DD-WRT :: View topic - QOS + prioritize ACK-packets @ whr-hp-ag108 V24SP2build14896

QOS + prioritize ACK-packets @ whr-hp-ag108 V24SP2build14896

DD-WRT Forum Index -> Advanced Networking

View previous topic :: View next topic

Author

Message

kasjak2000
DD-WRT Novice

Joined: 21 Apr 2007
Posts: 42

Posted: Wed Nov 07, 2012 9:11 Post subject: QOS + prioritize ACK-packets @ whr-hp-ag108 V24SP2build14896

Hey guys,

i'm currently running successful QOS @ whr-hp-ag108 V24SP2build14896.

This is my config in the webiterface:

And here in comandline:

Code:

root@DD-WRT:~# tc qdisc show dev ppp0
qdisc htb 1: root r2q 10 default 30 direct_packets_stat 0
qdisc sfq 100: parent 1:100 limit 127p quantum 1492b perturb 10sec
qdisc sfq 10: parent 1:10 limit 127p quantum 1492b perturb 10sec
qdisc sfq 20: parent 1:20 limit 127p quantum 1492b perturb 10sec
qdisc sfq 30: parent 1:30 limit 127p quantum 1492b perturb 10sec
qdisc sfq 40: parent 1:40 limit 127p quantum 1492b perturb 10sec
root@DD-WRT:~#

root@DD-WRT:~# tc class show dev ppp0
class htb 1:10 parent 1:2 leaf 10: prio 4 rate 438000bit ceil 585000bit burst 6Kb cburst 2330b
class htb 1:100 parent 1:1 leaf 100: prio 2 rate 100000Kbit ceil 100000Kbit burst 1000Kb cburst 126587b
class htb 1:1 root rate 100000Kbit ceil 100000Kbit burst 1000Kb cburst 126587b
class htb 1:20 parent 1:2 leaf 20: prio 5 rate 87000bit ceil 585000bit burst 6Kb cburst 2330b
class htb 1:2 parent 1:1 rate 585000bit ceil 585000bit burst 6Kb cburst 2330b
class htb 1:30 parent 1:2 leaf 30: prio 6 rate 58000bit ceil 585000bit burst 6Kb cburst 2330b
class htb 1:40 parent 1:2 leaf 40: prio 7 rate 1000bit ceil 585000bit burst 6Kb cburst 2330b
root@DD-WRT:~#

root@DD-WRT:~# iptables -t mangle -vnL
Chain PREROUTING (policy ACCEPT 619K packets, 503M bytes)
pkts bytes target prot opt in out source destination
239K 23M IMQ 0 -- br0 * 0.0.0.0/0 0.0.0.0/0 IMQ: todev 0
380K 480M SVQOS_IN 0 -- ppp0 * 0.0.0.0/0 0.0.0.0/0

Chain INPUT (policy ACCEPT 28103 packets, 2784K bytes)
pkts bytes target prot opt in out source destination

Chain FORWARD (policy ACCEPT 4818K packets, 3028M bytes)
pkts bytes target prot opt in out source destination
377K 480M IMQ 0 -- ppp0 * 0.0.0.0/0 0.0.0.0/0 IMQ: todev 0

Chain OUTPUT (policy ACCEPT 6444 packets, 692K bytes)
pkts bytes target prot opt in out source destination

Chain POSTROUTING (policy ACCEPT 4837K packets, 3031M bytes)
pkts bytes target prot opt in out source destination
234K 23M SVQOS_OUT 0 -- * ppp0 0.0.0.0/0 0.0.0.0/0

Chain SVQOS_IN (1 references)
pkts bytes target prot opt in out source destination
380K 480M CONNMARK 0 -- * * 0.0.0.0/0 0.0.0.0/0 CONNMARK restore
365K 478M RETURN 0 -- * * 0.0.0.0/0 0.0.0.0/0 MARK match !0x0
0 0 MARK 0 -- * * 192.168.1.229 0.0.0.0/0 MARK match 0x0 MARK set 0x28
0 0 MARK 0 -- * * 0.0.0.0/0 192.168.1.229 MARK match 0x0 MARK set 0x28
0 0 MARK 0 -- * * 192.168.1.97 0.0.0.0/0 MARK match 0x0 MARK set 0xa
0 0 MARK 0 -- * * 0.0.0.0/0 192.168.1.97 MARK match 0x0 MARK set 0xa
1 60 MARK 0 -- * * 0.0.0.0/0 0.0.0.0/0 LAYER7 l7proto dns MARK match 0x0 MARK set 0xa
186 194K MARK 0 -- * * 0.0.0.0/0 0.0.0.0/0 LAYER7 l7proto ssl MARK match 0x0 MARK set 0x14
1661 1511K MARK 0 -- * * 0.0.0.0/0 0.0.0.0/0 LAYER7 l7proto http MARK match 0x0 MARK set 0x14
15825 2571K CONNMARK 0 -- * * 0.0.0.0/0 0.0.0.0/0 CONNMARK save
15825 2571K RETURN 0 -- * * 0.0.0.0/0 0.0.0.0/0

Chain SVQOS_OUT (1 references)
pkts bytes target prot opt in out source destination
234K 23M CONNMARK 0 -- * * 0.0.0.0/0 0.0.0.0/0 CONNMARK restore
201K 20M RETURN 0 -- * * 0.0.0.0/0 0.0.0.0/0 MARK match !0x0
1503 85516 MARK 0 -- * * 192.168.1.229 0.0.0.0/0 MARK match 0x0 MARK set 0x28
0 0 MARK 0 -- * * 0.0.0.0/0 192.168.1.229 MARK match 0x0 MARK set 0x28
171 128K MARK 0 -- * * 192.168.1.97 0.0.0.0/0 MARK match 0x0 MARK set 0xa
0 0 MARK 0 -- * * 0.0.0.0/0 192.168.1.97 MARK match 0x0 MARK set 0xa
1895 127K MARK 0 -- * * 0.0.0.0/0 0.0.0.0/0 LAYER7 l7proto dns MARK match 0x0 MARK set 0xa
0 0 MARK 0 -- * * 0.0.0.0/0 0.0.0.0/0 LAYER7 l7proto ssl MARK match 0x0 MARK set 0x14
191 98146 MARK 0 -- * * 0.0.0.0/0 0.0.0.0/0 LAYER7 l7proto http MARK match 0x0 MARK set 0x14
32952 3348K CONNMARK 0 -- * * 0.0.0.0/0 0.0.0.0/0 CONNMARK save
32952 3348K RETURN 0 -- * * 0.0.0.0/0 0.0.0.0/0
root@DD-WRT:~#

Now I would like to prioritize all tcp ACK-packets that are smaller equal 64 Bytes.
This packets should go to class 10.

Is this comand right to realize it?

Code:

iptables -A POSTROUTING -t mangle -o ppp0 -p tcp -m length --length :64 -j MARK --set-mark 0xa

This comand should be boot and 24h reconnect resistant, so where I should put it in?

Thanx.

Sponsor

kasjak2000
DD-WRT Novice

Joined: 21 Apr 2007
Posts: 42

Posted: Fri Nov 09, 2012 18:15 Post subject:
Folks, I need your help

kasjak2000
DD-WRT Novice

Joined: 21 Apr 2007
Posts: 42

Posted: Tue Nov 13, 2012 19:48 Post subject:

Hey guys,

ok, after one week waiting of your suggestion, i have just tried it.

We are remembering us, I wanted to mark all tcp ack packets with 10, so that they all can go to class 10 (premium).

I have extended the 'POSTROUTING' chain with putting this command in the webui to 'Administration/Commands' and pushed the bitton 'save firewall':

Code:

iptables -A POSTROUTING -t mangle -o ppp0 -p tcp -m length --length :64 -j MARK --set-mark 10

and rebooted the router.
During downloading a debian file via http or ftp with 725KB/s speed I got this result:

Code:

root@DD-WRT:~# tc -s class ls dev ppp0
[b]class htb 1:10 parent 1:2[/b] leaf 10: prio 4 rate 438000bit ceil 585000bit burst 6Kb cburst 2330b
Sent 6665744 bytes 161680 pkt (dropped 0, overlimits 0 requeues 0)
[b]rate 77560bit[/b] 239pps backlog 0b 0p requeues 0
lended: 161680 borrowed: 0 giants: 0
tokens: 106885 ctokens: 29715

class htb 1:100 parent 1:1 leaf 100: prio 2 rate 100000Kbit ceil 100000Kbit burst 1000Kb cburst 126587b
Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0)
rate 0bit 0pps backlog 0b 0p requeues 0
lended: 0 borrowed: 0 giants: 0
tokens: 80000 ctokens: 9890

class htb 1:1 root rate 100000Kbit ceil 100000Kbit burst 1000Kb cburst 126587b
Sent 6980140 bytes 162596 pkt (dropped 0, overlimits 0 requeues 0)
rate 78240bit 240pps backlog 0b 0p requeues 0
lended: 0 borrowed: 0 giants: 0
tokens: 79998 ctokens: 9888

class htb 1:20 parent 1:2 leaf 20: prio 5 rate 87000bit ceil 585000bit burst 6Kb cburst 2330b
Sent 159436 bytes 372 pkt (dropped 0, overlimits 0 requeues 0)
rate 8bit 0pps backlog 0b 0p requeues 0
lended: 369 borrowed: 3 giants: 0
tokens: 545259 ctokens: 30168

class htb 1:2 parent 1:1 rate 585000bit ceil 585000bit burst 6Kb cburst 2330b
Sent 6980140 bytes 162596 pkt (dropped 0, overlimits 0 requeues 0)
rate 78240bit 240pps backlog 0b 0p requeues 0
lended: 3 borrowed: 0 giants: 0
tokens: 80637 ctokens: 29715

class htb 1:30 parent 1:2 leaf 30: prio 6 rate 58000bit ceil 585000bit burst 6Kb cburst 2330b
Sent 154960 bytes 544 pkt (dropped 0, overlimits 0 requeues 0)
rate 672bit 1pps backlog 0b 0p requeues 0
lended: 544 borrowed: 0 giants: 0
tokens: 734529 ctokens: 30168

class htb 1:40 parent 1:2 leaf 40: prio 7 rate 1000bit ceil 585000bit burst 6Kb cburst 2330b
Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0)
rate 0bit 0pps backlog 0b 0p requeues 0
lended: 0 borrowed: 0 giants: 0
tokens: 48000000 ctokens: 31128

root@DD-WRT:~#

As we can see, the rate in class 10 is something around 78000bit/s (9,5KB/s).

Looks like marking and QOS'ing ack packets are working now.

Now I need to test, is this change 24h reconnect resistant or not.

PS: iptables -t mangle -vnL shows this output:

Code:

root@DD-WRT:~# iptables -t mangle -vnL
Chain PREROUTING (policy ACCEPT 488K packets, 471M bytes)
pkts bytes target prot opt in out source destination
174K 7793K IMQ 0 -- br0 * 0.0.0.0/0 0.0.0.0/0 IMQ: todev 0
314K 463M SVQOS_IN 0 -- ppp0 * 0.0.0.0/0 0.0.0.0/0

Chain INPUT (policy ACCEPT 5942 packets, 554K bytes)
pkts bytes target prot opt in out source destination

Chain FORWARD (policy ACCEPT 482K packets, 470M bytes)
pkts bytes target prot opt in out source destination
314K 463M IMQ 0 -- ppp0 * 0.0.0.0/0 0.0.0.0/0 IMQ: todev 0

Chain OUTPUT (policy ACCEPT 5419 packets, 2584K bytes)
pkts bytes target prot opt in out source destination

Chain POSTROUTING (policy ACCEPT 488K packets, 473M bytes)
pkts bytes target prot opt in out source destination
169K 7341K SVQOS_OUT 0 -- * ppp0 0.0.0.0/0 0.0.0.0/0
[b]165K 6771K MARK tcp -- * ppp0 0.0.0.0/0 0.0.0.0/0 length 0:64 MARK set 0xa[/b]

Chain SVQOS_IN (1 references)
pkts bytes target prot opt in out source destination
314K 463M CONNMARK 0 -- * * 0.0.0.0/0 0.0.0.0/0 CONNMARK restore
258K 383M RETURN 0 -- * * 0.0.0.0/0 0.0.0.0/0 MARK match !0x0
0 0 MARK 0 -- * * 192.168.1.229 0.0.0.0/0 MARK match 0x0 MARK set 0x28
0 0 MARK 0 -- * * 0.0.0.0/0 192.168.1.229 MARK match 0x0 MARK set 0x28
0 0 MARK 0 -- * * 192.168.1.97 0.0.0.0/0 MARK match 0x0 MARK set 0xa
0 0 MARK 0 -- * * 0.0.0.0/0 192.168.1.97 MARK match 0x0 MARK set 0xa
0 0 MARK 0 -- * * 0.0.0.0/0 0.0.0.0/0 LAYER7 l7proto dns MARK match 0x0 MARK set 0xa
35 42443 MARK 0 -- * * 0.0.0.0/0 0.0.0.0/0 LAYER7 l7proto ssl MARK match 0x0 MARK set 0x14
167 156K MARK 0 -- * * 0.0.0.0/0 0.0.0.0/0 LAYER7 l7proto http MARK match 0x0 MARK set 0x14
56453 80M CONNMARK 0 -- * * 0.0.0.0/0 0.0.0.0/0 CONNMARK save
56453 80M RETURN 0 -- * * 0.0.0.0/0 0.0.0.0/0

Chain SVQOS_OUT (1 references)
pkts bytes target prot opt in out source destination
169K 7341K CONNMARK 0 -- * * 0.0.0.0/0 0.0.0.0/0 CONNMARK restore
132K 5563K RETURN 0 -- * * 0.0.0.0/0 0.0.0.0/0 MARK match !0x0
0 0 MARK 0 -- * * 192.168.1.229 0.0.0.0/0 MARK match 0x0 MARK set 0x28
0 0 MARK 0 -- * * 0.0.0.0/0 192.168.1.229 MARK match 0x0 MARK set 0x28
11 9028 MARK 0 -- * * 192.168.1.97 0.0.0.0/0 MARK match 0x0 MARK set 0xa
0 0 MARK 0 -- * * 0.0.0.0/0 192.168.1.97 MARK match 0x0 MARK set 0xa
401 25987 MARK 0 -- * * 0.0.0.0/0 0.0.0.0/0 LAYER7 l7proto dns MARK match 0x0 MARK set 0xa
0 0 MARK 0 -- * * 0.0.0.0/0 0.0.0.0/0 LAYER7 l7proto ssl MARK match 0x0 MARK set 0x14
5 2900 MARK 0 -- * * 0.0.0.0/0 0.0.0.0/0 LAYER7 l7proto http MARK match 0x0 MARK set 0x14
36612 1778K CONNMARK 0 -- * * 0.0.0.0/0 0.0.0.0/0 CONNMARK save
36612 1778K RETURN 0 -- * * 0.0.0.0/0 0.0.0.0/0
root@DD-WRT:~#

I'm not an iptables and tc expert, therefore it would be very nice, if somebody could confirm this, what i'm doing here, is right or not.
Thanx.

Sash
DD-WRT Guru

Joined: 20 Sep 2006
Posts: 17619
Location: Hesse/Germany

Posted: Tue Nov 13, 2012 20:39 Post subject:
i would suggest to upgrade 1st _________________ Forum Guidelines...How to get help & Forum Rules & RTFM/STFW & Throw some buzzwords into the WIKI search _________________ I'm NOT rude, just offer pure facts! _________________ Atheros (TP-Link & Clones, etc ) debrick service in EU _________________ Guide on HowTo be Safe, Secure and Protect Your Online Anonymity!

kasjak2000
DD-WRT Novice

Joined: 21 Apr 2007
Posts: 42

Posted: Tue Nov 13, 2012 20:50 Post subject:

Sash wrote:

i would suggest to upgrade 1st

Hi Sash,
as far as I know, this is the last build for whr-hp-ag108.
Isn'it so?

kasjak2000
DD-WRT Novice

Joined: 21 Apr 2007
Posts: 42

Posted: Fri Nov 16, 2012 22:58 Post subject:
Hey guys, I wanted just give a little status. Command seems to be boot and 24h reconnect resistant. QOS seems to work also. I need to observe the router and look, how stable its working.

Display posts from previous:

Page 1 of 1

DD-WRT Forum Index -> Advanced Networking

All times are GMT

Navigation

Jump to:

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum

Log in

QOS + prioritize ACK-packets @ whr-hp-ag108 V24SP2build14896

Quick Links

Log in