be a lot harder and less convinient trying to extrapolate port range, potentially different IP etc...

Imho upstream prioritizing still most important factor for gaming, this inbound prioritizing is like icing on the cake :slight_smile:

But please give input if I am wrong!

It's a good idea to control tags on transmit. But it's not always possible, for example in Xbox or an Android tablet or whatever.

That is true. However my only concern is maximum performance in the few select windows games I play, and I want them to have 100% priority over anything else on my network. Luckily I'm in full control of congestion (For the most part). The whole QoS for me is for 'incidents' for when lets say my iPhone is fetching data in the background, or some anomaly happening which can potentially throw off my game's networking even if its just slightly. Using 4G itself is really variable and sometimes I can get 60Mbps and other times I suspect it can just drop to <20Mbps for a few hundred milliseconds. As long as my UDP packets go through at these situations im satisfied.

I'm still using EF for them at this point and disabled WMM on my Wifi, as well as disallowing apps to use their own DSCP tags.

But in your situation, if the Android device or Xbox doesn't use any tags, or only low priority, the transmit DSCP i set on my Windows system still has priority over the others right? I can understand that you cant prioritize transmit packets from such devices without Windows QoS and then ur forced to use OpenWRT QoS indeed.

Yes, but if for example some over-zealous Android / iPhone app decides to tag its weather updates with CS7 your EF tags will not help you. This can be particularly true if some device gets compromised into a botnet that floods packets with very high DSCP priority. So it can be useful to rewrite the tags in your router anyway so as to squash other devices over-zealous attempts at prioritizing themselves.

Good point, havent thought of it that way. Is there any way to mark anything else other than the two rules i've already set to CS0? Or whatever lowest priority is? Or would I have to make specific rules for that too?

How would one go and setup something like mark all data except these two rules as low priority?

For SQM / cake lowest priority is CS1. CS0 is "regular" priority. You can easily add a rule that sets all traffic that isn't from your windows machine (give your windows machine a static IP reservation) to CS0, nullifying priorities put on the packets by anything else.

Good idea! Yea the only client on my network who has static IP is my Windows PC.

i prefer to tag port 80/443 with cs3, then put a connbytes rule that will tag port 80/443 with cs1 if the connbytes is
exceeded.
i think CS6 is better than EF,i read somewhere it's have problems with some kernels.

it's possible to tag packets on android using iptables, something like this:

iptables -t mangle -A PREROUTING -p udp -m owner --uid-owner 10154 -j DSCP --set-dscp-class CS6
#Clear interface dscp marks, we don't trust ISP marks(also to use our own marks).
$IPT -t mangle -A PREROUTING -i eth1.2 -j DSCP --set-dscp-class CS1

#MWO specific (upstream and downstream, however upstream is already covered with Windows QoS)
iptables -t mangle -A PREROUTING -p udp -m iprange --src-range 5.135.129.0-5.135.129.255 -j DSCP --set-dscp-class CS6
iptables -t mangle -A PREROUTING -p udp -m iprange --src-range 198.27.85.0-198.27.85.255 -j DSCP --set-dscp-class CS6
iptables -t mangle -A PREROUTING -p udp -m iprange --dst-range 5.135.129.0-5.135.129.255 -j DSCP --set-dscp-class CS6
iptables -t mangle -A PREROUTING -p udp -m iprange --dst-range 198.27.85.0-198.27.85.255 -j DSCP --set-dscp-class CS6


#Clear egress (upstream) dscp marks on all local network IP's except our Windows Client with static IP (192.168.1.100)
iptables -t mangle -A PREROUTING -p all -m iprange --src-range 192.168.1.101-192.168.1.255 -j DSCP --set-dscp-class CS1

Does this look alright?

@Emtee
i think yeah.
but this will tag all untaged packets with CS1(bulk tin).
test under loaded network then see how it will works!