What I would like to do is to put an OpenWRT box between my FritzBox (ADSL modem) and everything else I already have on my network. Just to shape traffic to the internet. I would want this OpenWRT box to be as transparent as possible, no DHCP, no NAT, no firewall, no [..]

I can't seem to figure out how to disable firewall and dnsmasq, while still keeping the WAN port operational for qos-scripts to work on. My hardware is a TP-Link WRD4300.

How do I set that up?

-----

Maybe:

Install qos-scripts, and configure /etc/config/qos upload & download kbit/s

Keep wan interface, but put @wan into the lan interface in /etc/config/network and configure static addresses:

config interface 'lan'
        option ifname 'eth0.1 @wan'
        option type 'bridge'
        option proto 'static'
        option ipaddr '192.168.178.205'
        option netmask '255.255.255.0'
        option ip6assign '60'

config interface 'wan'
        option ifname 'eth0.2'
        option proto 'static'
        option ipaddr '192.168.178.206'
        option netmask '255.255.255.0'

/etc/init.d/dnsmasq disable
/etc/init.d/firewall disable

reboot

The device is now available at 192.168.178.205 from it's LAN ports (br-lan), and possibly 192.168.178.206 on the WAN (eth0.2)

Shaping with fq_codel appears to happen. Average ping stays low.

Some things aren't working right with this setup.

From the command line on the WRD4300 you cannot connect to the internet (cannot ping google.com, nor 192.168.178.1, my modem). Most devices connected to the WDR4300 work fine using DHCP by themselves, they get an IP from the 192.168.178.{20-119} range. But an Airport Extreme plugged in over ethernet on the LAN cannot get an IP by requesting it over DHCP.

What would be a proper setup ?

For this setup to work __without double NAT__, you need to be able to set a simple static route on the Fritz!Box. AFAIK on Fritz!OS this is possible without having to jump through hoops. Search in the forum for something like "double NAT".

DHCP over more broadcast domains should work, since it sends 255.255.255.255 on all interfaces it serves as dhcp server. So then via DHCP the FritzBox should tell the hosts what nameserver to use etc.

If this does not work, simply do it all static and turn the services (daemons) on the OpenWrt-device off.

Traffic shaping is by nature "transparent". All traffic passes the txqueue and you "simply" apply some fancy algorithms as managers of the txqueue.

Should be the other way around. You should be able to connect from the OpenWrt-device but not from devices behind it! For this to be possible, the NAT-solution on the Fritz!OS needs static routes, so it correctly NATs the packets from the hosts behind the OpenWrt-device to their IP addresses (which belong to a different subnet then the net between Fritz and OpenWrt).

You testes with NAT turned on and under load?
BTW, fq_codel is indeed a cool idea (because it drops at the head, so there no delay between the droping and the TCP notification (for UDP I see no advantage), but OpenWrt-qos uses fq_codel + HFSC, which is still the actual magic algorithm!

If you want to play around with traffic shaping for a link on which you have VoIP and Bulk, there is no way around HFSC. The basic Idea there is, afaik, that some traffic can have delay, and on how to mathematically make this work.

With "transparent shaping" I meant it would not add extra DHCP, NAT, etc. to my network.

My current setup is like a line. All 1Gbit ethernet, the 2.4GHz wifi's share one SSID:

Fritz!Box 7360 (2.4GHz g/n) -- switch -- Airport Extreme (switch mode, 2.4GHz g/n, 5GHz n) --5 GHz WiFi-- Airport Express

Fritz!Box 7360 has native IPv4 & IPv6. It NATs the IPv4, and blocks incoming IPv6 connections. IPv4 on the LAN is via DHCP, and IPv6 is 'auto configured' according the standard (no DHCPv6).

A MythTV backend with a static IP is plugged into the modem (the other 1Gbit port). Remote frontends throughout the house can send Wake-on-LAN packets to the server if they want to watch TV. There is a printer which is auto discovered through Zeroconf/Bonjour and whatnot. I have Linux, Mac, Windows, iOS and Android machines on ethernet and WiFi.

I want to put a WDR4300 between the Fritz!Box and the switch, just to shape traffic to the internet. Maybe for wifi too in the future. Everything plugged in directly into the modem would move to the WDR4300 or further up the line.

Is there an explanation what 'static routes' are supposed to do? It appears to me that in this case it would statically route IP packets between two LAN ports on the modem, that is not what I need. I don't think WOL (layer 2) goes through anything routed, even with static routes (layer 3), since it's sent to a MAC address. And neither would Zeroconf (also layer 2, or layer 3 multicast?). I do not want to change the IP address of the MythTV backend, as all clients are setup to connect to it and wake it up just fine, also on the machine multiple servers expect the static IP address.

---

I am just describing the behavior of the setup as described in post #1. Everything works on connected clients, they will get an IP from DHCP within Fritz!Box's ip range. I can telnet/ssh to the WDR4300, but cannot ping to google.com from there. A WDR4300 LAN-port connected Airport Extreme (to its WAN port, of course) will complain about it's network connection, and will use a self chosen IP.

I've tried inserting extra DNS and gateway info for the static wan port, but it doesn't solve anything.

---

I did not try qos with the default OpenWRT NAT turned on. With the setup as described in post #1 I just use the standard 'qos-scripts' from opkg which shapes the interface named 'wan'. I suppose that's the same as "OpenWRT-qos". Under load I saw packets being dropped from different queues via `tc -s -d qdisc` on the WDR4300 in the setup described in post #1. Also on my Fritz!Box the bandwidth graph drops lower if I set the 'upload' value low enough in /etc/config/qos on the WDR4300.

---

With the Airports I can just flip on "switch mode" and everything works in my setup. They do not have fq_codel though. I understand setting up a Linux switch or router takes some extra knowledge, and I'm willing to learn. I'm educated in networking by Andy Tanenbaum.

I'd like to help you, but if your described setup works as you say, then my knowledge/comprehension is not good enough to do so.