Reply With QuoteYes. I'm using it all the time.Originally Posted by Styno
You may want to check it using
and compare the results for both methods.Code:wshaper status eth1
Moderator & Financial forum supporter :)
1) Ok, I see your point about inserting the wshaper script to the post-firewall script. I would indeed be a good point to start the wshaper script from.
2) I've made an 'error' by using br0 and eth0, the right device should have been eth1.
I've checked the $1 variable in the post-firewall script and it says: eth1. So the settings were correct all the time, but my tests clearly made visible that shaping does not take place when the script is started from post-firewall:
(which is effectively: '/init/wshaper start "eth1" 976 460')Code:/init/wshaper start "$1" 976 460
This line does not start shaping because the pings rocket sky high when I start downloading.
But when I place the following line in post-boot, the pings stay low during downloads:
So, unless this method is not suitable to test Wondershaper, this proves two things:Code:/init/wshaper start "eth1" 976 460
1) Somehow the same command in post-boot works different then post-firewall. So post-firewall is not suitable for starting the wshaper script.
2) I definitely have the 1Mb downlink and 512 uplink, otherwise shaping would never succeed in keeping the pings low.
Oleg, have you done tests with Wondershaper and the post-firewall scripts in order to check if shaping does really take place?
Administrator
Yes. I'm using it all the time.
You may want to check it using
and compare the results for both methods.Code:wshaper status eth1
Moderator & Financial forum supporter :)
Just done some extra checking. I've tested the real download bandwith, using the test on www.speedtest.nl multiple times, which gives me 820 Kbit usable download- and 350 Kbit usable upload speed (My ISP states I have a 1024/512 connection). I've adjusted the script parameters to 800 and 320 respectively and these are the results:
- Shaping from post-firewall while downloading a large file from a fast server:
Download speed 89 Kbyte/sec.Code:--- www.tweakers.net ping statistics --- 120 packets transmitted, 120 packets received, 0% packet loss round-trip min/avg/max = 12.4/27.8/98.7 ms
- Shaping disabled while downloading a large file from a fast server:
Download speed 103 KByte/sec.Code:--- www.tweakers.net ping statistics --- 60 packets transmitted, 60 packets received, 0% packet loss round-trip min/avg/max = 12.2/97.3/554.1 ms
- Shaping from post-firewall with high script parameters (976, 460 respectively) while downloading a large file from a fast server:
Download speed 106 KByte/sec.Code:--- www.tweakers.net ping statistics --- 62 packets transmitted, 62 packets received, 0% packet loss round-trip min/avg/max = 13.8/90.7/228.8 ms
- CONCLUSION:
Starting the Wondershaper script from the post-firewall does work. It lowers the average ping times considerably at the cost of a slightly lower download speed.
Using script parameters which are too high clearly shows that it effectively disables it. So the lesson here is: Choose the parameters carefully and don't be too enthousiastic about the real performance of your internet connection.
Thanks for the help Oleg.
Last edited by Styno; 26-09-2004 at 14:50.
Administrator
Yes, ISPs tends to fool their users. They're also run shapers, which are less intelligent than wondershaper.
Moderator & Financial forum supporter :)
Yes, I forgot that the ATM protocol (which takes approximately 10%) has to be substracted from the theoretical values. This is a disadvantage for ADSL users... You pay for the whole package, but you get only 8/10 or 9/10.Yes, ISPs tends to fool their users. They're also run shapers, which are less intelligent than wondershaper.
Junior Member
ISPs do sell an IP bandwidth (at least in France, but i don't think it is different in Europa), and the ATM VC is shapped at 640/160 for an IP bandwidth of 512/128 (20% higher due to ATM overhead). However ISPs speak only of peak values and they do not guarantee the bandwidth.Yes, I forgot that the ATM protocol (which takes approximately 10%) has to be substracted from the theoretical values. This is a disadvantage for ADSL users... You pay for the whole package, but you get only 8/10 or 9/10.
Otherwise, here is one wshaper configuration to limit the priority of p2p (soulseek & bittorrent) file transfers :
/mnt/ramfs/local/root # cat /usr/local/init/post-firewall
/init/wshaper start eth0 120 500 192.168.2.1/32 10.1.1.1/32 "20 3328 6881 6882 6883" "20 3328 6881 6882 6883"
/mnt/ramfs/local/root #
Oleg, thanks again for your good work...
Moderator & Financial forum supporter :)
I've build my own setup now. It differs quite a bit from the original script, but this is because of my specific requirements:
I have filesharing (KaZaA/Gnutella/OpenFT) and an FTP server running on my router. This often chokes my connection so browsing and playing games is slowing down.
Therefore three queues are created (just like the original):
- 1:10 (High priority)
- 1:20 (Normal priorit)
- 1:30 (Low/bulk priority)
The general rules are applied:
- All TCP traffic has bulk priority
- All UDP traffic has normal priority
- SSH and ICMP has high priority
The exceptions for TCP (default: bulk):
- Traffic to and from port 80 gets normal priority
- Game traffic gets high priority
The exceptions for UDP (default: normal):
- P2P UDP traffic gets bulk priority
- Game traffic gets high priority
Below are the changes against the original script:
- Installs a standard HTB, but everything goes to bulk by default.
- The definition of the bulk queue get a minimum bandwith of 1/10 but can borrow unused bandwith up to 9/10 from other queues.Code:tc qdisc add dev $DEV root handle 1: htb default 30
- UDP packets in general get normal class priority (e.g. MSN)Code:tc class add dev $DEV parent 1:1 classid 1:30 htb rate $(($UPLINK/10))kbit \ ceil $((9*$UPLINK/10))kbit burst 6k prio 2
- Browsing traffic to and from port 80 get normal priorityCode:tc filter add dev $DEV parent 1: protocol ip prio 10 u32 \ match ip protocol 17 0xff \ flowid 1:20
- Put KaZaA UDP traffic into bulkCode:tc filter add dev $DEV parent 1: protocol ip prio 13 u32 \ match ip sport 80 0xffff flowid 1:20 tc filter add dev $DEV parent 1: protocol ip prio 13 u32 \ match ip dport 80 0xffff flowid 1:20
- Put Gnutella UDP traffic into bulkCode:tc filter add dev $DEV parent 1: protocol ip prio 10 u32 \ match ip sport 1214 0xffff \ match ip protocol 17 0xff \ flowid 1:30
- Put America's Army (Unreal Tournament engine) UDP traffic into high priorityCode:tc filter add dev $DEV parent 1: protocol ip prio 10 u32 \ match ip sport 3444 0xffff \ match ip protocol 17 0xff \ flowid 1:30
These adjustments to the wshaper script ensure I can play online without any lag while my girlfriend is browsing/MSN happily and the rest of the bandwith is used by uploads from the router to the internet.Code:tc filter add dev $DEV parent 1: protocol ip prio 10 u32 \ match ip dport 1718 0xffff \ match ip protocol 17 0xff \ flowid 1:10 tc filter add dev $DEV parent 1: protocol ip prio 10 u32 \ match ip dport 1717 0xffff \ match ip protocol 17 0xff \ flowid 1:10 tc filter add dev $DEV parent 1: protocol ip prio 10 u32 \ match ip sport 1716 0xffff \ match ip protocol 17 0xff \ flowid 1:10
I still haven't figured all the parameters used in this script (like PRIO and u32) out, but I managed to get this up and running by just smart-copy-pasting and trial-and-error. I hope other users can use this info for their own scripts.
I've attached my customized script.
Last edited by Styno; 28-09-2004 at 14:01.
Moderator & Financial forum supporter :)
I've found a webpage with a lot of additional info on traffic shaping: http://www.docum.org/docum.org/
Good reading stuff
Junior Member
Good work Styno, but why do you put the port 430 (utmpsd Common service) into the medium queue ?Below are the changes against the original script:
BTW, i have found that the wshaper script can be used both for input ($DEV=br0) and output ($DEV=ppp0). Thus my starting script is now :
/init/wshaper start ppp0 1000 120 10.1.1.1/32 10.1.1.1/32 "20 3328 6881 6882 6883" "20 3328 6881 6882 6883"
/init/wshaper start br0 120 1000 10.1.1.1/32 10.1.1.1/32 "20 3328 6881 6882 6883" "20 3328 6881 6882 6883"
Moderator & Financial forum supporter :)
Well, I saw that in an example (It was associated with IExplorer) :-) Don't know what that port does though...
Hmm, the authors of Wondershaper state that shaping the download does not much good, so they omit it. That does not mean that shaping the downstream is a bad thing though...BTW, i have found that the wshaper script can be used both for input ($DEV=br0) and output ($DEV=ppp0). Thus my starting script is now :
/init/wshaper start ppp0 1000 120 10.1.1.1/32 10.1.1.1/32 "20 3328 6881 6882 6883" "20 3328 6881 6882 6883"
/init/wshaper start br0 120 1000 10.1.1.1/32 10.1.1.1/32 "20 3328 6881 6882 6883" "20 3328 6881 6882 6883"
What's wrong though is the devices you use:
BR0 is the bridge between the WAN and LAN. AFAIK, you should use the "$1" parameter of your firewall as the device to shape for both up- and downstream, because this is the WAN device according to your router. This device is mostly ETH0, but you can find out which value "$1" is by echoing it to /tmp. You can do this by adding the following line to the post-firewall script:
After booting you can 'cat wan-device' file to see what your WAN device is.Code:echo "$1" > /temp/wan-device
Financial forum supporters :)
I need help
M8s, I have just downloaded Oleg's FW 1.7.5.9-5 and am ready to try Wshaper but would like to ask for confirmation for not doing someting stupid and mess up everything.
At the momment I am using FW 1.7.5.9-3 and use the command for fixing the WAN speed to 100full because the "WAN port dies" issue that I suffer. I have:
Everything is working like a dream until I download some popular torrents, just one of these is enough for saturating my connection (it is really crazy but it is like this). I cannot even ping a host because all that I get is dropped packages. I think maybe WShaper can help me here.Code:nvram set bootCmd0="/usr/sbin/et -i eth1 speed 100full" nvram commit
WHAT I HAVE:
-Windows XP SP-2 with TCP/IP connection patch installed and fixed to 100 connections.
-Direct ADSL (No PPPoE) 2048/256. Speedtests in Norway report that I get 2030/220.
-Azureus Bittorrent java client on TCP port 54321 (traffic limiter on it is not helping). I am not sure if what is saturating the router is the upload stream or the number of connections, that is why I like to try WShaper.
WHAT I WANT:
I don't know which of these 2 options is more recomendable:
Option 1:
-Shape all the traffic that goes through the router to 1990/190
Option 2:
-That WShaper acts only on my bittorrent traffic limiting it to 1900/180 (TCP port 54321), machine (fixed IP) 192.168.74.100 and that this traffic gets LESS PRIORITY.
-I don't like that anything limmits the rest of my traffic (I like to have full speed if I need an HTTP download).
Please take in account that I DON'T HAVE ANY LINUX EXPERIENCE, I am basically copying / pasting from the examples given in this thread. It is very likely that there are big fails in basic commands (I have never used VI and that is why I am following the echo "xx" > yy path that Oleg has used, but it can have FAILS. I kindly ask you to correct me. Thanks.
STEPS:
1. After reseting the router to defaults (pressing the back button for 5 seconds) install the new firmware.
2. Migrating the speed command from BootCmd's to Flashfs-boot:
3. Add the post-firewall script with WShaper content, saving all changes and rebooting:Code:telnet to the WL500g # create directory bcause router is in virgin state mkdir -p /usr/local/init # create post-boot script with the speed fix content echo "/usr/sbin/et -i eth1 speed 100full" > /usr/local/init/post-boot # made post-boot executable chmod +x /usr/local/init/post-boot # prepare image flashfs save
Oprion 1:
Option 2:Code:# create post-firewall script with the WShaper content (following Oleg's # example) echo "/init/wshaper start \"\$1\" 1990 190" > /usr/local/init/post-firewall # made post-firewall executable chmod +x /usr/local/init/post-firewall # prepare image flashfs save # commit it to flash flashfs commit # enable flashfs flashfs enable reboot
Code:# create post-firewall script with the WShaper content (trying to follow Ark+ # example as I understand it in this sequence: "$1"-DOWNLINK-UPLINK-IP_OF # MACHINE/32-PORTS (don't know if this last values are effective for both # tcp and udp ports)) echo "/init/wshaper start \"\$1\" 1900 180 192.168.74.100/32 "54321" "54321"" > /usr/local/init/post-firewall # made post-firewall executable chmod +x /usr/local/init/post-firewall # prepare image flashfs save # commit it to flash flashfs commit # enable flashfs flashfs enable reboot
THESE ARE MY QUESTIONS M8s:
1. Which option is better for my case Option 1 or Option 2?
2. Are there fails in this or is there a better way to do this? Please help me if there are, I don't want to turn my router in an expensive paperweight.
3. Are the ports of Option 2 both TCP and UDP?
THANK YOU VERY MUCH! I hope I can get this done and that it solves my problem.
Last edited by Thorz; 05-10-2004 at 23:17.
Junior Member
Thorz,
The both scripts will work (except that you have forgotten the dest address parameter in the second one).
Personally, i would use the second one :
since it put azureus in the low priority queue and accelerates other traffic such as http, pop.../init/wshaper start "$1" 1900 180 192.168.74.100/32 0.0.0.0/0 "54321" "54321"
However, wshaper will shape bittorrent to 0,8x1900=1520 kb/s, even if you have no other traffic whereas the first script will not...
Moderator & Financial forum supporter :)
Hi Torz, you've done quite some work allready!
The most simple solution to your problem would be option 2 but slighty different, see my post below this one.
This way:
- All traffic will get normal priority
- ICMP and SSH will get high priority (ICMP = ping and a number of other important internet tools)
- TCP ports given in the script parameters (Bittorrent in your case) will get low priority, this class will never get full bandwidth though. Even if there's no other traffic.
One thing though: Does Bittorrent transfer files using TCP or UDP? In the UDP case this option will not work...
If you feel confident and have tried option 2 for some time, you might start customizing the script to you own needs, like borrowing speed from normal class by the low priority class.
[Edit: Fixed a huge mistake]
Last edited by Styno; 06-10-2004 at 14:36.
Financial forum supporters :)
Thank you both in advance for your answers.
First of all: How can I invoke a help command that shows me what commands are available when I am using telnet on the router? I would like to use vi instead of the "echo "xx" > yy" of the examples, but I am not sure of the options (I am not sure if having "$1" surrounded by "/" is correct, I have just copyed it as it was in the other example). As I am very new to linux and I was expecting some HELP command (like on DOS
It was a difficult one because I didn't know that they were source - destination addresses. You had 192.168.2.1/32 10.1.1.1/32, and then 10.1.1.1/32 10.1.1.1/32I don't understand the concept of having 0.0.0.0/0 in the destination IP (maybe 0.0.0.0/0 means "all the external world" or something like that...
Nice, but does this mean that the rest of the traffic (HTTP, POP, etc) doesn't get shaped at all?
That was a new thing, 1520kbps is pretty low. What is the reason for this? Does it mean that I have to use something like 2375 for that I get the 1900kbps shaping? Me: Very
Very nice.How do I put the ports in Option 1 m8? It becomes then Option 2, or am I missing something? Could you write the full "Wshaper start..." line of Option 1 that I should use as you are indicating?
When you say "TCP ports given in the script" does it mean that I have to modify the Wshaper script directly? I was thinking that the only thing to be done was to add the "Wshaper start..." line to post-firewall and nothing else. I have seen the script that you have attached, but it looks really scary m8. I don't even know were it is located in the router
It only uses one port TCP:54321 (selected by me).
That would be nice, but for now I just want to start with the basics and have the thing rolling. I have not even flashed the FW yet. I will wait for your answers about this post and from there I think I can get the confidence to do it.
THANKS A LOT M8S!
Last edited by Thorz; 06-10-2004 at 13:39.
Moderator & Financial forum supporter :)
You've certainly got some things confused here. But no worries, couz we're gonna figure it out
Read my previous post again please, I had to edit it because it contained an invalid advice. I must learn to read better...
First some basic stuff:
Linux does not have a HELP command. However, a lot of commands are in the busybox library. You can see which commands it contains by typing 'busybox' on the command line in a telnet session. There are other commands/scripts too (like the wshaper script) but you'll have to figure them out along the way because I'm not going to give you a whole summary here (It would give me RSI if I tried that!). If you use a custom firmware like 1.7.5.9 CR5 (recommended b.t.w.), vi will be on the box, just type 'vi'.
When using wondershaper, all traffic will be shaped. This sounds great but if all traffic ends up in the same priority class you won't get any speed up. Therefore the standard script will prioritize ICMP and SSH while everything else goes into normal priority (like HTTP and Bittorrent). This means that during a download with Bittorrent, your pings can look good while HTTP can be horribly slow. To solve this problem you need to send Bittorrent into bulk (low) priority class. Option 1 will leave Bittorrent traffic in the normal priority class, so you won't have any benifit in using wondershaper. Option 2 will put Bittorrent traffic into the low priority class, which is what you want.
You should go for Option 2.
Option 2 uses parameters given to the script to send Bittorrent data to low priority class. On the wiki page here: http://wiki.wl500g.info/index.php/PackageWondershaper you can see which parameters exist and what you can do with it. For your perpose the command to start wondershaper looks like this:
In this example the 5th and 6th parameter are empty because you don't want to shape the source and destination IP addresses, as that would put ALL your traffic into the low priority class. The 7th and 8th parameters are the source- and destination port on your network for which all traffic should go into the low priority class.Code:/init/wshaper start "$1" 1990 190 " " " " "54321" "54321"
You should put this command into your 'post-firewall' script. The best way to do that would be using 'vi'. Make sure you do 'flashfs save' and 'flashfs commit' after you're done editing. Note: You need flashfs-boot method for this (see the Wiki pages). A lesser solution is to put the commandline in your BootCmds.
A tip: To test/optimize the wshaper you can use the command line in a telnet session:
1) you can start wondershaper using:
2) Do some speed tests.Code:/init/wshaper start "eth1" 1990 190 " " " " "54321" "54321"
3) Stop wondershaper using the following command:
4) Goto (1) and change parameters until you'r happy with the speed results.Code:/init/wshaper stop "eth1"
..
5) Save the best option into the 'post-firewall' script as described in the previous paragraph.
Now Bob's you uncle m8...
Last edited by Styno; 06-10-2004 at 18:59.
Posting Permissions
