Wondershaper QoS discussion

[Styno]

I don't own a WL-500gx but what happens if you use eth0 or eth1 (whichever is the WAN port)?

[harakiri576]

I don't own a WL-500gx but what happens if you use eth0 or eth1 (whichever is the WAN port)?

Well, since the vlan1 interface has the WAN IP, I supposed putting the wondershaper there would work.
But yesterday I tried what you were suggesting (putting wondershaper on eth0, as eth1 had 0 rx and tx bytes), and it didn't work - it also slowed down the connection between my desktop and the router.

Any other ideas?

[molsak]

Hi all,
I wonder if it's just me or if some other people face the same issue.
When trying the script from
http://www.voip-info.org/wiki/view/Q...g+PRIO+and+HTB
I run into the problem implementing PRIO qdisc.
The script line
tc qdisc add dev eth1 root handle 1: prio bands 2 priomap 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1
fails stating
RTNETLINK answers: Invalid argument

I suspect the prio qdisc type is not implemented in our wl500g firmware. Can anybody
elaborate on this?

Tx,

Molsak

[harakiri576]

Hello everyone,

After some research, I've managed to create a script which actually works. Now enhanced-ctorrent client runs on wl500g without setting any upload limit, still, my pings are <100ms and my desktop has priority over bittorrent traffic (skype, ssh, etc... are fast).

I ended up modifying the wondershaper script heavily. It had a few bugs in it (did it ever work for anybody?).

So, here's how it's done.
First, I added 3 new lines to my /usr/local/sbin/post-firewall:

Code:

ip link set dev $1 qlen 30
iptables -A PREROUTING -t mangle -s 10.0.1.0/30 -j MARK --set-mark 6
/usr/local/sbin/wshaper start $1 3600 240

The first line sets the queue length to 30 - you can play around with this value, I found it to be good (though this is not a thorough experimentation).
The second line marks all packets coming from my desktops, so they can get a higher priority than the rest of the traffic (which is basically bittorrent running on the wl500g itself). Don't forget to adjust the netmask to match your desktops you want to prioritize.
The third line starts the modified wondershaper script, which I've put into /usr/local/sbin. The '3600' is the allowed download rate, and the '240' is the allowed upload rate. Set these values to roughly 5% less than your real network speed. There is _absolutely_ no need to go lower than 90% of your bandwidth (I'm saying this because I've found some sources on the net which say you should set it to 50% of your total bandwidth, but that's nonsense, most probably caused by not disabling bursting/throttling).

Now, here's the /usr/local/sbin/wshaper script:

Code:

#!/bin/sh

DOWNLINK=$3
UPLINK=$4
DEV=$2

if [ "$1" = "status" ]
then
        tc -s qdisc ls dev $DEV
        tc -s class ls dev $DEV
        exit
fi


# clean existing down- and uplink qdiscs, hide errors
tc qdisc del dev $DEV root    2> /dev/null > /dev/null
tc qdisc del dev $DEV ingress 2> /dev/null > /dev/null

if [ "$1" = "stop" ]
then
        exit
fi

###### uplink
# install root HTB, point default traffic to 1:30:

tc qdisc add dev $DEV root handle 1: htb default 30 r2q 1

# shape everything at $UPLINK speed - this prevents huge queues in your
# DSL modem which destroy latency:

tc class add dev $DEV parent 1: classid 1:1 htb rate ${UPLINK}kbit burst 1 cburst 1

# high prio class 1:10:

tc class add dev $DEV parent 1:1 classid 1:10 htb rate $((6*$UPLINK/10))kbit ceil ${UPLINK}kbit burst 1 cburst 1 prio 0

# desktop class 1:20

tc class add dev $DEV parent 1:1 classid 1:20 htb rate $((3*$UPLINK/10))kbit ceil $((9*$UPLINK/10))kbit burst 1 cburst 1 prio 1

# bulk data/bittorrent class 1:30

tc class add dev $DEV parent 1:1 classid 1:30 htb rate $((1*$UPLINK/10))kbit ceil $((8*$UPLINK/10))kbit burst 1 cburst 1 prio 2

# all get Stochastic Fairness:
tc qdisc add dev $DEV parent 1:10 handle 10: sfq perturb 10
tc qdisc add dev $DEV parent 1:20 handle 20: sfq perturb 10
tc qdisc add dev $DEV parent 1:30 handle 30: sfq perturb 10

# TOS Minimum Delay (ssh, NOT scp) in 1:10:
tc filter add dev $DEV parent 1:0 protocol ip prio 1 u32 \
      match ip tos 0x10 0x10 flowid 1:10

# ICMP (ip protocol 1) in the interactive class 1:10 so we
# can do measurements & impress our friends:
tc filter add dev $DEV parent 1:0 protocol ip prio 1 u32 \
        match ip protocol 1 0xff flowid 1:10

# To speed up downloads while an upload is going on, put ACK packets in
# the interactive class:
tc filter add dev $DEV parent 1: protocol ip prio 1 u32 \
   match ip protocol 6 0xff \
   match u8 0x05 0x0f at 0 \
   match u16 0x0000 0xffc0 at 2 \
   match u8 0x10 0xff at 33 \
   flowid 1:10

# prioritize small packets (<64 bytes)
tc filter add dev $DEV parent 1: protocol ip prio 1 u32 \
   match ip protocol 6 0xff \
   match u8 0x05 0x0f at 0 \
   match u16 0x0000 0xffc0 at 2 \
   flowid 1:10

# from desktops - mark 6
tc filter add dev $DEV parent 1: protocol ip prio 20 handle 6 fw flowid 1:20

########## downlink #############
# slow downloads down to somewhat less than the real speed  to prevent
# queuing at our ISP. Tune to see how high you can set it.
# ISPs tend to have *huge* queues to make sure big downloads are fast
#
# attach ingress policer:

tc qdisc add dev $DEV handle ffff: ingress

# filter *everything* to it (0.0.0.0/0), drop everything that's
# coming in too fast:

tc filter add dev $DEV parent ffff: protocol ip prio 50 u32 match ip src \
   0.0.0.0/0 police rate ${DOWNLINK}kbit burst 10k drop flowid :1

It pretty much works.

A thing which has caused me quite a bit of trouble. By default, wondershaper does allow throttling (aka bursting), which is basically allows any queue (including the bittorrent one) to pass all the shaping and go directly to the network interface, until it's tokens are used up (read some docs about htb if you want to know more). This clogs the upload link, killing off any interactive traffic every 10-30 seconds (this is how much time the buckets need to refill). That's why I needed to add the cburst and burst options to the class definitions.

This shaper also honors the TOS minimize delay bit, and puts every packet which matches that to the highest priority queue. You can set the minimize delay bit in the prerouting chain, mangle table on your wl500g, or directly on your desktop.

[Somman11]

What about local traffic?

When we set traffic shaping we set may upload/download limit. Is this also affecting local traffice (eg. local FTP or samba sharing)?

I want to set shaping only for internet link and don't want to shape local traffic. But anyway, how to set different roules for LAN and WAN? (maybe choose different interface??)


Thanks

[Crowly]

What about local traffic?

When we set traffic shaping we set may upload/download limit. Is this also affecting local traffice (eg. local FTP or samba sharing)?

I want to set shaping only for internet link and don't want to shape local traffic. But anyway, how to set different roules for LAN and WAN? (maybe choose different interface??)


Thanks

As far as i can remember that is decided by the "port"/"adress" vlan0 or vlan1 or something simular, which i think is the adress to the physical wlan port on the router. Been over a year since i played around with this.

[rej]

Hi guys and girls :-)

I am about to start playing with wondershaper to obtain the following result: VOIP must never be interrupted. P2P traffic must not significantly slow down webbrowsing.

As I see it I need three classes, one high priority for VOIP, one low priority for P2P and one normal priority for everything else. My internet connection is 2048/256. I can most probably put together the script that I need in order to do this from the different posts in this forum. But I still have a few questions regarding the script:

1) From what configuration file do I run the script?
2) Does it matter if it is loaded before or after other stuff (i.e. does the sequence during the boot matter)?
3) People are talking something about post-firewall. What does that mean?

BR,
René

[rej]

Hi again,

I am still looking at the wondershaper stuff, I have gone trough a lot of information regarding the topic. Anyway, just a small question for the default /sbin/wshaper script. I am trying to decode it for my understanding. Anyway this line:

Code:

# rest is 'non-interactive' ie 'bulk' and ends up in 1:20

tc filter add dev $DEV parent 1: protocol ip prio 18 u32 \
   match ip dst 0.0.0.0/0 flowid 1:20

Is that at all neccessary? The HTB root qdisc is created earlier in the code:

Code:

tc qdisc add dev $DEV root handle 1: htb default 20

It already directs the packets that doesn't meet any filtering criteria to the 20 class, so isn't the filter doing what would have been done anyway? Maybe it is a leftover from a CBQ queing script?

I hope someone takes the time to answer, I am really trying hard to understand what is going on!

Thanks in advance :-)

BR,
René

[akbor]

Hi René,

you don't need this default filter rule, all not filtered packets should be routed to the defaut class automatically by the definition.

It's quite easy to test that - just comment out this filter rule and check your traffic with

Code:

wshaper status eth1

To your earlier questions - you will find all this information in this thread and on the WIKI page linked in the first post of this thread.

Be good

Robert

[rej]

Hi again;

you don't need this default filter rule, all not filtered packets should be routed to the defaut class automatically by the definition.

OK, thats what I thought. I was just affraid that there were something I didn't understand (well there is something I don't understand, just not that).

To your earlier questions - you will find all this information in this thread and on the WIKI page linked in the first post of this thread.

I'm sure I will - but the wiki is down so I am a bit on my own here :-(
Anyway, thanks for your time :-)

BR,
René

[rej]

Hi Guys,

As I see it I need three classes, one high priority for VOIP, one low priority for P2P and one normal priority for everything else.

I just figured out that putting P2P in the low priority class will be a bit difficult since there is nothing to filter it on. E.g. eMule will use all kinds of different ports, so I can't filter on that, and neither can I filter on IP since my PC then will be slowed down for everything. The way I see it is that I have to set the default class to the third priority, and the filter web traffic/mail/ftp etc. to the second priority. From my point of view that is not ideal either.

Actually I have also found a better way of filtering the p2p traffic. It is possible to mark p2p traffic using this: http://www.ipp2p.org/, and then filter it using fw. Does any of you guys have the possibility to compile this for the WL500g?

Thanks,
René

[rej]

Hi again

I am trying to filter the traffic from one specific ip address on my LAN to go in the highest priority. I can't make it work, but I can't see that I am doing anything wrong. here is the code:

Code:

tc filter add dev $DEV parent 1:0 protocol ip prio 1 u32 \
   match ip src 192.168.1.2/32 flowid 1:10

I have made a tcpdump of the traffic:

Code:

20:16:44.965554 IP XXX.130.73.208.42826 > 192.168.1.2.16404: UDP, length: 32
20:16:44.972403 IP 192.168.1.2.16404 > XXX.130.73.208.42826: UDP, length: 32
20:16:44.987044 IP XXX.130.73.208.42826 > 192.168.1.2.16404: UDP, length: 32
20:16:44.992338 IP 192.168.1.2.16404 > XXX.130.73.208.42826: UDP, length: 32
20:16:45.005043 IP XXX.130.73.208.42826 > 192.168.1.2.16404: UDP, length: 32

This is the traffic going back and forth while I am making a VOIP call (ATA adapter on 192.168.1.2). Do you see any reason why this shouldn't work?

BR,
René

[rej]

Code:

tc filter add dev $DEV parent 1:0 protocol ip prio 1 u32 \
   match ip src 192.168.1.2/32 flowid 1:10

Just as an aditional note: replacing "ip src 192.168.1.2/32" with "match ip dport 80 0xffff" will move outgoing web traffic to class 1:10, so I know the rest of the script works. So my question is, what is wrong with "match ip src 192.168.1.2/32"?

Thanks in advance!

BR,
Ren&#233;

[rej]

Hi again,

This is the traffic going back and forth while I am making a VOIP call (ATA adapter on 192.168.1.2). Do you see any reason why this shouldn't work?

It looks like the source filter doesn't work for some reason. Anyway, I made it in another way now and this works:

Code:

iptables -t mangle -A POSTROUTING -s 192.168.1.2 -j MARK --set-mark 1

tc filter add dev $DEV parent 1: protocol ip handle 1 fw \
flowid 1:10

BR,
René

[akbor]

Hi Gents,

I think, I need your help again. Today I tried my wshaper-script (which is successfully running on my WL-500g) on a WL-500g Premium (WL-500gP).

Problem #1: the script seems to have problems with starting form "/usr/local/sbin/post-firewall". If I make a telnet-connection to the WL-500gP and type

Code:

cd /usr/local/sbin
./wshaper status eth1

nothing happens. But I can start the scripts manually from the command line by typing e.g.

Code:

./wshaper start eth1 1000 230

and then it responses the status.

Problem #2: the script is exactly the same, that is running on my WL-500g, but it doesn't prioritize the VoIP-traffic (from the same VoIP-HW of course) on the WL-500gP. In the status message the count of sent bytes/pakets trough the hi-prio class stays low and doesn't increase if I phone over IP.

I'm baffled... Does anybody have some experience with WL-500gP or at least some idea? Maybe the right interfaces name isn't "eth1" but something else for WL-500gP? I use a DHCP IP connection over the WAN port to my cable modem.

BR

Robert