My "custom" QoS that really works

Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Contributions Upload
Goto page Previous  1, 2, 3, 4
Author Message
pokinwilly
DD-WRT Novice


Joined: 31 Jan 2007
Posts: 2

PostPosted: Tue Jul 03, 2007 13:28    Post subject: Reply with quote
CaScAdE wrote:


@pokinwilly:
the main use of the status stuff is looking if the traffic gets categorized well, you can watch the classes fill and stuff... the rest is not important for you as far as you do not know the whole iptables and tc interaction...


Thanks for the clarification.

FYI, I've dropped the WIFI bridge, replaced by latest PLC (Powerline Communications).

Rgds,
PokinWilly.
Sponsor
NeoPolus
DD-WRT Novice


Joined: 12 Apr 2008
Posts: 1

PostPosted: Sat Apr 12, 2008 16:47    Post subject: My own shaper script Reply with quote
This is my own shapper script, based on this forum thread scripts.

Here goes the script code:

Code:

#!/bin/sh

#######################################################
# npshaper v0.1
#######################################################

# Wan link download speed in Kbits (set to 80%-90% of link capacity; 6000 -> 4800)
DOWNLOAD=4800
# Wan link upload speed in Kbits (set to 80%-90% of link capacity; 600 -> 480)
UPLOAD=480

# Download burst size in Kbytes
D_BURST=50
# Upload burst size in Kbytes
U_BURST=5

# 'Home server' (always on machine used for serving webpages / FTP / P2P / ...)
HOMESERVER_IP=192.168.0.9

#
# Ports used by the 'home server' services
#
HOMESERVER_HTTP_PORT=80
HOMESERVER_HTTPS_PORT=443
HOMESERVER_FTP_PORT=4521
HOMESERVER_HFS_PORT=4580
HOMESERVER_EMULE_TCP_PORT=4662
HOMESERVER_EMULE_UDP_PORT=4672
HOMESERVER_BITTORRENT_PORT=6881


#######################################################

WAN=$(nvram get wan_ifname)
LAN=$(nvram get lan_ifname)

DEBUG=0

if [ "$1" = "start" ]
then

   echo "Starting..."
   
  [ $DEBUG -eq 1 ] && insmod ipt_LOG >&- 2>&-
   insmod cls_fw >&- 2>&-
   #insmod sch_hfsc >&- 2>&-
   insmod sch_htb >&- 2>&-
   insmod ipt_CONNMARK >&- 2>&-
   insmod ipt_length >&- 2>&-
   insmod ipt_limit >&- 2>&-
   insmod ipt_tos >&- 2>&-
   #insmod sch_ingress >&- 2>&-
   insmod ipt_layer7 >&- 2>&-
   #insmod ipt_ipp2p >&- 2>&-
   #insmod ipt_multiport >&- 2>&-
   #insmod cls_u32 >&- 2>&-

   # Remove previous settings
   tc qdisc del dev $WAN root >&- 2>&-
   tc qdisc del dev $LAN root >&- 2>&-
   
   ##### WAN #####
   echo "Setting up Wan interface traffic classes..."
   tc qdisc add dev $WAN root handle 1: htb
     tc class add dev $WAN parent 1: classid 1:1 htb rate ${UPLOAD}kbit ceil ${UPLOAD}kbit burst ${U_BURST}k cburst ${U_BURST}k
       tc class add dev $WAN parent 1:1 classid 1:10 htb rate $(($UPLOAD*5/10))kbit ceil ${UPLOAD}kbit burst ${U_BURST}k cburst ${U_BURST}k prio 0
       tc class add dev $WAN parent 1:1 classid 1:20 htb rate $(($UPLOAD*3/10))kbit ceil ${UPLOAD}kbit burst ${U_BURST}k cburst ${U_BURST}k prio 1
       tc class add dev $WAN parent 1:1 classid 1:30 htb rate $(($UPLOAD*2/10))kbit ceil ${UPLOAD}kbit burst ${U_BURST}k cburst ${U_BURST}k prio 2
   
   tc filter add dev $WAN parent 1: prio 1 protocol ip handle 1 fw flowid 1:10
   tc filter add dev $WAN parent 1: prio 2 protocol ip handle 2 fw flowid 1:20
   tc filter add dev $WAN parent 1: prio 3 protocol ip handle 3 fw flowid 1:30
   
   
   ##### LAN #####
   echo "Setting up Lan interface traffic classes..."
   tc qdisc add dev $LAN root handle 1: htb
     tc class add dev $LAN parent 1: classid 1:1 htb rate ${DOWNLOAD}kbit ceil ${DOWNLOAD}kbit burst ${D_BURST}k cburst ${D_BURST}k
       tc class add dev $LAN parent 1:1 classid 1:10 htb rate $(($DOWNLOAD*5/10))kbit ceil ${DOWNLOAD}kbit burst ${D_BURST}k cburst ${D_BURST}k prio 0
       tc class add dev $LAN parent 1:1 classid 1:20 htb rate $(($DOWNLOAD*3/10))kbit ceil ${DOWNLOAD}kbit burst ${D_BURST}k cburst ${D_BURST}k prio 1
       tc class add dev $LAN parent 1:1 classid 1:30 htb rate $(($DOWNLOAD*2/10))kbit ceil ${DOWNLOAD}kbit burst ${D_BURST}k cburst ${D_BURST}k prio 2
   
   tc filter add dev $LAN parent 1: prio 1 protocol ip handle 1 fw flowid 1:10
   tc filter add dev $LAN parent 1: prio 2 protocol ip handle 2 fw flowid 1:20
   tc filter add dev $LAN parent 1: prio 3 protocol ip handle 3 fw flowid 1:30
   
   
   
   ######################################## MARK CHAIN ##################################################
   
   echo "Setting up classification chains..."
   
   # Remove previous settings
   iptables -t mangle -F
   iptables -t mangle -X
   
   # Wan ('upload' traffic) classification chain
   iptables -t mangle -N wan_mark_chain
   iptables -t mangle -A POSTROUTING -o $WAN -j wan_mark_chain
   
   # Lan ('download' traffic) classification chain
   iptables -t mangle -N lan_mark_chain
   iptables -t mangle -A POSTROUTING -o $LAN -j lan_mark_chain
   
   # Restore any saved connection mark (connection already marked and tracked)
   iptables -t mangle -A wan_mark_chain -j CONNMARK --restore-mark
   iptables -t mangle -A lan_mark_chain -j CONNMARK --restore-mark
   
   
   
   ### RULES BEGIN #####################################
   
   # DNS (outgoing) queries - Express
   iptables -t mangle -A wan_mark_chain -m mark --mark 0 -p udp --dport 53 -j MARK --set-mark 1
   
   # HTTP on home server - Bulk
   iptables -t mangle -A wan_mark_chain -m mark --mark 0 -s $HOMESERVER_IP -p tcp --sport $HOMESERVER_HTTP_PORT -j MARK --set-mark 3
   iptables -t mangle -A lan_mark_chain -m mark --mark 0 -d $HOMESERVER_IP -p tcp --dport $HOMESERVER_HTTP_PORT -j MARK --set-mark 3
   
   # HTTPS on home server - Bulk
   iptables -t mangle -A wan_mark_chain -m mark --mark 0 -s $HOMESERVER_IP -p tcp --sport $HOMESERVER_HTTPS_PORT -j MARK --set-mark 3
   iptables -t mangle -A lan_mark_chain -m mark --mark 0 -d $HOMESERVER_IP -p tcp --dport $HOMESERVER_HTTPS_PORT -j MARK --set-mark 3
   
   # FTP on home server - Bulk
   iptables -t mangle -A wan_mark_chain -m mark --mark 0 -s $HOMESERVER_IP -p tcp --sport $HOMESERVER_FTP_PORT -j MARK --set-mark 3
   iptables -t mangle -A lan_mark_chain -m mark --mark 0 -d $HOMESERVER_IP -p udp --dport $HOMESERVER_FTP_PORT -j MARK --set-mark 3
   
   # HFS on home server - Bulk
   iptables -t mangle -A wan_mark_chain -m mark --mark 0 -s $HOMESERVER_IP -p tcp --sport $HOMESERVER_HFS_PORT -j MARK --set-mark 3
   iptables -t mangle -A lan_mark_chain -m mark --mark 0 -d $HOMESERVER_IP -p tcp --dport $HOMESERVER_HFS_PORT -j MARK --set-mark 3
   
   # Edonkey on home server - Bulk
   iptables -t mangle -A wan_mark_chain -m mark --mark 0 -s $HOMESERVER_IP -p tcp --sport $HOMESERVER_EMULE_TCP_PORT -j MARK --set-mark 3
   iptables -t mangle -A lan_mark_chain -m mark --mark 0 -d $HOMESERVER_IP -p tcp --dport $HOMESERVER_EMULE_TCP_PORT -j MARK --set-mark 3
   iptables -t mangle -A wan_mark_chain -m mark --mark 0 -s $HOMESERVER_IP -p udp --sport $HOMESERVER_EMULE_UDP_PORT -j MARK --set-mark 3
   iptables -t mangle -A lan_mark_chain -m mark --mark 0 -d $HOMESERVER_IP -p udp --dport $HOMESERVER_EMULE_UDP_PORT -j MARK --set-mark 3
   
   # Bittorrent on home server - Bulk
   iptables -t mangle -A wan_mark_chain -m mark --mark 0 -s $HOMESERVER_IP -p tcp --sport $HOMESERVER_BITTORRENT_PORT -j MARK --set-mark 3
   iptables -t mangle -A lan_mark_chain -m mark --mark 0 -d $HOMESERVER_IP -p tcp --dport $HOMESERVER_BITTORRENT_PORT -j MARK --set-mark 3
   iptables -t mangle -A wan_mark_chain -m mark --mark 0 -s $HOMESERVER_IP -p udp --sport $HOMESERVER_BITTORRENT_PORT -j MARK --set-mark 3
   iptables -t mangle -A lan_mark_chain -m mark --mark 0 -d $HOMESERVER_IP -p udp --dport $HOMESERVER_BITTORRENT_PORT -j MARK --set-mark 3
   
   # Edonkey 'catch-all' - Bulk
   iptables -t mangle -A wan_mark_chain -m mark --mark 0 -m layer7 --l7proto edonkey -j MARK --set-mark 3
   iptables -t mangle -A lan_mark_chain -m mark --mark 0 -m layer7 --l7proto edonkey -j MARK --set-mark 3
   
   # Bittorrent 'catch-all' - Bulk
   iptables -t mangle -A wan_mark_chain -m mark --mark 0 -m layer7 --l7proto bittorrent -j MARK --set-mark 3
   iptables -t mangle -A lan_mark_chain -m mark --mark 0 -m layer7 --l7proto bittorrent -j MARK --set-mark 3
   
   
   ### RULES END #####################################
   
   
   
   # Save mark so we track the full connection
   iptables -t mangle -A wan_mark_chain -j CONNMARK --save-mark
   iptables -t mangle -A lan_mark_chain -j CONNMARK --save-mark
   
   # ACK packets and suck (connection control) - Express
   iptables -t mangle -A wan_mark_chain -p tcp -m length --length :128 --tcp-flags SYN,RST,ACK ACK -j MARK --set-mark 1
   iptables -t mangle -A lan_mark_chain -p tcp -m length --length :128 --tcp-flags SYN,RST,ACK ACK -j MARK --set-mark 1
   
   # ICMP (ping and such) - Express
   iptables -t mangle -A wan_mark_chain -p icmp -j MARK --set-mark 1
   iptables -t mangle -A lan_mark_chain -p icmp -j MARK --set-mark 1
   
   # TOS Minimize-Delay - Express
   iptables -t mangle -A wan_mark_chain -m tos --tos Minimize-Delay -j MARK --set-mark 1
   iptables -t mangle -A lan_mark_chain -m tos --tos Minimize-Delay -j MARK --set-mark 1
   
   # Default (anything else) - Normal
   iptables -t mangle -A wan_mark_chain -m mark --mark 0 -j MARK --set-mark 2
   iptables -t mangle -A lan_mark_chain -m mark --mark 0 -j MARK --set-mark 2
   
   
   ######################################################################################################
   
   echo "Setting up debugging..."
   
   [ $DEBUG -eq 1 ] && iptables -t mangle -A wan_mark_chain -m mark --mark 1 -j LOG --log-prefix wan_qos_express::
   [ $DEBUG -eq 1 ] && iptables -t mangle -A wan_mark_chain -m mark --mark 2 -j LOG --log-prefix wan_qos_normal::
   [ $DEBUG -eq 1 ] && iptables -t mangle -A wan_mark_chain -m mark --mark 3 -j LOG --log-prefix wan_qos_bulk::
   
   [ $DEBUG -eq 1 ] && iptables -t mangle -A lan_mark_chain -m mark --mark 1 -j LOG --log-prefix lan_qos_express::
   [ $DEBUG -eq 1 ] && iptables -t mangle -A lan_mark_chain -m mark --mark 2 -j LOG --log-prefix lan_qos_normal::
   [ $DEBUG -eq 1 ] && iptables -t mangle -A lan_mark_chain -m mark --mark 3 -j LOG --log-prefix lan_qos_bulk::
   
   echo "Setting up accounting..."
   
   iptables -t mangle -A wan_mark_chain -m mark --mark 1 -j RETURN
   iptables -t mangle -A wan_mark_chain -m mark --mark 2 -j RETURN
   iptables -t mangle -A wan_mark_chain -m mark --mark 3 -j RETURN
   
   iptables -t mangle -A lan_mark_chain -m mark --mark 1 -j RETURN
   iptables -t mangle -A lan_mark_chain -m mark --mark 2 -j RETURN
   iptables -t mangle -A lan_mark_chain -m mark --mark 3 -j RETURN
   
   echo "...OK, all done."

fi

########################################

if [ "$1" = "status" ]
then
   echo "--- Current status ---"
   echo "--- WAN (Upload) ---"

   tc -s qdisc ls dev $WAN
   tc -s class ls dev $WAN
   echo ""
   echo "--- LAN (Download) ---"

   tc -s qdisc ls dev $LAN
   tc -s class ls dev $LAN
   echo ""
   echo "--- Classification chains ---"
   iptables -L -v -t mangle
   echo ""
fi

if [ "$1" = "stats" ]
then
   LAN_EXPRESS_PACKETS=`iptables -L -v -n -t mangle | grep "RETURN" | grep "match 0x1" | head -n 1 | awk '{print $1}'`
   LAN_NORMAL_PACKETS=`iptables -L -v -n -t mangle | grep "RETURN" | grep "match 0x2" | head -n 1 | awk '{print $1}'`
   LAN_BULK_PACKETS=`iptables -L -v -n -t mangle | grep "RETURN" | grep "match 0x3" | head -n 1 | awk '{print $1}'`
   LAN_EXPRESS_BYTES=`iptables -L -v -n -t mangle | grep "RETURN" | grep "match 0x1" | head -n 1 | awk '{print $2}'`
   LAN_NORMAL_BYTES=`iptables -L -v -n -t mangle | grep "RETURN" | grep "match 0x2" | head -n 1 | awk '{print $2}'`
   LAN_BULK_BYTES=`iptables -L -v -n -t mangle | grep "RETURN" | grep "match 0x3" | head -n 1 | awk '{print $2}'`
   
   WAN_EXPRESS_PACKETS=`iptables -L -v -n -t mangle | grep "RETURN" | grep "match 0x1" | tail -n 1 | awk '{print $1}'`
   WAN_NORMAL_PACKETS=`iptables -L -v -n -t mangle | grep "RETURN" | grep "match 0x2" | tail -n 1 | awk '{print $1}'`
   WAN_BULK_PACKETS=`iptables -L -v -n -t mangle | grep "RETURN" | grep "match 0x3" | tail -n 1 | awk '{print $1}'`
   WAN_EXPRESS_BYTES=`iptables -L -v -n -t mangle | grep "RETURN" | grep "match 0x1" | tail -n 1 | awk '{print $2}'`
   WAN_NORMAL_BYTES=`iptables -L -v -n -t mangle | grep "RETURN" | grep "match 0x2" | tail -n 1 | awk '{print $2}'`
   WAN_BULK_BYTES=`iptables -L -v -n -t mangle | grep "RETURN" | grep "match 0x3" | tail -n 1 | awk '{print $2}'`
   
   echo "Traffic stats:"
   echo "D/U Class    Packets Bytes"
   echo "D   Express  $LAN_EXPRESS_PACKETS $LAN_EXPRESS_BYTES"
   echo "D   Normal   $LAN_NORMAL_PACKETS $LAN_NORMAL_BYTES"
   echo "D   Bulk     $LAN_BULK_PACKETS $LAN_BULK_BYTES"
   echo "U   Express  $WAN_EXPRESS_PACKETS $WAN_EXPRESS_BYTES"
   echo "U   Normal   $WAN_NORMAL_PACKETS $WAN_NORMAL_BYTES"
   echo "U   Bulk     $WAN_BULK_PACKETS $WAN_BULK_BYTES"
fi


Ok, so what does this script do?

Well, it creates the next traffic classes:
Code:

UPLOAD (WAN OUTPUT)
1 ----+ 1:1
      |
      |----> 1:10 Express
      |----> 1:20 Normal
      |----> 1:30 Bulk

DOWNLOAD (LAN OUTPUT)
1 ----+ 1:1
      |
      |----> 1:10 Express
      |----> 1:20 Normal
      |----> 1:30 Bulk


Usage:
npshaper.sh start - Start the shapper (set the QOS rules)
npshaper.sh status - Print the QOS rules and stats
npshaper.sh stats - Print the basic express/normal/bulk classes stats

The script will set rules for shapping:
- Downloading traffic on the LAN output side (traffic that comes from the internet, gets queued on the router or droped if needed, before going into the lan)
- Uploading traffic on the WAN side (traffic going from the lan, gets queued on the router or droped if needed, before going to internet).

Traffic is asigned to one of the three classes by packet marking them with marks 1 (traffic control, pings, and such goes into express 1:10), 2 (default, goes into 1:20) or 3 (bulk, like p2p, goes into 1:30)

The "### RULES BEGIN ### ... ### RULES END ###" section is meant to be edited so you can add custom rules to set what is 'bulk', 'normal' or 'express' traffic (via the marks).

By default it classifies P2P, web serving or FTP data comming from, or going to, the 'home server' (I have an always on computer that I use as a web server and P2P client) as 'bulk'.
This way, the rest of the computers on the network ( doing web surfing, gaming, voice...) won't even notice (no high latency) when eMule is running, or when somebody is using the 'home server' FTP.

Though the script is far from perfect, I think it has one main advantage: it classifies both the 'download' and 'upload' connections!
CaScAdE script, on the downloading side, just shapes the wan ingress (download), so it does "drop anything that is coming in too fast"; but does not classify it so some traffic classes get priority and guaranted bandwidth.


As an example of the 'results', this is my current 'status' (tc qdiscs, tc classes and iptables mangle chain)

Code:

# /jffs/etc/bbshaper.sh status
--- Current status ---
--- WAN (Upload) ---
qdisc htb 1: r2q 10 default 0 direct_packets_stat 23
 Sent 108459650 bytes 214524 pkts (dropped 973, overlimits 3658)
class htb 1:1 root rate 480000bit ceil 480000bit burst 5Kb cburst 5Kb
 Sent 108446797 bytes 214511 pkts (dropped 0, overlimits 0)
 rate 186152bit 82pps
 lended: 12754 borrowed: 0 giants: 0
 tokens: 130762 ctokens: 130762

class htb 1:10 parent 1:1 prio 0 rate 240000bit ceil 480000bit burst 5Kb cburst 5Kb
 Sent 4078000 bytes 60349 pkts (dropped 0, overlimits 0)
 rate 28344bit 61pps
 lended: 60349 borrowed: 0 giants: 0
 tokens: 261523 ctokens: 130762

class htb 1:20 parent 1:1 prio 1 rate 144000bit ceil 480000bit burst 5Kb cburst 5Kb
 Sent 54175080 bytes 87561 pkts (dropped 715, overlimits 0)
 rate 111776bit 12pps
 lended: 84236 borrowed: 3325 giants: 0
 tokens: 208386 ctokens: 63049

class htb 1:30 parent 1:1 prio 2 rate 96000bit ceil 480000bit burst 5Kb cburst 5Kb
 Sent 50193717 bytes 66601 pkts (dropped 258, overlimits 0)
 rate 49816bit 9pps
 lended: 57172 borrowed: 9429 giants: 0
 tokens: 75518 ctokens: 123956


--- LAN (Download) ---
qdisc htb 1: r2q 10 default 0 direct_packets_stat 273
 Sent 46355930 bytes 173969 pkts (dropped 65, overlimits 107)
class htb 1:1 root rate 4800Kbit ceil 4800Kbit burst 50Kb cburst 50Kb
 Sent 46347701 bytes 173699 pkts (dropped 0, overlimits 0)
 rate 1250Kbit 124pps
 lended: 9061 borrowed: 0 giants: 0
 tokens: 126438 ctokens: 126438

class htb 1:10 parent 1:1 prio 0 rate 2400Kbit ceil 4800Kbit burst 50Kb cburst 50Kb
 Sent 5037602 bytes 77708 pkts (dropped 0, overlimits 0)
 rate 6944bit 14pps
 lended: 77708 borrowed: 0 giants: 0
 tokens: 263751 ctokens: 131876

class htb 1:20 parent 1:1 prio 1 rate 1440Kbit ceil 4800Kbit burst 50Kb cburst 50Kb
 Sent 36566602 bytes 59775 pkts (dropped 65, overlimits 0)
 rate 1245Kbit 104pps
 lended: 50714 borrowed: 9061 giants: 0
 tokens: -7882 ctokens: 126438

class htb 1:30 parent 1:1 prio 2 rate 960000bit ceil 4800Kbit burst 50Kb cburst 50Kb
 Sent 4743497 bytes 36216 pkts (dropped 0, overlimits 0)
 rate 5904bit 6pps
 lended: 36216 borrowed: 0 giants: 0
 tokens: 658142 ctokens: 131628


--- Classification chains ---
Chain PREROUTING (policy ACCEPT 890K packets, 290M bytes)
 pkts bytes target     prot opt in     out     source               destination

Chain INPUT (policy ACCEPT 373K packets, 77M bytes)
 pkts bytes target     prot opt in     out     source               destination

Chain FORWARD (policy ACCEPT 1584K packets, 691M bytes)
 pkts bytes target     prot opt in     out     source               destination

Chain OUTPUT (policy ACCEPT 339K packets, 76M bytes)
 pkts bytes target     prot opt in     out     source               destination

Chain POSTROUTING (policy ACCEPT 1950K packets, 777M bytes)
 pkts bytes target     prot opt in     out     source               destination
 215K  107M wan_mark_chain  all  --  any    vlan1   anywhere             anywhere
 175K   44M lan_mark_chain  all  --  any    br0     anywhere             anywhere

Chain lan_mark_chain (1 references)
 pkts bytes target     prot opt in     out     source               destination
 175K   44M CONNMARK   all  --  any    any     anywhere             anywhere            CONNMARK restore
   11   540 MARK       tcp  --  any    any     anywhere             192.168.0.9         MARK match 0x0 tcp dpt:www MARK set 0x3
    0     0 MARK       tcp  --  any    any     anywhere             192.168.0.9         MARK match 0x0 tcp dpt:https MARK set 0x3
    0     0 MARK       udp  --  any    any     anywhere             192.168.0.9         MARK match 0x0 udp dpt:4521 MARK set 0x3
    9   448 MARK       tcp  --  any    any     anywhere             192.168.0.9         MARK match 0x0 tcp dpt:4580 MARK set 0x3
 2444  122K MARK       tcp  --  any    any     anywhere             192.168.0.9         MARK match 0x0 tcp dpt:4662 MARK set 0x3
 7374  536K MARK       udp  --  any    any     anywhere             192.168.0.9         MARK match 0x0 udp dpt:4672 MARK set 0x3
  337 16667 MARK       tcp  --  any    any     anywhere             192.168.0.9         MARK match 0x0 tcp dpt:6881 MARK set 0x3
 8259 1065K MARK       udp  --  any    any     anywhere             192.168.0.9         MARK match 0x0 udp dpt:6881 MARK set 0x3
    0     0 MARK       all  --  any    any     anywhere             anywhere            MARK match 0x0 LAYER7 l7proto edonkey MARK set 0x3
    0     0 MARK       all  --  any    any     anywhere             anywhere            MARK match 0x0 LAYER7 l7proto bittorrent MARK set 0x3
 175K   44M CONNMARK   all  --  any    any     anywhere             anywhere            CONNMARK save
76563 3862K MARK       tcp  --  any    any     anywhere             anywhere            length 0:128 tcp flags:SYN,RST,ACK/ACK MARK set 0x1
 1130 84914 MARK       icmp --  any    any     anywhere             anywhere            MARK set 0x1
    0     0 MARK       all  --  any    any     anywhere             anywhere            TOS match Minimize-Delay MARK set 0x1
60697   36M MARK       all  --  any    any     anywhere             anywhere            MARK match 0x0 MARK set 0x2
77695 3949K RETURN     all  --  any    any     anywhere             anywhere            MARK match 0x1
60697   36M RETURN     all  --  any    any     anywhere             anywhere            MARK match 0x2
36198 4235K RETURN     all  --  any    any     anywhere             anywhere            MARK match 0x3

Chain wan_mark_chain (1 references)
 pkts bytes target     prot opt in     out     source               destination
 215K  107M CONNMARK   all  --  any    any     anywhere             anywhere            CONNMARK restore
   29  1914 MARK       udp  --  any    any     anywhere             anywhere            MARK match 0x0 udp dpt:domain MARK set 0x1
    0     0 MARK       tcp  --  any    any     192.168.0.9          anywhere            MARK match 0x0 tcp spt:www MARK set 0x3
    0     0 MARK       tcp  --  any    any     192.168.0.9          anywhere            MARK match 0x0 tcp spt:https MARK set 0x3
    0     0 MARK       tcp  --  any    any     192.168.0.9          anywhere            MARK match 0x0 tcp spt:4521 MARK set 0x3
    7   287 MARK       tcp  --  any    any     192.168.0.9          anywhere            MARK match 0x0 tcp spt:4580 MARK set 0x3
   49  4630 MARK       tcp  --  any    any     192.168.0.9          anywhere            MARK match 0x0 tcp spt:4662 MARK set 0x3
 5089  325K MARK       udp  --  any    any     192.168.0.9          anywhere            MARK match 0x0 udp spt:4672 MARK set 0x3
   88 11038 MARK       tcp  --  any    any     192.168.0.9          anywhere            MARK match 0x0 tcp spt:6881 MARK set 0x3
 2767  363K MARK       udp  --  any    any     192.168.0.9          anywhere            MARK match 0x0 udp spt:6881 MARK set 0x3
   21  2350 MARK       all  --  any    any     anywhere             anywhere            MARK match 0x0 LAYER7 l7proto edonkey MARK set 0x3
   42  4536 MARK       all  --  any    any     anywhere             anywhere            MARK match 0x0 LAYER7 l7proto bittorrent MARK set 0x3
 215K  107M CONNMARK   all  --  any    any     anywhere             anywhere            CONNMARK save
59261 3160K MARK       tcp  --  any    any     anywhere             anywhere            length 0:128 tcp flags:SYN,RST,ACK/ACK MARK set 0x1
  679 40746 MARK       icmp --  any    any     anywhere             anywhere            MARK set 0x1
    0     0 MARK       all  --  any    any     anywhere             anywhere            TOS match Minimize-Delay MARK set 0x1
88275   54M MARK       all  --  any    any     anywhere             anywhere            MARK match 0x0 MARK set 0x2
60356 3233K RETURN     all  --  any    any     anywhere             anywhere            MARK match 0x1
88275   54M RETURN     all  --  any    any     anywhere             anywhere            MARK match 0x2
66819   49M RETURN     all  --  any    any     anywhere             anywhere            MARK match 0x3

Traffic stats:
D/U Class    Packets Bytes
D   Express  77714 3950K
D   Normal   60956 37M
D   Bulk     36213 4237K
U   Express  60701 3251K
U   Normal   88301 54M
U   Bulk     66849 49M
felipeds
DD-WRT Novice


Joined: 29 Mar 2008
Posts: 23

PostPosted: Wed Apr 23, 2008 3:52    Post subject: Reply with quote
This stuff is way over my head. Is there an easier solution. Why doesn't the built in QoS work?
kasjak2000
DD-WRT Novice


Joined: 21 Apr 2007
Posts: 42

PostPosted: Thu Aug 14, 2008 22:28    Post subject: QOS script from CaScAdE Reply with quote
Hey guys,

I have here a whr-hp-ag108 v24-sp1 with Kabeldeutschland 26000/1024.

I try to setup the qos.

If I enter the code from CaScAdE (@CaScAdE, great work) line after line (because of debuging), then I get here:

Code:
root@DD-WRT:~# $TC qdisc add dev ${DEV} root handle 1: tbf rate ${RATE}kbit burst 4k latency 30ms


an error:
Code:
RTNETLINK answers: No such file or directory


Why? Confused Has tc-syntax changed since 2006, or what? :?

These are my inputs:

Code:
root@DD-WRT:~# nvram get wan_ifname
eth1
root@DD-WRT:~# TC=/usr/sbin/tc
root@DD-WRT:~# IPTABLES=/usr/sbin/iptables
root@DD-WRT:~# DEV=eth1
root@DD-WRT:~# DOWNLINK=22500
root@DD-WRT:~# RATE=973
root@DD-WRT:~# $TC qdisc del dev $DEV root    2> /dev/null > /dev/null
root@DD-WRT:~# $TC qdisc del dev $DEV ingress 2> /dev/null > /dev/null
root@DD-WRT:~# $IPTABLES -t mangle --flush
root@DD-WRT:~# $IPTABLES -t mangle -A POSTROUTING -p udp --source-port 7077:7097 -j MARK --set-mark 3
root@DD-WRT:~# $IPTABLES -t mangle -A POSTROUTING -m layer7 --l7proto counterstrike-source -j MARK --set-mark 3
root@DD-WRT:~# $IPTABLES -t mangle -A POSTROUTING -m layer7 --l7proto bittorrent -j MARK --set-mark 6
root@DD-WRT:~# $TC qdisc add dev ${DEV} root handle 1: tbf rate ${RATE}kbit burst 4k latency 30ms
RTNETLINK answers: No such file or directory
root@DD-WRT:~#


I want advantage CS:S and my Fritz!Box ATA, disadvantage Torrent, and the rest just standard.

Regards
kasjak2000
teddy_bear
DD-WRT User


Joined: 09 Oct 2008
Posts: 71

PostPosted: Mon Oct 27, 2008 20:55    Post subject: Reply with quote
I just started using this script - basically the version from the first post slightly modified to change the actual RTP ports my ATA uses, add NNTP, and change WAN port...

Wow! What a difference it made! I was struggling to make QoS to work for my VoIP. Tried DD-WRT built-in QoS and Tomato QoS on my ASUS wl-520gu. DD-WRT QoS did not seem to work at all - the voice was still garbled while running torrents or downloading/uploading large files via HTTP. Tomato worked, but limited my download speed at 3900kbps while my actual downlink speed is 6800kbps - no matter what downlink speed I specify (and it doesn't allow 0), and what my other settings were. So finally I tried this script, and it worked! The strange thing is that it also limited my download speed by 3900kbps if I specify any positive value for DOWNLINK parameter. But when DOWNLINK is set to 0, all works perfectly! I can now run torrents and speed tests at the same time, and talk on the phone - with no effect on the sound quality (tested via echo tests). Thank you CaScAdE!

I have a question though - what is the meaning of limits (200 and 700) in the lines below:
Code:
$TC qdisc add dev ${DEV} parent 10:2 handle 200: pfifo limit 200
$TC qdisc add dev ${DEV} parent 10:3 handle 300: pfifo limit 700

Is there any need to adjust these limits? Sorry, I do not really know the whole iptables and tc stuff...
orion121
DD-WRT Novice


Joined: 04 May 2009
Posts: 2

PostPosted: Mon May 04, 2009 3:42    Post subject: Reply with quote
Running CaScAdE's script from the first post I was able to get my network running very smoothly for about a month until we had a new room mate come in who seems to be doing something to his torrents that (after some minor script changes) is not affecting my gaming but is destroying my Ventrilo use. I modified the script to look like

Code:

--snip--

# p2p + ftp gets mark 6
$IPTABLES -t mangle -A PREROUTING -p udp --source-port 1023:65535 -j MARK --set-mark 6
$IPTABLES -t mangle -A POSTROUTING -p udp --source-port 1023:65535 -j MARK --set-mark 6
$IPTABLES -t mangle -A POSTROUTING -m layer7 --l7proto edonkey -j MARK --set-mark 6
$IPTABLES -t mangle -A POSTROUTING -m layer7 --l7proto gnutella -j MARK --set-mark 6
$IPTABLES -t mangle -A POSTROUTING -m layer7 --l7proto bittorrent -j MARK --set-mark 6
$IPTABLES -t mangle -A POSTROUTING -m layer7 --l7proto ftp -j MARK --set-mark 6

# rtp/voice get mark 3
$IPTABLES -t mangle -A POSTROUTING -p udp -m length --length 150:250 -j MARK --set-mark 3
$IPTABLES -t mangle -A POSTROUTING -p udp --source-port 11000:11009 -j MARK --set-mark 3
$IPTABLES -t mangle -A POSTROUTING -m layer7 --l7proto sip -j MARK --set-mark 3
$IPTABLES -t mangle -A POSTROUTING -m layer7 --l7proto teamspeak -j MARK --set-mark 3
$IPTABLES -t mangle -A POSTROUTING -m layer7 --l7proto ventrilo -j MARK --set-mark 3

# gaming gets mark 3 well
$IPTABLES -t mangle -A POSTROUTING -m layer7 --l7proto quake-halflife -j MARK --set-mark 3
$IPTABLES -t mangle -A POSTROUTING -m layer7 --l7proto counterstrike-source -j MARK --set-mark 3
$IPTABLES -t mangle -A POSTROUTING -m layer7 --l7proto teamfortress2 -j MARK --set-mark 3
$IPTABLES -t mangle -A POSTROUTING -m layer7 --l7proto worldofwarcraft -j MARK --set-mark 3

--snip--


If anyone has any ideas on how I can get my ventrilo functioning normally again I'd be thrilled. At his point, after days of playing with difference scripts, I'm looking to beat the technology as the logical and reluctant next step is to get the user to change his torrenting habits.
jay09
DD-WRT Novice


Joined: 07 Sep 2009
Posts: 1

PostPosted: Mon Sep 07, 2009 6:39    Post subject: Reply with quote
Hi,

Thanks for sharing this. It's really useful.

Regards,
Jay
Pret travaux
chjohans
DD-WRT User


Joined: 27 Mar 2008
Posts: 181

PostPosted: Wed Dec 02, 2009 22:36    Post subject: Re: My own shaper script Reply with quote
NeoPolus wrote:
This is my own shapper script, based on this forum thread scripts.

Here goes the script code:

Code:

#!/bin/sh

#######################################################
# npshaper v0.1
#######################################################

# Wan link download speed in Kbits (set to 80%-90% of link capacity; 6000 -> 4800)
DOWNLOAD=4800
# Wan link upload speed in Kbits (set to 80%-90% of link capacity; 600 -> 480)
UPLOAD=480

# Download burst size in Kbytes
D_BURST=50
# Upload burst size in Kbytes
U_BURST=5

# 'Home server' (always on machine used for serving webpages / FTP / P2P / ...)
HOMESERVER_IP=192.168.0.9

#
# Ports used by the 'home server' services
#
HOMESERVER_HTTP_PORT=80
HOMESERVER_HTTPS_PORT=443
HOMESERVER_FTP_PORT=4521
HOMESERVER_HFS_PORT=4580
HOMESERVER_EMULE_TCP_PORT=4662
HOMESERVER_EMULE_UDP_PORT=4672
HOMESERVER_BITTORRENT_PORT=6881


#######################################################

WAN=$(nvram get wan_ifname)
LAN=$(nvram get lan_ifname)

DEBUG=0

if [ "$1" = "start" ]
then

   echo "Starting..."
   
  [ $DEBUG -eq 1 ] && insmod ipt_LOG >&- 2>&-
   insmod cls_fw >&- 2>&-
   #insmod sch_hfsc >&- 2>&-
   insmod sch_htb >&- 2>&-
   insmod ipt_CONNMARK >&- 2>&-
   insmod ipt_length >&- 2>&-
   insmod ipt_limit >&- 2>&-
   insmod ipt_tos >&- 2>&-
   #insmod sch_ingress >&- 2>&-
   insmod ipt_layer7 >&- 2>&-
   #insmod ipt_ipp2p >&- 2>&-
   #insmod ipt_multiport >&- 2>&-
   #insmod cls_u32 >&- 2>&-

   # Remove previous settings
   tc qdisc del dev $WAN root >&- 2>&-
   tc qdisc del dev $LAN root >&- 2>&-
   
   ##### WAN #####
   echo "Setting up Wan interface traffic classes..."
   tc qdisc add dev $WAN root handle 1: htb
     tc class add dev $WAN parent 1: classid 1:1 htb rate ${UPLOAD}kbit ceil ${UPLOAD}kbit burst ${U_BURST}k cburst ${U_BURST}k
       tc class add dev $WAN parent 1:1 classid 1:10 htb rate $(($UPLOAD*5/10))kbit ceil ${UPLOAD}kbit burst ${U_BURST}k cburst ${U_BURST}k prio 0
       tc class add dev $WAN parent 1:1 classid 1:20 htb rate $(($UPLOAD*3/10))kbit ceil ${UPLOAD}kbit burst ${U_BURST}k cburst ${U_BURST}k prio 1
       tc class add dev $WAN parent 1:1 classid 1:30 htb rate $(($UPLOAD*2/10))kbit ceil ${UPLOAD}kbit burst ${U_BURST}k cburst ${U_BURST}k prio 2
   
   tc filter add dev $WAN parent 1: prio 1 protocol ip handle 1 fw flowid 1:10
   tc filter add dev $WAN parent 1: prio 2 protocol ip handle 2 fw flowid 1:20
   tc filter add dev $WAN parent 1: prio 3 protocol ip handle 3 fw flowid 1:30
   
   
   ##### LAN #####
   echo "Setting up Lan interface traffic classes..."
   tc qdisc add dev $LAN root handle 1: htb
     tc class add dev $LAN parent 1: classid 1:1 htb rate ${DOWNLOAD}kbit ceil ${DOWNLOAD}kbit burst ${D_BURST}k cburst ${D_BURST}k
       tc class add dev $LAN parent 1:1 classid 1:10 htb rate $(($DOWNLOAD*5/10))kbit ceil ${DOWNLOAD}kbit burst ${D_BURST}k cburst ${D_BURST}k prio 0
       tc class add dev $LAN parent 1:1 classid 1:20 htb rate $(($DOWNLOAD*3/10))kbit ceil ${DOWNLOAD}kbit burst ${D_BURST}k cburst ${D_BURST}k prio 1
       tc class add dev $LAN parent 1:1 classid 1:30 htb rate $(($DOWNLOAD*2/10))kbit ceil ${DOWNLOAD}kbit burst ${D_BURST}k cburst ${D_BURST}k prio 2
   
   tc filter add dev $LAN parent 1: prio 1 protocol ip handle 1 fw flowid 1:10
   tc filter add dev $LAN parent 1: prio 2 protocol ip handle 2 fw flowid 1:20
   tc filter add dev $LAN parent 1: prio 3 protocol ip handle 3 fw flowid 1:30
   
   
   
   ######################################## MARK CHAIN ##################################################
   
   echo "Setting up classification chains..."
   
   # Remove previous settings
   iptables -t mangle -F
   iptables -t mangle -X
   
   # Wan ('upload' traffic) classification chain
   iptables -t mangle -N wan_mark_chain
   iptables -t mangle -A POSTROUTING -o $WAN -j wan_mark_chain
   
   # Lan ('download' traffic) classification chain
   iptables -t mangle -N lan_mark_chain
   iptables -t mangle -A POSTROUTING -o $LAN -j lan_mark_chain
   
   # Restore any saved connection mark (connection already marked and tracked)
   iptables -t mangle -A wan_mark_chain -j CONNMARK --restore-mark
   iptables -t mangle -A lan_mark_chain -j CONNMARK --restore-mark
   
   
   
   ### RULES BEGIN #####################################
   
   # DNS (outgoing) queries - Express
   iptables -t mangle -A wan_mark_chain -m mark --mark 0 -p udp --dport 53 -j MARK --set-mark 1
   
   # HTTP on home server - Bulk
   iptables -t mangle -A wan_mark_chain -m mark --mark 0 -s $HOMESERVER_IP -p tcp --sport $HOMESERVER_HTTP_PORT -j MARK --set-mark 3
   iptables -t mangle -A lan_mark_chain -m mark --mark 0 -d $HOMESERVER_IP -p tcp --dport $HOMESERVER_HTTP_PORT -j MARK --set-mark 3
   
   # HTTPS on home server - Bulk
   iptables -t mangle -A wan_mark_chain -m mark --mark 0 -s $HOMESERVER_IP -p tcp --sport $HOMESERVER_HTTPS_PORT -j MARK --set-mark 3
   iptables -t mangle -A lan_mark_chain -m mark --mark 0 -d $HOMESERVER_IP -p tcp --dport $HOMESERVER_HTTPS_PORT -j MARK --set-mark 3
   
   # FTP on home server - Bulk
   iptables -t mangle -A wan_mark_chain -m mark --mark 0 -s $HOMESERVER_IP -p tcp --sport $HOMESERVER_FTP_PORT -j MARK --set-mark 3
   iptables -t mangle -A lan_mark_chain -m mark --mark 0 -d $HOMESERVER_IP -p udp --dport $HOMESERVER_FTP_PORT -j MARK --set-mark 3
   
   # HFS on home server - Bulk
   iptables -t mangle -A wan_mark_chain -m mark --mark 0 -s $HOMESERVER_IP -p tcp --sport $HOMESERVER_HFS_PORT -j MARK --set-mark 3
   iptables -t mangle -A lan_mark_chain -m mark --mark 0 -d $HOMESERVER_IP -p tcp --dport $HOMESERVER_HFS_PORT -j MARK --set-mark 3
   
   # Edonkey on home server - Bulk
   iptables -t mangle -A wan_mark_chain -m mark --mark 0 -s $HOMESERVER_IP -p tcp --sport $HOMESERVER_EMULE_TCP_PORT -j MARK --set-mark 3
   iptables -t mangle -A lan_mark_chain -m mark --mark 0 -d $HOMESERVER_IP -p tcp --dport $HOMESERVER_EMULE_TCP_PORT -j MARK --set-mark 3
   iptables -t mangle -A wan_mark_chain -m mark --mark 0 -s $HOMESERVER_IP -p udp --sport $HOMESERVER_EMULE_UDP_PORT -j MARK --set-mark 3
   iptables -t mangle -A lan_mark_chain -m mark --mark 0 -d $HOMESERVER_IP -p udp --dport $HOMESERVER_EMULE_UDP_PORT -j MARK --set-mark 3
   
   # Bittorrent on home server - Bulk
   iptables -t mangle -A wan_mark_chain -m mark --mark 0 -s $HOMESERVER_IP -p tcp --sport $HOMESERVER_BITTORRENT_PORT -j MARK --set-mark 3
   iptables -t mangle -A lan_mark_chain -m mark --mark 0 -d $HOMESERVER_IP -p tcp --dport $HOMESERVER_BITTORRENT_PORT -j MARK --set-mark 3
   iptables -t mangle -A wan_mark_chain -m mark --mark 0 -s $HOMESERVER_IP -p udp --sport $HOMESERVER_BITTORRENT_PORT -j MARK --set-mark 3
   iptables -t mangle -A lan_mark_chain -m mark --mark 0 -d $HOMESERVER_IP -p udp --dport $HOMESERVER_BITTORRENT_PORT -j MARK --set-mark 3
   
   # Edonkey 'catch-all' - Bulk
   iptables -t mangle -A wan_mark_chain -m mark --mark 0 -m layer7 --l7proto edonkey -j MARK --set-mark 3
   iptables -t mangle -A lan_mark_chain -m mark --mark 0 -m layer7 --l7proto edonkey -j MARK --set-mark 3
   
   # Bittorrent 'catch-all' - Bulk
   iptables -t mangle -A wan_mark_chain -m mark --mark 0 -m layer7 --l7proto bittorrent -j MARK --set-mark 3
   iptables -t mangle -A lan_mark_chain -m mark --mark 0 -m layer7 --l7proto bittorrent -j MARK --set-mark 3
   
   
   ### RULES END #####################################
   
   
   
   # Save mark so we track the full connection
   iptables -t mangle -A wan_mark_chain -j CONNMARK --save-mark
   iptables -t mangle -A lan_mark_chain -j CONNMARK --save-mark
   
   # ACK packets and suck (connection control) - Express
   iptables -t mangle -A wan_mark_chain -p tcp -m length --length :128 --tcp-flags SYN,RST,ACK ACK -j MARK --set-mark 1
   iptables -t mangle -A lan_mark_chain -p tcp -m length --length :128 --tcp-flags SYN,RST,ACK ACK -j MARK --set-mark 1
   
   # ICMP (ping and such) - Express
   iptables -t mangle -A wan_mark_chain -p icmp -j MARK --set-mark 1
   iptables -t mangle -A lan_mark_chain -p icmp -j MARK --set-mark 1
   
   # TOS Minimize-Delay - Express
   iptables -t mangle -A wan_mark_chain -m tos --tos Minimize-Delay -j MARK --set-mark 1
   iptables -t mangle -A lan_mark_chain -m tos --tos Minimize-Delay -j MARK --set-mark 1
   
   # Default (anything else) - Normal
   iptables -t mangle -A wan_mark_chain -m mark --mark 0 -j MARK --set-mark 2
   iptables -t mangle -A lan_mark_chain -m mark --mark 0 -j MARK --set-mark 2
   
   
   ######################################################################################################
   
   echo "Setting up debugging..."
   
   [ $DEBUG -eq 1 ] && iptables -t mangle -A wan_mark_chain -m mark --mark 1 -j LOG --log-prefix wan_qos_express::
   [ $DEBUG -eq 1 ] && iptables -t mangle -A wan_mark_chain -m mark --mark 2 -j LOG --log-prefix wan_qos_normal::
   [ $DEBUG -eq 1 ] && iptables -t mangle -A wan_mark_chain -m mark --mark 3 -j LOG --log-prefix wan_qos_bulk::
   
   [ $DEBUG -eq 1 ] && iptables -t mangle -A lan_mark_chain -m mark --mark 1 -j LOG --log-prefix lan_qos_express::
   [ $DEBUG -eq 1 ] && iptables -t mangle -A lan_mark_chain -m mark --mark 2 -j LOG --log-prefix lan_qos_normal::
   [ $DEBUG -eq 1 ] && iptables -t mangle -A lan_mark_chain -m mark --mark 3 -j LOG --log-prefix lan_qos_bulk::
   
   echo "Setting up accounting..."
   
   iptables -t mangle -A wan_mark_chain -m mark --mark 1 -j RETURN
   iptables -t mangle -A wan_mark_chain -m mark --mark 2 -j RETURN
   iptables -t mangle -A wan_mark_chain -m mark --mark 3 -j RETURN
   
   iptables -t mangle -A lan_mark_chain -m mark --mark 1 -j RETURN
   iptables -t mangle -A lan_mark_chain -m mark --mark 2 -j RETURN
   iptables -t mangle -A lan_mark_chain -m mark --mark 3 -j RETURN
   
   echo "...OK, all done."

fi

########################################

if [ "$1" = "status" ]
then
   echo "--- Current status ---"
   echo "--- WAN (Upload) ---"

   tc -s qdisc ls dev $WAN
   tc -s class ls dev $WAN
   echo ""
   echo "--- LAN (Download) ---"

   tc -s qdisc ls dev $LAN
   tc -s class ls dev $LAN
   echo ""
   echo "--- Classification chains ---"
   iptables -L -v -t mangle
   echo ""
fi

if [ "$1" = "stats" ]
then
   LAN_EXPRESS_PACKETS=`iptables -L -v -n -t mangle | grep "RETURN" | grep "match 0x1" | head -n 1 | awk '{print $1}'`
   LAN_NORMAL_PACKETS=`iptables -L -v -n -t mangle | grep "RETURN" | grep "match 0x2" | head -n 1 | awk '{print $1}'`
   LAN_BULK_PACKETS=`iptables -L -v -n -t mangle | grep "RETURN" | grep "match 0x3" | head -n 1 | awk '{print $1}'`
   LAN_EXPRESS_BYTES=`iptables -L -v -n -t mangle | grep "RETURN" | grep "match 0x1" | head -n 1 | awk '{print $2}'`
   LAN_NORMAL_BYTES=`iptables -L -v -n -t mangle | grep "RETURN" | grep "match 0x2" | head -n 1 | awk '{print $2}'`
   LAN_BULK_BYTES=`iptables -L -v -n -t mangle | grep "RETURN" | grep "match 0x3" | head -n 1 | awk '{print $2}'`
   
   WAN_EXPRESS_PACKETS=`iptables -L -v -n -t mangle | grep "RETURN" | grep "match 0x1" | tail -n 1 | awk '{print $1}'`
   WAN_NORMAL_PACKETS=`iptables -L -v -n -t mangle | grep "RETURN" | grep "match 0x2" | tail -n 1 | awk '{print $1}'`
   WAN_BULK_PACKETS=`iptables -L -v -n -t mangle | grep "RETURN" | grep "match 0x3" | tail -n 1 | awk '{print $1}'`
   WAN_EXPRESS_BYTES=`iptables -L -v -n -t mangle | grep "RETURN" | grep "match 0x1" | tail -n 1 | awk '{print $2}'`
   WAN_NORMAL_BYTES=`iptables -L -v -n -t mangle | grep "RETURN" | grep "match 0x2" | tail -n 1 | awk '{print $2}'`
   WAN_BULK_BYTES=`iptables -L -v -n -t mangle | grep "RETURN" | grep "match 0x3" | tail -n 1 | awk '{print $2}'`
   
   echo "Traffic stats:"
   echo "D/U Class    Packets Bytes"
   echo "D   Express  $LAN_EXPRESS_PACKETS $LAN_EXPRESS_BYTES"
   echo "D   Normal   $LAN_NORMAL_PACKETS $LAN_NORMAL_BYTES"
   echo "D   Bulk     $LAN_BULK_PACKETS $LAN_BULK_BYTES"
   echo "U   Express  $WAN_EXPRESS_PACKETS $WAN_EXPRESS_BYTES"
   echo "U   Normal   $WAN_NORMAL_PACKETS $WAN_NORMAL_BYTES"
   echo "U   Bulk     $WAN_BULK_PACKETS $WAN_BULK_BYTES"
fi


Ok, so what does this script do?

Well, it creates the next traffic classes:
Code:

UPLOAD (WAN OUTPUT)
1 ----+ 1:1
      |
      |----> 1:10 Express
      |----> 1:20 Normal
      |----> 1:30 Bulk

DOWNLOAD (LAN OUTPUT)
1 ----+ 1:1
      |
      |----> 1:10 Express
      |----> 1:20 Normal
      |----> 1:30 Bulk


Usage:
npshaper.sh start - Start the shapper (set the QOS rules)
npshaper.sh status - Print the QOS rules and stats
npshaper.sh stats - Print the basic express/normal/bulk classes stats

The script will set rules for shapping:
- Downloading traffic on the LAN output side (traffic that comes from the internet, gets queued on the router or droped if needed, before going into the lan)
- Uploading traffic on the WAN side (traffic going from the lan, gets queued on the router or droped if needed, before going to internet).

Traffic is asigned to one of the three classes by packet marking them with marks 1 (traffic control, pings, and such goes into express 1:10), 2 (default, goes into 1:20) or 3 (bulk, like p2p, goes into 1:30)

The "### RULES BEGIN ### ... ### RULES END ###" section is meant to be edited so you can add custom rules to set what is 'bulk', 'normal' or 'express' traffic (via the marks).

By default it classifies P2P, web serving or FTP data comming from, or going to, the 'home server' (I have an always on computer that I use as a web server and P2P client) as 'bulk'.
This way, the rest of the computers on the network ( doing web surfing, gaming, voice...) won't even notice (no high latency) when eMule is running, or when somebody is using the 'home server' FTP.

Though the script is far from perfect, I think it has one main advantage: it classifies both the 'download' and 'upload' connections!
CaScAdE script, on the downloading side, just shapes the wan ingress (download), so it does "drop anything that is coming in too fast"; but does not classify it so some traffic classes get priority and guaranted bandwidth.


As an example of the 'results', this is my current 'status' (tc qdiscs, tc classes and iptables mangle chain)

Code:

# /jffs/etc/bbshaper.sh status
--- Current status ---
--- WAN (Upload) ---
qdisc htb 1: r2q 10 default 0 direct_packets_stat 23
 Sent 108459650 bytes 214524 pkts (dropped 973, overlimits 3658)
class htb 1:1 root rate 480000bit ceil 480000bit burst 5Kb cburst 5Kb
 Sent 108446797 bytes 214511 pkts (dropped 0, overlimits 0)
 rate 186152bit 82pps
 lended: 12754 borrowed: 0 giants: 0
 tokens: 130762 ctokens: 130762

class htb 1:10 parent 1:1 prio 0 rate 240000bit ceil 480000bit burst 5Kb cburst 5Kb
 Sent 4078000 bytes 60349 pkts (dropped 0, overlimits 0)
 rate 28344bit 61pps
 lended: 60349 borrowed: 0 giants: 0
 tokens: 261523 ctokens: 130762

class htb 1:20 parent 1:1 prio 1 rate 144000bit ceil 480000bit burst 5Kb cburst 5Kb
 Sent 54175080 bytes 87561 pkts (dropped 715, overlimits 0)
 rate 111776bit 12pps
 lended: 84236 borrowed: 3325 giants: 0
 tokens: 208386 ctokens: 63049

class htb 1:30 parent 1:1 prio 2 rate 96000bit ceil 480000bit burst 5Kb cburst 5Kb
 Sent 50193717 bytes 66601 pkts (dropped 258, overlimits 0)
 rate 49816bit 9pps
 lended: 57172 borrowed: 9429 giants: 0
 tokens: 75518 ctokens: 123956


--- LAN (Download) ---
qdisc htb 1: r2q 10 default 0 direct_packets_stat 273
 Sent 46355930 bytes 173969 pkts (dropped 65, overlimits 107)
class htb 1:1 root rate 4800Kbit ceil 4800Kbit burst 50Kb cburst 50Kb
 Sent 46347701 bytes 173699 pkts (dropped 0, overlimits 0)
 rate 1250Kbit 124pps
 lended: 9061 borrowed: 0 giants: 0
 tokens: 126438 ctokens: 126438

class htb 1:10 parent 1:1 prio 0 rate 2400Kbit ceil 4800Kbit burst 50Kb cburst 50Kb
 Sent 5037602 bytes 77708 pkts (dropped 0, overlimits 0)
 rate 6944bit 14pps
 lended: 77708 borrowed: 0 giants: 0
 tokens: 263751 ctokens: 131876

class htb 1:20 parent 1:1 prio 1 rate 1440Kbit ceil 4800Kbit burst 50Kb cburst 50Kb
 Sent 36566602 bytes 59775 pkts (dropped 65, overlimits 0)
 rate 1245Kbit 104pps
 lended: 50714 borrowed: 9061 giants: 0
 tokens: -7882 ctokens: 126438

class htb 1:30 parent 1:1 prio 2 rate 960000bit ceil 4800Kbit burst 50Kb cburst 50Kb
 Sent 4743497 bytes 36216 pkts (dropped 0, overlimits 0)
 rate 5904bit 6pps
 lended: 36216 borrowed: 0 giants: 0
 tokens: 658142 ctokens: 131628


--- Classification chains ---
Chain PREROUTING (policy ACCEPT 890K packets, 290M bytes)
 pkts bytes target     prot opt in     out     source               destination

Chain INPUT (policy ACCEPT 373K packets, 77M bytes)
 pkts bytes target     prot opt in     out     source               destination

Chain FORWARD (policy ACCEPT 1584K packets, 691M bytes)
 pkts bytes target     prot opt in     out     source               destination

Chain OUTPUT (policy ACCEPT 339K packets, 76M bytes)
 pkts bytes target     prot opt in     out     source               destination

Chain POSTROUTING (policy ACCEPT 1950K packets, 777M bytes)
 pkts bytes target     prot opt in     out     source               destination
 215K  107M wan_mark_chain  all  --  any    vlan1   anywhere             anywhere
 175K   44M lan_mark_chain  all  --  any    br0     anywhere             anywhere

Chain lan_mark_chain (1 references)
 pkts bytes target     prot opt in     out     source               destination
 175K   44M CONNMARK   all  --  any    any     anywhere             anywhere            CONNMARK restore
   11   540 MARK       tcp  --  any    any     anywhere             192.168.0.9         MARK match 0x0 tcp dpt:www MARK set 0x3
    0     0 MARK       tcp  --  any    any     anywhere             192.168.0.9         MARK match 0x0 tcp dpt:https MARK set 0x3
    0     0 MARK       udp  --  any    any     anywhere             192.168.0.9         MARK match 0x0 udp dpt:4521 MARK set 0x3
    9   448 MARK       tcp  --  any    any     anywhere             192.168.0.9         MARK match 0x0 tcp dpt:4580 MARK set 0x3
 2444  122K MARK       tcp  --  any    any     anywhere             192.168.0.9         MARK match 0x0 tcp dpt:4662 MARK set 0x3
 7374  536K MARK       udp  --  any    any     anywhere             192.168.0.9         MARK match 0x0 udp dpt:4672 MARK set 0x3
  337 16667 MARK       tcp  --  any    any     anywhere             192.168.0.9         MARK match 0x0 tcp dpt:6881 MARK set 0x3
 8259 1065K MARK       udp  --  any    any     anywhere             192.168.0.9         MARK match 0x0 udp dpt:6881 MARK set 0x3
    0     0 MARK       all  --  any    any     anywhere             anywhere            MARK match 0x0 LAYER7 l7proto edonkey MARK set 0x3
    0     0 MARK       all  --  any    any     anywhere             anywhere            MARK match 0x0 LAYER7 l7proto bittorrent MARK set 0x3
 175K   44M CONNMARK   all  --  any    any     anywhere             anywhere            CONNMARK save
76563 3862K MARK       tcp  --  any    any     anywhere             anywhere            length 0:128 tcp flags:SYN,RST,ACK/ACK MARK set 0x1
 1130 84914 MARK       icmp --  any    any     anywhere             anywhere            MARK set 0x1
    0     0 MARK       all  --  any    any     anywhere             anywhere            TOS match Minimize-Delay MARK set 0x1
60697   36M MARK       all  --  any    any     anywhere             anywhere            MARK match 0x0 MARK set 0x2
77695 3949K RETURN     all  --  any    any     anywhere             anywhere            MARK match 0x1
60697   36M RETURN     all  --  any    any     anywhere             anywhere            MARK match 0x2
36198 4235K RETURN     all  --  any    any     anywhere             anywhere            MARK match 0x3

Chain wan_mark_chain (1 references)
 pkts bytes target     prot opt in     out     source               destination
 215K  107M CONNMARK   all  --  any    any     anywhere             anywhere            CONNMARK restore
   29  1914 MARK       udp  --  any    any     anywhere             anywhere            MARK match 0x0 udp dpt:domain MARK set 0x1
    0     0 MARK       tcp  --  any    any     192.168.0.9          anywhere            MARK match 0x0 tcp spt:www MARK set 0x3
    0     0 MARK       tcp  --  any    any     192.168.0.9          anywhere            MARK match 0x0 tcp spt:https MARK set 0x3
    0     0 MARK       tcp  --  any    any     192.168.0.9          anywhere            MARK match 0x0 tcp spt:4521 MARK set 0x3
    7   287 MARK       tcp  --  any    any     192.168.0.9          anywhere            MARK match 0x0 tcp spt:4580 MARK set 0x3
   49  4630 MARK       tcp  --  any    any     192.168.0.9          anywhere            MARK match 0x0 tcp spt:4662 MARK set 0x3
 5089  325K MARK       udp  --  any    any     192.168.0.9          anywhere            MARK match 0x0 udp spt:4672 MARK set 0x3
   88 11038 MARK       tcp  --  any    any     192.168.0.9          anywhere            MARK match 0x0 tcp spt:6881 MARK set 0x3
 2767  363K MARK       udp  --  any    any     192.168.0.9          anywhere            MARK match 0x0 udp spt:6881 MARK set 0x3
   21  2350 MARK       all  --  any    any     anywhere             anywhere            MARK match 0x0 LAYER7 l7proto edonkey MARK set 0x3
   42  4536 MARK       all  --  any    any     anywhere             anywhere            MARK match 0x0 LAYER7 l7proto bittorrent MARK set 0x3
 215K  107M CONNMARK   all  --  any    any     anywhere             anywhere            CONNMARK save
59261 3160K MARK       tcp  --  any    any     anywhere             anywhere            length 0:128 tcp flags:SYN,RST,ACK/ACK MARK set 0x1
  679 40746 MARK       icmp --  any    any     anywhere             anywhere            MARK set 0x1
    0     0 MARK       all  --  any    any     anywhere             anywhere            TOS match Minimize-Delay MARK set 0x1
88275   54M MARK       all  --  any    any     anywhere             anywhere            MARK match 0x0 MARK set 0x2
60356 3233K RETURN     all  --  any    any     anywhere             anywhere            MARK match 0x1
88275   54M RETURN     all  --  any    any     anywhere             anywhere            MARK match 0x2
66819   49M RETURN     all  --  any    any     anywhere             anywhere            MARK match 0x3

Traffic stats:
D/U Class    Packets Bytes
D   Express  77714 3950K
D   Normal   60956 37M
D   Bulk     36213 4237K
U   Express  60701 3251K
U   Normal   88301 54M
U   Bulk     66849 49M


Trying toe get this script to work on a WRT610N with DD-WRT v24-sp2 (11/25/09) big - build 13309M NEWD-2 Eko but it simply wont work at all. This is from a pretty old post so does anyone have a clue as to why this won't work? Any possible changes in later versions of dd-wrt that will prevent this from working?
vaccarina
DD-WRT Novice


Joined: 24 Dec 2009
Posts: 1

PostPosted: Thu Dec 24, 2009 10:43    Post subject: Reply with quote
What other services can I use besides Skype that are trustworthy and effective? Unfortunetly, Skype does not network with a country that I wish to communicate with. Are there other options out there for internet/phone communicating?
_____________________
yahoo keyword tool ~ overture ~ traffic estimator ~ adwords traffic estimator
DD-weird
DD-WRT Novice


Joined: 10 Oct 2010
Posts: 1

PostPosted: Sun Oct 10, 2010 21:38    Post subject: Reply with quote
Sorry, if this question already exists, but what i have to do to play without lags ? As far as im concerned, QOS doesnot work. My sister always wathes movies online and i have bad ping. I have Asus WL-520GC and dd-wrt micro. Also i connected another router for me personnaly and at sistas router set low transmittion fixed rate and low tx power, but i still have troubles like all these settings does not work at all!!!
Jedi2155
DD-WRT Novice


Joined: 14 Sep 2010
Posts: 10
Location: SoCal

PostPosted: Sat Apr 09, 2011 12:58    Post subject: Reply with quote
Are these instructions still valid or is QoS in the current build 16454 as good as what these instructions suggests?

I'm also looking into possibly adding a League of Legends and a Crysis 2 l7-filter but I'm not too sure of how to do that and add it. I'm looking at this document:

http://l7-filter.sourceforge.net/layer7-protocols/protocols/worldofwarcraft.pat

and I'm assuming I can use wireshark to maybe sniff some UDP packets from those games to get the correct patterns necessary to improve the QoS for those applications?
mjurgens
DD-WRT Novice


Joined: 12 Jan 2011
Posts: 20

PostPosted: Fri Aug 05, 2011 0:42    Post subject: Reply with quote
Try this info on setting up QoS on your Internet link. I use it. I can have full speed torrents running and still have excellent response time (latency/lag) in first person shooter games.

http://edcint.co.nz/misc/lartc/index.html
dame23
DD-WRT Novice


Joined: 07 Jun 2012
Posts: 4

PostPosted: Sat Jun 09, 2012 15:29    Post subject: Reply with quote
im new

can someone tell me how i can get this to work on my dir 600b2 r15962?

i tried to put this on my firewall but failed nothing showed?

by using this

tc class show dev `get_wanface`
tc class show dev br0
tc class show dev imq0

but when i test the iptables it shows the settings??
Sash
DD-WRT Guru


Joined: 20 Sep 2006
Posts: 17485
Location: Hesse/Germany

PostPosted: Sun Jun 10, 2012 21:48    Post subject: Reply with quote
just upgrade and use qos
_________________
Forum Guidelines...How to get help
&
Forum Rules
&
RTFM/STFW
&
Throw some buzzwords into the WIKI search Exclamation
_________________
I'm NOT rude, just offer pure facts!
_________________
Atheros (TP-Link & Clones, etc ) debrick service in EU
_________________
Guide on HowTo be Safe, Secure and Protect Your Online Anonymity!
siempresuamor
DD-WRT Novice


Joined: 06 Sep 2012
Posts: 2

PostPosted: Thu Sep 06, 2012 17:31    Post subject: Just want fix the default classes for dd-wrt? Reply with quote
I just want to fix the default classes that come in dd-wrt so they will work right, that way to make changes I can just pick the classes/ports/ips/macs I want using the web interface like it is supposed to be.

This is what I want to "CHANGE" the default classes to be:
    Exempt: 1% - 50% of bandwidth (never more)
    Premium: 15% - 20% of bandwidth (never more)
    Express: 10% - 15% of bandwidth (never more)
    Standard: 5% - 10% of bandwidth (never more)
    Bulk: 1% - 5% of bandwidth (never more)


The reason they don't work for me is for example, I never want "Bulk" to run faster than 50kb (modem speed slow) so I pick "Bulk" and the port, but apparently it doesn't care, since it is the only thing running it still gets full priority, runs at 50000kb (100%), but I never ever want a bulk download to run that fast, not even if it is the only thing running, I want to spread the data load out over time to truly limit the total amount of data that can flow through bulk over a given day/week/month. The default classes allow unlimited data to flow throw all classes at 100% at any given time depending on loads, so this is not at all useful in limiting the TOTAL amount of data that goes through each class over time, so these default classes simply don't work:

    100 Exempt: 100mbps ignore global limits.
    10 Premium: 75% - 100%
    20 Express: 15% - 100%
    30 Standard: 10% - 100%
    40 Bulk: 1.5% - 100%
    0 no QoS matched


For the moment I keep trying to use the "TC" command at root to "CHANGE" the existing "BULK 40" class trying only to limit it to a 1% to 5% limit then apply it to all ports, all the time, but I can't get even this to work, everything still runs at full speed all the time.

If I get the proper command to change one class limit and force every Bulk download into it's class and stay there all the time then I could modify to change every default class to work as needed. Can anybody help?

I'll even write a code generator for it once I am done so others can simply pick from the drop down and generate the code changes to the default classes we want since surely everybody will want different speed limits for each class depending on their bandwidth and loads, and I'm sure we'd all rather make changes to the web interface once we've got the percentages for the classes spread out as needed. Currently it appears that the QoS screen as-is goes practically unused because there is no easy way to modify the default classes in dd-wrt, most people even assume that the QoS screen doesn't even work at all.

These are the restrictions I eventually aim to achieve:
    5 Web conference (Exempt 1-50%)
    5 Streaming Video/Music (Premium 15-20%)
    5 PCs (Express 10-15%)
    5 VOIP (Standard 5-10%)
    1 Gaming (Bulk 1-5%)
    5 p2p/ftp/etc (Bulk 1-5%)

This way everything can be on all the time, and bandwidth will never get pulled from a low priority to be handed over to a higher one, it is simply always available because restrictions stay on all the time to prevent too much data usage of any specific class without ever cutting them off completely, nor speeding them up nor down and each will always stay at a static speed limit no matter how much traffic is on the network based solely off of port usage so I can quickly connect and disconnect as many devices as needed without having to hard code in macs and ips every time I switch out equipment/devices, which I do daily.
Goto page Previous  1, 2, 3, 4 Display posts from previous:    Page 4 of 4
Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Contributions Upload All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum