Ultimate SQM settings: Layer_cake + DSCP marks

Emtee · November 28, 2018, 1:33pm

Ah, I was under the impression I just had to use Ethernet with 18 bytes overhead. My ISP MTU is 1500

hisham2630 · November 28, 2018, 1:51pm

so change the overhead for both veth0 and eth1.2 to 18.
i forget something, eth0 upload should 30000 not 16000.

Emtee · November 28, 2018, 1:54pm

Oh I see now you have 3 interfaces on SQM, why is this? Isnt one for Ingress and one for egress enough?

dlakelan · November 28, 2018, 1:59pm

Instead of giving an invalid zero Mac address, give the Mac address of your Ethernet that's in the bridge.

hisham2630 · November 28, 2018, 2:00pm

not needed anymore!
Many thanks for your explanation and values help.

Emtee · November 28, 2018, 2:01pm

Everything works as intented now! I just need to setup proper SQM now in /etc/config/sqm !

Now i have


config queue 'wan'
	option ingress_ecn 'ECN'
	option egress_ecn 'ECN'
	option enabled '1'
	option debug_logging '0'
	option verbosity '5'
	option qdisc 'cake'
	option qdisc_advanced '1'
	option qdisc_really_really_advanced '1'
	option squash_dscp '0'
	option squash_ingress '0'
	option download '0'
	option script 'layer_cake.qos'
	option linklayer 'ethernet'
	option interface 'eth1.2'
	option eqdisc_opts 'diffserv4 nat dual-srchost rtt 170ms'
	option iqdisc_opts 'diffserv4 nat dual-dsthost rtt 170ms autorate-ingress'
	option upload '5000'
	option overhead '8'

config queue
	option debug_logging '0'
	option verbosity '5'
	option ingress_ecn 'ECN'
	option enabled '1'
	option download '0'
	option qdisc 'cake'
	option qdisc_advanced '1'
	option squash_dscp '0'
	option squash_ingress '0'
	option egress_ecn 'ECN'
	option qdisc_really_really_advanced '1'
	option linklayer 'ethernet'
	option script 'layer_cake.qos'
	option interface 'veth0'
	option eqdisc_opts 'diffserv4 nat dual-dsthost rtt 170ms'
	option iqdisc_opts 'diffserv4 nat dual-srchost rtt 170ms autorate-ingress'
	option upload '20000'
	option overhead '8'

config queue
	option debug_logging '0'
	option verbosity '5'
	option qdisc 'cake'
	option qdisc_advanced '1'
	option ingress_ecn 'ECN'
	option qdisc_really_really_advanced '1'
	option enabled '1'
	option squash_dscp '0'
	option squash_ingress '0'
	option egress_ecn 'ECN'
	option interface 'eth0'
	option upload '16000'
	option script 'piece_of_cake.qos'
	option iqdisc_opts 'dual-srchost'
	option eqdisc_opts 'dual-dsthost'
	option linklayer 'ethernet'
	option overhead '8'
	option download '0'

I removed the dangerous contents from link layer adaption and put it on 18 bytes overhead. I assume the warning about only touching it if MTU is above 1500 is right!

I'm just confused about the triple interface on SQM i believe.

hisham2630 · November 28, 2018, 2:02pm

Right, one for ingress and one for egress, the other one is for lan side, it's just help reducing the bufferbloat.

hisham2630 · November 28, 2018, 2:04pm

you still have the 8 overhead!
keep 8 overhead for eth0 and 18 for eth1.2 and veth0
the option upload '16000' in eth0 change it to 30000

Emtee · November 28, 2018, 2:09pm

Oops, my bad I screwed up there indeed, good catch!


config queue 'wan'
	option ingress_ecn 'ECN'
	option egress_ecn 'ECN'
	option enabled '1'
	option debug_logging '0'
	option verbosity '5'
	option qdisc 'cake'
	option qdisc_advanced '1'
	option qdisc_really_really_advanced '1'
	option squash_dscp '0'
	option squash_ingress '0'
	option download '0'
	option script 'layer_cake.qos'
	option linklayer 'ethernet'
	option interface 'eth1.2'
	option eqdisc_opts 'diffserv4 nat dual-srchost rtt 170ms'
	option iqdisc_opts 'diffserv4 nat dual-dsthost rtt 170ms autorate-ingress'
	option upload '5000'
	option overhead '18'

config queue
	option debug_logging '0'
	option verbosity '5'
	option ingress_ecn 'ECN'
	option enabled '1'
	option download '0'
	option qdisc 'cake'
	option qdisc_advanced '1'
	option squash_dscp '0'
	option squash_ingress '0'
	option egress_ecn 'ECN'
	option qdisc_really_really_advanced '1'
	option linklayer 'ethernet'
	option script 'layer_cake.qos'
	option interface 'veth0'
	option eqdisc_opts 'diffserv4 nat dual-dsthost rtt 170ms'
	option iqdisc_opts 'diffserv4 nat dual-srchost rtt 170ms autorate-ingress'
	option upload '20000'
	option overhead '18'

config queue
	option debug_logging '0'
	option verbosity '5'
	option qdisc 'cake'
	option qdisc_advanced '1'
	option ingress_ecn 'ECN'
	option qdisc_really_really_advanced '1'
	option enabled '1'
	option squash_dscp '0'
	option squash_ingress '0'
	option egress_ecn 'ECN'
	option interface 'eth0'
	option upload '30000'
	option script 'piece_of_cake.qos'
	option iqdisc_opts 'dual-srchost'
	option eqdisc_opts 'dual-dsthost'
	option linklayer 'ethernet'
	option overhead '8'
	option download '0'

Currently I put Downstream limit to 20Mbit and upload to 5Mbit, for the time being. I still need to tweak my 4G modem's LTE channels to see which combination is best, and the bandwidth fluctuates a little bit sometimes so hence the tight restriction. (Some channels have less bandwidth but less jitter/lower latency) I think channel bonding introduces more bandwidth at the expense of jitter)

Does it look well now? I'm still confused about Eth0 why its needed, would everything work alright without it? Just curious. Is it just a secondary layer you put in there for extra stability just 'because you can'? Or is it a good combination to use piece_of_cake on top of the two layer_cake's?

Sorry for all the questions!

dlakelan · November 28, 2018, 2:13pm

I'm on my phone so hard to follow your full thread but am I right that you've completely disabled the firewall? (By default all forwarding is allowed?) You might want to rethink that. Particularly for ipv6! Maybe what is needed is to put veth0 in it's own interface and add it to the LAN firewall zone or similar.

Emtee · November 28, 2018, 2:18pm

You mean WAN Forward -> Accept?
Edit: i put this to reject, so far everything working.

I assume this is the one you talk about @dlakelan

hisham2630 · November 28, 2018, 2:18pm

It's still in my mind, but at least lets him setup everything then after that let see which chain is affecting the veth.
i think it's forward chain.

hisham2630 · November 28, 2018, 2:23pm

No problem.
you can run sqm on each interface that you have independently , put a queue on interface will help make things tidy, also help to reduce bufferbloat and latency!
it's a good combination to use piece_of_cake and two layer_cake's to reduce latency and bufferbloat!

hisham2630 · November 28, 2018, 2:24pm

@Emtee i see sometimes you miss reading my posts, so please keep eye on!
you can safely make firewall like this!

don't forget to measure RTT using the link that i had posted.

dlakelan · November 28, 2018, 2:29pm

Yes this seems like more proper firewall rules!

hisham2630 · November 28, 2018, 2:29pm

Oh, thanks!

Emtee · November 28, 2018, 2:30pm

Yes I will check the internet quality shortly!
I didn't miss that one

hisham2630 · November 28, 2018, 2:31pm

You missed the firewall fix post!

19H ago

Emtee · November 28, 2018, 2:33pm

I did, but i applied them later
I applied same firewall rules as the last screenie, all works fine still
Hitregistration in my game is really good so far, all UDP packets in and out DSCP tagged.

Question, the eth0 SQM, should the bandwidth limit be synchronized with one of the other two? Or should I always keep it at 30000?

hisham2630 · November 28, 2018, 2:44pm

GREAT!

set it according to your download speed!

you should make the firewall setting like this or you will have problems later: