First off, I've tried QoS... It does not help. 
My brother is an internet hog who doesn't realise he utlises way more than his fair share of bandwidth. 
So, in clear terms can someone tell me how to throttle Netflix traffic. Preferably to 1 Megabits, thanks.

Hi HansomPeerClown,

from cursory looking the keyword is "brother". This is not a technological issue and hence requires a non-technical solution. Talk to your brother make him change his behavior ; this is way more sustainable than going into an technological arms-race.
       But since netflix is only going to use one flow as far as I know, why does flow-fair queueing as performed by qos-scripts or sqm-scripts not solve or severely ameliorate the problem? What is the total bandwidth you have available on your link for downstream an upstream, and how much of that bandwidth does netflix traffic consume?

Best Regards
        M.

Hey moeller0, I've talked to the stubborn bastard but he does not comprehend the fact that him constantly streaming HD Netflix severely deteriorates other's trying to use the connection (4.5mbit)
I don't know why QoS does not work for streaming, Netflix just seems to bulldoze over it. Regardless I'm not really interested in a conversation about QoS, if you have a solution to throttle Netflix then please share.
Cheers.

(Last edited by HansomPeerClown on 23 Aug 2015, 14:44)

Hi HansomPeerClown,

I guess than our conversation ends here; all I am interested in is getting sqm-scripts to work "as advertised" under the widest range of circumstances. So figuring out why netflix does not behave is potential interesting, your preferred alternative not so much...
      But as an guideline for your plan, you need to find some invariance in the traffic coming in from netflix to your brother and the use this invariance to mark those packets, then you can sort them into a specifically set up band in your traffic shaper that only allows 1 Mbps at maximum. Finding those invariances is going to be tricky and error-prone as your brother most likely is going to adapt (say you throttle his IP, he simple changes it, same foe MAC or simply uses some one else's computer). But hey, if that is how you roll, more luck to you...

Over & Out
       M.

@HansomPeerClown

You ask for help, yet you exclude the only solution and reject the number one resource on QoS around here. Good luck, it seems you would rather keep your problem

hey you could try:
-tell your mother/father/parents about it
-smash your brother pc
-smash your brother face
-cut the link to your brother pc
-put your brother link on a antique network device
-learn howto use qos
-go watch the shet your brothes wtching.. hess lonely.. keep him company.. (ps no company on porn)
-go outside.. play ball.. walk your dog..
-upgrade your internet link

hf

Yeah upgrading your internet link would be the best solution...
Netflix is awesome and shouldn't be throttled. Because if you do, it gets less awesome.

Hi HansomPeerClown,

I guess I should be less grumpy, so sorry. I remember that we had a two topics in which we discussed facets of your set up, but in both cases you seemed to drop out of the discussion before it reached a conclusion/solution. Obviously, it is your right to do so, but on the other hand it makes me question the validity of your initial premise: "First off, I've tried QoS... It does not help." (ironically quality-of-service or QoS is the shorthand name for the kind solution of traffic engineering you are looking for.)
        Again, you might be right in your assessment that neither qos-scripts nor sqm-scripts actually can solve your issue, but there is just not enough data to figure out whether this could be fixed.

Best Regards
      M.

Don't get me wrong, SQM-QOS works at keeping latency low for gaming etc... but in my experience doesn't help share bandwidth for streaming. That's just my experience, so I'd just like to know how to set a hard limit on his bandwidth because I know that should 100% fix it.

I'm not lying when I say QoS isn't helping, why would I do that?

my roommate does this too, when he downloads torrents and i wanna stream, so i just ban his mac on the router until im done lol
hell get the message one day and actually listen to me

Try out Gargoyle  with this you can more easy limit you enemy ^^

Support all devices that run under BarrierBreaker 14.07

(Last edited by trismo on 24 Aug 2015, 08:49)

Hi there,

luckily there is some overlap between our interest: namely figuring out how the netflix traffic actually looks. You need to know this to design the filters you ultimately need to isolate that traffic, and I am curious to learn that to figure out why netflix seems to evade/side-step fq_codel's flow isolation. I already assume that netflix traffic will be quite bursty (so dash instead of smooth streaming), but are they using tcp or udp, are the port numbers constant will packets always be served from the same IP all of this will be interesting to know. So, in case you take some packet traces and look at them, please post at least a summary to this thread. With lots of luck this might indicate why qos- and sqm-scripts fail to solve your problem. (I just want to add that your link is quite interesting as due its low bandwidth it will show problems more prominent than faster links where people might not notice).

Best Regards
        M.

But I take it gargoyle will only allow to throttle traffic to a specific IP? Then all his brother needs to do is change his IP, and potentially his MAC to work around persistent DHCP or host entries. Also the quest was throttling netflix traffic, not all traffic, the OP   really wants a targeted approach... if I understood correctly, that is.

Best Regards
       M.

Block all mac address and only allow ip + mac combo is possible with it.
Or just 2 rules example on iP get 50% others get the remaining.

Problem is, I don't even know how to throttle any traffic in openwrt. So how would I go about that when I do figure out the traffic 'signature'?

Hi trismo,

Outch, true, whitelisting the IPs ans MACs will work a bit further (until his brother just clones an existing IP/MAC pair to disguise as another computer), but this is really heavy handed and will adding other machines to the network quite burdensome.
        If I understand the OP correctly, and I well might not, what he wants is an universal netflix throttle, so no matter which computer is used netflixing will not affect other traffic.
       If, however, you see the issue as "OP wants to make a point" than the block everything unknown approach will work, assuming the offensive party comes to its senses...

Best Regards
       M.

ok thats difficult i don't know any opensource "dpi" filter that work with ssl netflix 100% with ip4/6 and that is needed for this right.

only way i see is to limit all Netflix streaming server ip but hard part is to get a list of it.

(Last edited by trismo on 24 Aug 2015, 11:07)

IMHO, the first step would be to install iftop and, while the line is hammered, check with machine(s) and which port(s) are being used. And then formulate QoS rules based on that observation. Or am I thinking too straightforward for the problem?

BTW, it's universally quoted that Netflix uses ports 80 and 443. Which makes a lot of sense since they want to ensure their service can be used on a variety of clamped-down networks, they even must consider hotel rooms and such. Of course, rules targeting Netflix would also target regular web surfing.

Also, maybe explain to the OP that QoS -- at least in the OpenWrt incarnations -- is not about throttling but prioritizing traffic. In this case, probably prioritizing the Netflix traffic lower than the other traffic on the network.

(Last edited by metai on 24 Aug 2015, 12:27)

It doesn't have to be universal, I know which mac address/ip he uses for netflix. He's also not savvy enough to change mac addresses.

I'll try taking a peak with iftop, how would you make the QoS rule afterwards? Because that is where I'm stuck.

try tc
http://wiki.openwrt.org/doc/howto/packe … .scheduler
strange qos dosnt work.. it should.. you can ban all traffic with it..
use static leases

your just the one with the triggerfinger.. you also make lots of traffic by streamming; so you deny him so you can do same shet ^^
the brake beying that torrent dont have to be on all time

I think I may just go with a static throttle for all his traffic for now until I figure out the netflix traffic. 
Would this guide work the same on OpenWrt? https://help.atmail.com/hc/en-us/articl … -for-Linux

Well, more or less yes; I do think that only the upload would be controlled with this configuration though, ingress needs an IFB to work, BUT if you set up a shaper on ANOTHER interface than the actual wan interface effective ingress and egress revert, and you again have control over what is ingress or download from the internets to the controlled IP.
        Then again, if have the liberty to establish the shaper on a non-WAN interface sqm and qos-scripts will easily allow you to hale his ingress and egress, if you are willing to dedicate a whole port of wifi band to your brother.
        But I only cursory glanced over the code, and do not claim to be really proficient in tc, so the linked script might actually work as advertised and I need to learn more.

Best Regards
        M.

I think throttling rather than prioritizing Netflix actually makes sense.  If I understand Netflix correctly when you first start a video it attempts to measure your connection speed and scales the video to match.  As a result, if you use prioritization you'll sometimes get pausing/buffering as competing traffic comes and goes but if you set a fixed cap it'll just pick a resolution that works well within that limit.  I think Youtube (at least on Android) does something similar.

Capping it also makes sense for those who are trying to keep total monthly bandwidth usage down due to a metered connection.

I ran into something called ipset the other day.  I haven't looked into it but acording to the dnsmasq man page it "Places the resolved IP addresses of queries for the specified domains in the specified netfilter ip sets."