Fuzy Posted February 13, 2020 Share Posted February 13, 2020 openwrt does not use the offload! with my DIR 869 ... that's why I'm stuck at 300/300. Link to comment Share on other sites More sharing options...
Sable Posted February 13, 2020 Author Share Posted February 13, 2020 10 minutes ago, N3CR0 said: I don't bother with DMZ. I use Cake and Layer Cake as SQM. I was using cake and layer cake also, was in a moderate Nat type and it just played like shit. Link to comment Share on other sites More sharing options...
Sable Posted February 13, 2020 Author Share Posted February 13, 2020 1 hour ago, BoiDjakoCV said: Man I flash mine myself no issues at all I got my R1 connect 2 openwrt hub5 my QoS settings is 30D 4.8Up my Hitdection so crispy man 👍🏽👍🏽😃😃 Is the hub5 with open wrt on it a modem+Router? Link to comment Share on other sites More sharing options...
BoiDjakoCV Posted February 13, 2020 Share Posted February 13, 2020 2 minutes ago, Sable said: Is the hub5 with open wrt on it a modem+Router? Yes man Link to comment Share on other sites More sharing options...
N3CR0 Posted February 13, 2020 Share Posted February 13, 2020 8 minutes ago, Sable said: I was using cake and layer cake also, was in a moderate Nat type and it just played like shit. I've tried it on Mod and Open, plays the same to me. Have you tried different values? Its just like QoS, you need to find a setting that works. For me I'm using 87% of my bandwidth up and down, its not perfect, I still get BS deaths but they happen alot less than using all my bandwidth. Link to comment Share on other sites More sharing options...
Sable Posted February 13, 2020 Author Share Posted February 13, 2020 23 minutes ago, N3CR0 said: I've tried it on Mod and Open, plays the same to me. Have you tried different values? Its just like QoS, you need to find a setting that works. For me I'm using 87% of my bandwidth up and down, its not perfect, I still get BS deaths but they happen alot less than using all my bandwidth. I will try piss about with it again tomorrow. Link to comment Share on other sites More sharing options...
N3CR0 Posted February 13, 2020 Share Posted February 13, 2020 26 minutes ago, Sable said: I will try piss about with it again tomorrow. Its just like DumasOS CC silders... ya gotta try and find that sweet spot. Link to comment Share on other sites More sharing options...
Fuzy Posted February 13, 2020 Share Posted February 13, 2020 I found the option, The flow is good 900/450 but "Experimental feature. Not fully compatible with QoS / SQM" Suckkkkkkkkkksssssssssssssssss ! Link to comment Share on other sites More sharing options...
Knomax Posted February 14, 2020 Share Posted February 14, 2020 First of all guys offload bypass any SQM/QOS ...so sqm/qos doesnt work if you enable offload.If you have plenty of speed but when you enable sqm the speed is to low..you need a more powerful router which can handle sqm with big speed values. Then you must be sure that you set up sqm right....the easiest method is of course to take your true speeds and adjust them..95%...90% and using cake with piece of cake script puts all traffic in one tin. If you use cake with layer cake it uses a 4 priority queues according to this with diffserv4 . So 4 priority queues....how to put traffic you want in first priority queue....you must use iptables rules to mark packets and fall in different priorities. In web interface of Openwrt you go to firewall-->custom rules. Then i paste these rules... iptables -t mangle -N dscp_mark #Create a new chain named dscp_markiptables -t mangle -F dscp_mark #Flush the selected chain #iptables -t mangle -A POSTROUTING -j dscp_mark #Postrouting=This chain is used for specific types of packet mangling that we wish to take place after all kinds of routing decisions have been done, but still on this machine.Then these packets fall in dscp_mark chain. # # ## COD gets AF41 and fall in video priority with 50% threshold and mark them as AF41. iptables -t mangle -A dscp_mark -p udp -s 192.168.1.110 --sport 3074 --dport 30000:45000 -j DSCP --set-dscp-class AF41 iptables -t mangle -A dscp_mark -p udp -d 192.168.1.110 --dport 3074 --sport 30000:45000 -j DSCP --set-dscp-class AF41 # ## PSN network? iptables -t mangle -A dscp_mark -p udp -d 192.168.1.110 -m multiport --sport 3658,3074,3478:3480,10070:10080,465,983,5223 -j DSCP --set-dscp-class AF41 iptables -t mangle -A dscp_mark -p udp -s 192.168.1.110 -m multiport --dport 3658,3074,3478:3480,10070:10080,465,983,5223 -j DSCP --set-dscp-class AF41 iptables -t mangle -A dscp_mark -p tcp -d 192.168.1.110 -m multiport --sport 3658,3074,3478:3480,10070:10080,465,983,5223 -j DSCP --set-dscp-class AF41 iptables -t mangle -A dscp_mark -p tcp -s 192.168.1.110 -m multiport --dport 3658,3074,3478:3480,10070:10080,465,983,5223 -j DSCP --set-dscp-class AF41 # #Chat psn #iptables -t mangle -A dscp_mark -p udp -m multiport --dport 9305:9309 -j DSCP --set-dscp-class CS1 #iptables -t mangle -A dscp_mark -p udp -m multiport --sport 9305:9309 -j DSCP --set-dscp-class CS1 #iptables -t mangle -A dscp_mark -p tcp -m multiport --dport 9305:9309 -j DSCP --set-dscp-class CS1 #iptables -t mangle -A dscp_mark -p tcp -m multiport --sport 9305:9309 -j DSCP --set-dscp-class CS1 ## PS4 normal # iptables -t mangle -A dscp_mark -s 192.168.1.110 -j DSCP --set-dscp-class AF41 iptables -t mangle -A dscp_mark -s 192.168.1.189 -j DSCP --set-dscp-class CS1 iptables -t mangle -A dscp_mark -s 192.168.1.140 -j DSCP --set-dscp-class CS1 CS1 is bulk priority with 6.25% threshold DSCP Values Rules takes affect as they appear.... So source port 3074 (sport 3074) and destination ports 30000-450000 (dport 30000:45000) takes maximum priority and apply first. Then PSN network ports..... Chat/Voice lowest priority.... Then any other traffic that does not match any rule goes to iptables -t mangle -A dscp_mark -s 192.168.1.110 -j DSCP --set-dscp-class AF41 Then tablet and TV falls in lowest priority to.... iptables -t mangle -A dscp_mark -s 192.168.1.189 -j DSCP --set-dscp-class CS1 iptables -t mangle -A dscp_mark -s 192.168.1.140 -j DSCP --set-dscp-class CS1 I think t will help someone with this example. When you put # in front of a rule ..this rule does not take affect...# is comment. Fuzy, N3CR0 and AI_EXREYFOX 3 Link to comment Share on other sites More sharing options...
kinel Posted February 24, 2020 Share Posted February 24, 2020 Knoxmax do you copy and paste that text in custum rules in firwall rules Sable how is the game playing for you I just had a few games today my first in a long time It was pure garbage rage quited every game lol I would like to find out what setting your using for cod mw still Link to comment Share on other sites More sharing options...
kinel Posted February 24, 2020 Share Posted February 24, 2020 On 2/14/2020 at 1:09 PM, Knomax said: First of all guys offload bypass any SQM/QOS ...so sqm/qos doesnt work if you enable offload.If you have plenty of speed but when you enable sqm the speed is to low..you need a more powerful router which can handle sqm with big speed values. Then you must be sure that you set up sqm right....the easiest method is of course to take your true speeds and adjust them..95%...90% and using cake with piece of cake script puts all traffic in one tin. If you use cake with layer cake it uses a 4 priority queues according to this with diffserv4 . So 4 priority queues....how to put traffic you want in first priority queue....you must use iptables rules to mark packets and fall in different priorities. In web interface of Openwrt you go to firewall-->custom rules. Then i paste these rules... iptables -t mangle -N dscp_mark #Create a new chain named dscp_markiptables -t mangle -F dscp_mark #Flush the selected chain #iptables -t mangle -A POSTROUTING -j dscp_mark #Postrouting=This chain is used for specific types of packet mangling that we wish to take place after all kinds of routing decisions have been done, but still on this machine.Then these packets fall in dscp_mark chain. # # ## COD gets AF41 and fall in video priority with 50% threshold and mark them as AF41. iptables -t mangle -A dscp_mark -p udp -s 192.168.1.110 --sport 3074 --dport 30000:45000 -j DSCP --set-dscp-class AF41 iptables -t mangle -A dscp_mark -p udp -d 192.168.1.110 --dport 3074 --sport 30000:45000 -j DSCP --set-dscp-class AF41 # ## PSN network? iptables -t mangle -A dscp_mark -p udp -d 192.168.1.110 -m multiport --sport 3658,3074,3478:3480,10070:10080,465,983,5223 -j DSCP --set-dscp-class AF41 iptables -t mangle -A dscp_mark -p udp -s 192.168.1.110 -m multiport --dport 3658,3074,3478:3480,10070:10080,465,983,5223 -j DSCP --set-dscp-class AF41 iptables -t mangle -A dscp_mark -p tcp -d 192.168.1.110 -m multiport --sport 3658,3074,3478:3480,10070:10080,465,983,5223 -j DSCP --set-dscp-class AF41 iptables -t mangle -A dscp_mark -p tcp -s 192.168.1.110 -m multiport --dport 3658,3074,3478:3480,10070:10080,465,983,5223 -j DSCP --set-dscp-class AF41 # #Chat psn #iptables -t mangle -A dscp_mark -p udp -m multiport --dport 9305:9309 -j DSCP --set-dscp-class CS1 #iptables -t mangle -A dscp_mark -p udp -m multiport --sport 9305:9309 -j DSCP --set-dscp-class CS1 #iptables -t mangle -A dscp_mark -p tcp -m multiport --dport 9305:9309 -j DSCP --set-dscp-class CS1 #iptables -t mangle -A dscp_mark -p tcp -m multiport --sport 9305:9309 -j DSCP --set-dscp-class CS1 ## PS4 normal # iptables -t mangle -A dscp_mark -s 192.168.1.110 -j DSCP --set-dscp-class AF41 iptables -t mangle -A dscp_mark -s 192.168.1.189 -j DSCP --set-dscp-class CS1 iptables -t mangle -A dscp_mark -s 192.168.1.140 -j DSCP --set-dscp-class CS1 CS1 is bulk priority with 6.25% threshold DSCP Values Rules takes affect as they appear.... So source port 3074 (sport 3074) and destination ports 30000-450000 (dport 30000:45000) takes maximum priority and apply first. Then PSN network ports..... Chat/Voice lowest priority.... Then any other traffic that does not match any rule goes to iptables -t mangle -A dscp_mark -s 192.168.1.110 -j DSCP --set-dscp-class AF41 Then tablet and TV falls in lowest priority to.... iptables -t mangle -A dscp_mark -s 192.168.1.189 -j DSCP --set-dscp-class CS1 iptables -t mangle -A dscp_mark -s 192.168.1.140 -j DSCP --set-dscp-class CS1 I think t will help someone with this example. When you put # in front of a rule ..this rule does not take affect...# is comment. Do we need to copy n paste the text to firewall rule Link to comment Share on other sites More sharing options...
Knomax Posted February 25, 2020 Share Posted February 25, 2020 Copy and paste but change ip according to your devices this is an example. Link to comment Share on other sites More sharing options...
kinel Posted February 25, 2020 Share Posted February 25, 2020 Thank you 3 hours ago, Knomax said: Copy and paste but change ip according to your devices this is an example. Btw do you have your openwrt router first in your setup then the netdumer second Just wandering Link to comment Share on other sites More sharing options...
Knomax Posted February 26, 2020 Share Posted February 26, 2020 openwrt first Link to comment Share on other sites More sharing options...
N3CR0 Posted February 26, 2020 Share Posted February 26, 2020 7 minutes ago, Knomax said: openwrt first Same. My consoles are wired to the OpenWRT router and everything wireless connects to the R1. Knomax 1 Link to comment Share on other sites More sharing options...
kinel Posted February 27, 2020 Share Posted February 27, 2020 My console is connected to dumar1 wired but dumar is connected to open wrt first So my set goes modem first then openwtr router then dumar1 then console connected to dumar1 Link to comment Share on other sites More sharing options...
kinel Posted February 28, 2020 Share Posted February 28, 2020 On 2/26/2020 at 7:16 PM, Knomax said: openwrt first is this correct iptables -t mangle -N dscp_mark #Create a new chain named dscp_mark iptables -t mangle -F dscp_mark #Flush the selected chain # iptables -t mangle -A POSTROUTING -j dscp_mark #Postrouting=This chain is used for specific types of packet mangling that we wish to take place after all kinds of routing decisions have been done, but still on this machine.Then these packets fall in dscp_mark chain. # # ## COD gets AF41 and fall in video priority with 50% threshold and mark them as AF41. iptables -t mangle -A dscp_mark -p udp -s 192.168.1.63 --sport 3074 --dport 30000:45000 -j DSCP --set-dscp-class AF41 iptables -t mangle -A dscp_mark -p udp -d 192.168.1.63 --dport 3074 --sport 30000:45000 -j DSCP --set-dscp-class AF41 # ## PSN network? iptables -t mangle -A dscp_mark -p udp -d 192.168.1.163 -m multiport --sport 3658,3074,3478:3480,10070:10080,465,983,5223 -j DSCP --set-dscp-class AF41 iptables -t mangle -A dscp_mark -p udp -s 192.168.1.163 -m multiport --dport 3658,3074,3478:3480,10070:10080,465,983,5223 -j DSCP --set-dscp-class AF41 iptables -t mangle -A dscp_mark -p tcp -d 192.168.1.163 -m multiport --sport 3658,3074,3478:3480,10070:10080,465,983,5223 -j DSCP --set-dscp-class AF41 iptables -t mangle -A dscp_mark -p tcp -s 192.168.1.163 -m multiport --dport 3658,3074,3478:3480,10070:10080,465,983,5223 -j DSCP --set-dscp-class AF41 # #Chat psn #iptables -t mangle -A dscp_mark -p udp -m multiport --dport 9305:9309 -j DSCP --set-dscp-class CS1 #iptables -t mangle -A dscp_mark -p udp -m multiport --sport 9305:9309 -j DSCP --set-dscp-class CS1 #iptables -t mangle -A dscp_mark -p tcp -m multiport --dport 9305:9309 -j DSCP --set-dscp-class CS1 #iptables -t mangle -A dscp_mark -p tcp -m multiport --sport 9305:9309 -j DSCP --set-dscp-class CS1 ## PS4 normal # iptables -t mangle -A dscp_mark -s 192.168.1.163 -j DSCP --set-dscp-class AF41 iptables -t mangle -A dscp_mark -s 192.168.1.163 -j DSCP --set-dscp-class CS1 iptables -t mangle -A dscp_mark -s 192.168.1.163 -j DSCP --set-dscp-class CS1 CS1 is bulk priority with 6.25% threshold DSCP Values Rules takes affect as they appear.... So source port 3074 (sport 3074) and destination ports 30000-450000 (dport 30000:45000) takes maximum priority and apply first. Then PSN network ports..... Chat/Voice lowest priority.... Then any other traffic that does not match any rule goes to iptables -t mangle -A dscp_mark -s 192.168.1.110 -j DSCP --set-dscp-class AF41 Then tablet and TV falls in lowest priority to.... iptables -t mangle -A dscp_mark -s 192.168.1.189 -j DSCP --set-dscp-class CS1 iptables -t mangle -A dscp_mark -s 192.168.1.140 -j DSCP --set-dscp-class CS1 Link to comment Share on other sites More sharing options...
AI_EXREYFOX Posted February 29, 2020 Share Posted February 29, 2020 On 2/14/2020 at 1:09 PM, Knomax said: First of all guys offload bypass any SQM/QOS ...so sqm/qos doesnt work if you enable offload.If you have plenty of speed but when you enable sqm the speed is to low..you need a more powerful router which can handle sqm with big speed values. Then you must be sure that you set up sqm right....the easiest method is of course to take your true speeds and adjust them..95%...90% and using cake with piece of cake script puts all traffic in one tin. If you use cake with layer cake it uses a 4 priority queues according to this with diffserv4 . So 4 priority queues....how to put traffic you want in first priority queue....you must use iptables rules to mark packets and fall in different priorities. In web interface of Openwrt you go to firewall-->custom rules. Then i paste these rules... iptables -t mangle -N dscp_mark #Create a new chain named dscp_markiptables -t mangle -F dscp_mark #Flush the selected chain #iptables -t mangle -A POSTROUTING -j dscp_mark #Postrouting=This chain is used for specific types of packet mangling that we wish to take place after all kinds of routing decisions have been done, but still on this machine.Then these packets fall in dscp_mark chain. # # ## COD gets AF41 and fall in video priority with 50% threshold and mark them as AF41. iptables -t mangle -A dscp_mark -p udp -s 192.168.1.110 --sport 3074 --dport 30000:45000 -j DSCP --set-dscp-class AF41 iptables -t mangle -A dscp_mark -p udp -d 192.168.1.110 --dport 3074 --sport 30000:45000 -j DSCP --set-dscp-class AF41 # ## PSN network? iptables -t mangle -A dscp_mark -p udp -d 192.168.1.110 -m multiport --sport 3658,3074,3478:3480,10070:10080,465,983,5223 -j DSCP --set-dscp-class AF41 iptables -t mangle -A dscp_mark -p udp -s 192.168.1.110 -m multiport --dport 3658,3074,3478:3480,10070:10080,465,983,5223 -j DSCP --set-dscp-class AF41 iptables -t mangle -A dscp_mark -p tcp -d 192.168.1.110 -m multiport --sport 3658,3074,3478:3480,10070:10080,465,983,5223 -j DSCP --set-dscp-class AF41 iptables -t mangle -A dscp_mark -p tcp -s 192.168.1.110 -m multiport --dport 3658,3074,3478:3480,10070:10080,465,983,5223 -j DSCP --set-dscp-class AF41 # #Chat psn #iptables -t mangle -A dscp_mark -p udp -m multiport --dport 9305:9309 -j DSCP --set-dscp-class CS1 #iptables -t mangle -A dscp_mark -p udp -m multiport --sport 9305:9309 -j DSCP --set-dscp-class CS1 #iptables -t mangle -A dscp_mark -p tcp -m multiport --dport 9305:9309 -j DSCP --set-dscp-class CS1 #iptables -t mangle -A dscp_mark -p tcp -m multiport --sport 9305:9309 -j DSCP --set-dscp-class CS1 ## PS4 normal # iptables -t mangle -A dscp_mark -s 192.168.1.110 -j DSCP --set-dscp-class AF41 iptables -t mangle -A dscp_mark -s 192.168.1.189 -j DSCP --set-dscp-class CS1 iptables -t mangle -A dscp_mark -s 192.168.1.140 -j DSCP --set-dscp-class CS1 CS1 is bulk priority with 6.25% threshold DSCP Values Rules takes affect as they appear.... So source port 3074 (sport 3074) and destination ports 30000-450000 (dport 30000:45000) takes maximum priority and apply first. Then PSN network ports..... Chat/Voice lowest priority.... Then any other traffic that does not match any rule goes to iptables -t mangle -A dscp_mark -s 192.168.1.110 -j DSCP --set-dscp-class AF41 Then tablet and TV falls in lowest priority to.... iptables -t mangle -A dscp_mark -s 192.168.1.189 -j DSCP --set-dscp-class CS1 iptables -t mangle -A dscp_mark -s 192.168.1.140 -j DSCP --set-dscp-class CS1 I think t will help someone with this example. When you put # in front of a rule ..this rule does not take affect...# is comment. This settings that you use at this moment on your openwrt router.. what are the results Link to comment Share on other sites More sharing options...
Knomax Posted March 1, 2020 Share Posted March 1, 2020 20 hours ago, WalkedDave said: This settings that you use at this moment on your openwrt router.. what are the results Very good results for a "broken" game. N3CR0 1 Link to comment Share on other sites More sharing options...
N3CR0 Posted March 1, 2020 Share Posted March 1, 2020 Might give it ago myself even though console prio has never made any difference for me before. Link to comment Share on other sites More sharing options...
johnnytran Posted October 10, 2020 Share Posted October 10, 2020 On 2/15/2020 at 12:09 AM, Knomax said: In web interface of Openwrt you go to firewall-->custom rules. Then i paste these rules... I've pasted your rules into the firewall. Is it just marking PS4 traffic as highest priority? Do I need full bandwidth to my ps4 or can I try throttle? the ports 30000-450000, wouldn't it bbe better to go to 65000? Is there a way to know if its working? when I check tc -s qdisc, next to "marks" there's a 0 for each interface. Not sure if that's referring to the dscp marks? Link to comment Share on other sites More sharing options...
Knomax Posted October 14, 2020 Share Posted October 14, 2020 On 10/10/2020 at 2:23 PM, johnnytran said: I've pasted your rules into the firewall. Is it just marking PS4 traffic as highest priority? If you want to get highest priority you must mark them as CS4 On 10/10/2020 at 2:23 PM, johnnytran said: Do I need full bandwidth to my ps4 or can I try throttle? If you try to have full bandwidth to ps4 you don't need QOS-SQM.With CS4 it uses 25% threshold. On 10/10/2020 at 2:23 PM, johnnytran said: the ports 30000-450000, wouldn't it bbe better to go to 65000? Yes you can try this...range from 30000 to 45000 was a result by what players have seen in wireshark. On 10/10/2020 at 2:23 PM, johnnytran said: Is there a way to know if its working? when I check tc -s qdisc, next to "marks" there's a 0 for each interface. Not sure if that's referring to the dscp marks? When you run tc -s qdisc you will 3 tins...if you see 3 tins then everything is ok.Look in this example from Cake man page.You can try diffserv4 with 4 tins. # tc -s qdisc show dev eth0 qdisc cake 1: root refcnt 2 bandwidth 100Mbit diffserv3 triple- isolate rtt 100.0ms noatm overhead 38 mpu 84 Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0) backlog 0b 0p requeues 0 memory used: 0b of 5000000b capacity estimate: 100Mbit min/max network layer size: 65535 / 0 min/max overhead-adjusted size: 65535 / 0 average network hdr offset: 0 Bulk Best Effort Voice thresh 6250Kbit 100Mbit 25Mbit target 5.0ms 5.0ms 5.0ms interval 100.0ms 100.0ms 100.0ms pk_delay 0us 0us 0us av_delay 0us 0us 0us sp_delay 0us 0us 0us pkts 0 0 0 bytes 0 0 0 way_inds 0 0 0 way_miss 0 0 0 way_cols 0 0 0 drops 0 0 0 marks 0 0 0 ack_drop 0 0 0 sp_flows 0 0 0 bk_flows 0 0 0 un_flows 0 0 0 max_len 0 0 0 quantum 300 1514 762 Link to comment Share on other sites More sharing options...
johnnytran Posted October 14, 2020 Share Posted October 14, 2020 17 minutes ago, Knomax said: If you want to get highest priority you must mark them as CS4 Thanks, might give this a go next time I use openwrt. I didn't notice any difference when I put the rules into my firewall, I still had some ok games and some bad ones. I get better games using the R2. Maybe I did something wrong in the settings. I did notice when I look at the firewall stats down the bottom there was a section for the dscp markings. While playing I could see the count go up but I don't think this was reflected when I checked tc -s qdisc Link to comment Share on other sites More sharing options...
Knomax Posted October 14, 2020 Share Posted October 14, 2020 These rules is for at least "basic" prioritization of your network....if you want to have full control in any traffic you can use a more complicated set up.(this is what i am using) I will explain... Control of this traffic: # give a high priority for PS4 or xbox # washing all traffic dscp to CS0 and then start to mark them # mark connections that go over 115 packets per second, not prioritized # unmarked UDP streams with small packets get CS6 # large udp streams like video call get AF41 # ICMP, to prioritize pings # DNS traffic both udp and tcp # NTP ##Browsing ######## ## medium priority for browsing #TCP SYN,ACK flows ################## #Make sure ACK,SYN packets get priority (to avoid upload speed limiting our download speed) #Small packet is probably interactive or flow control #Small packet connections: multi purpose (don't harm since not maxed out) # Streaming Media (videos/audios) ######################################## #Known video streams sites like netflix # some iptv provider's #known usrcdn like google # Background Traffic (Bulk/file transfer) ######################################### #bulk traffic ipset, like windows updates and steam updates/downloads These rules are running as a script when router boots and script set's up the firewall. #!/bin/bash -x IPT="iptables" ########## ######### ##ipset for streaming sites.they are being filled by dnsmasq ipset create streaming hash:ip ipset create usrcdn hash:ip ipset create bulk hash:ip ipset create latsens hash:ip ## add routing for veth0 this will handle all traffic #ip route add default dev veth0 table 100 #ip rule add iif $WANIF table 100 priority 100 $IPT -t mangle -N dscp_mark > /dev/null 2>&1 $IPT -t mangle -F dscp_mark ## check if POSTROUTING already exits then jumps to our tables if not, add them $IPT -t mangle -L POSTROUTING -n | grep dscp_mark || $IPT -t mangle -A POSTROUTING -j dscp_mark iptmark(){ $IPT -t mangle -A dscp_mark "$@" } #give a high priority for PS4 or xbox $IPT -t mangle -A PREROUTING -p udp -m conntrack --ctorigsrc 192.168.1.200 -m multiport ! --ports 80,443,8080 -j DSCP --set-dscp-class CS4 -m comment --comment "PS4" $IPT -t mangle -A PREROUTING -p tcp -m conntrack --ctorigsrc 192.168.1.200 -m multiport ! --ports 80,443,8080 -j DSCP --set-dscp-class CS4 -m comment --comment "PS4" #for PS4 or xbox etc, change the ip according to your ip setting. ## start by washing the dscp to CS0 iptmark -j DSCP --set-dscp 0 iptmark -p udp -m conntrack --ctorigsrc 192.168.1.250 -j DSCP --set-dscp-class CS1 -m comment --comment "tablet udp Low" iptmark -p tcp -m conntrack --ctorigsrc 192.168.1.250 -j DSCP --set-dscp-class CS1 -m comment --comment "tablet tcp Low" #A robust 2 rules to detect realtime traffic # mark connections that go over 115 packets per second, not prioritized iptmark -p udp -m hashlimit --hashlimit-name udp_high_prio --hashlimit-above 115/sec --hashlimit-burst 50 --hashlimit-mode srcip,srcport,dstip,dstport -j CONNMARK --set-mark 0x55 -m comment --comment "connmark for udp" # unmarked UDP streams with small packets get CS6 iptmark -p udp -m connmark ! --mark 0x55 -m multiport ! --ports 22,25,53,67,68,123,143,161,162,514,5353,80,443,8080,60001 -m connbytes --connbytes 0:940 --connbytes-dir both --connbytes-mode avgpkt -j DSCP --set-dscp-class CS6 -m comment --comment "small udp connection gets CS6" #large udp streams like video call get AF41 iptmark -p udp -m connmark ! --mark 0x55 -m multiport ! --ports 22,25,53,67,68,123,143,161,162,514,5353,80,443,8080,60001 -m connbytes --connbytes 940:1500 --connbytes-dir both --connbytes-mode avgpkt -j DSCP --set-dscp-class AF41 -m comment --comment "large udp connection gets AF41" ######################################## # Latency Sensitive (gaming/voip) ######################################## ##ICMP, to prioritize pings iptmark -p icmp -j DSCP --set-dscp-class CS5 -m comment --comment "ICMP-pings" #DNS traffic both udp and tcp iptmark -p udp -m multiport --port 53,5353,8888 -j DSCP --set-dscp-class CS5 -m comment --comment "DNS udp" iptmark -p tcp -m multiport --port 53,5353,8888 -j DSCP --set-dscp-class CS5 -m comment --comment "DNS tcp" #NTP iptmark -p udp -m multiport --port 123 -j DSCP --set-dscp-class CS6 -m comment --comment "NTP udp" #High priority ipset, i use for pubgM #iptmark ! -p tcp -m set --match-set latsens src,dst -j DSCP --set-dscp-class CS6 -m comment --comment "latency sensitive ipset" ## set dscp tag for Latency Sensitive (latsens) ipset,udp #iptmark -p tcp -m set --match-set latsens src,dst -j DSCP --set-dscp-class CS5 -m comment --comment "latency sensitive ipset" ## set dscp tag for Latency Sensitive (latsens) ipset ######## ##Browsing ######## ## medium priority for browsing iptmark -p tcp -m multiport --ports 80,443,8080 -j DSCP --set-dscp-class CS3 -m comment --comment "Browsing at CS3" ################## #TCP SYN,ACK flows ################## #Make sure ACK,SYN packets get priority (to avoid upload speed limiting our download speed) iptmark -p tcp --tcp-flags ALL ACK -m length --length :128 -j DSCP --set-dscp-class CS3 iptmark -p tcp --tcp-flags ALL SYN -m length --length :666 -j DSCP --set-dscp-class CS3 #Small packet is probably interactive or flow control iptmark -m dscp ! --dscp 24 -m dscp ! --dscp 18 -m dscp ! --dscp 34 -m dscp ! --dscp 40 -m dscp ! --dscp 48 -m length --length 0:500 -j DSCP --set-dscp-class CS3 #Small packet connections: multi purpose (don't harm since not maxed out) iptmark -m dscp ! --dscp 24 -m dscp ! --dscp 18 -m dscp ! --dscp 34 -m dscp ! --dscp 40 -m dscp ! --dscp 48 -m connbytes --connbytes 0:250 --connbytes-dir both --connbytes-mode avgpkt -j DSCP --set-dscp-class CS3 ######################################## # Streaming Media (videos/audios) ######################################## #Known video streams sites like netflix iptmark -m set --match-set streaming src,dst -j DSCP --set-dscp-class AF41 -m comment --comment "video audio stream ipset" # some iptv provider's use this port iptmark -p tcp -m multiport --ports 1935,9982 -j DSCP --set-dscp-class AF41 -m comment --comment "some iptv streaming service" #known usrcdn like google or akamai iptmark -m set --match-set usrcdn src,dst -j DSCP --set-dscp-class AF21 -m comment --comment "usrcdn ipset" ######################################### # Background Traffic (Bulk/file transfer) ######################################### #bulk traffic ipset, like windows udates and steam updates/downloads iptmark -p tcp -m set --match-set bulk src,dst -j DSCP --set-dscp-class CS1 -m comment --comment "bulk traffic ipset" iptmark -p udp -m set --match-set bulk src,dst -j DSCP --set-dscp-class CS1 -m comment --comment "bulk traffic ipset" iptmark -p tcp -m connbytes --connbytes 350000: --connbytes-dir both --connbytes-mode bytes -m dscp --dscp-class CS0 -j DSCP --set-dscp-class CS1 -m comment --comment "Downgrade CS0 to CS1 for bulk tcp traffic" iptmark -p tcp -m connbytes --connbytes 350000: --connbytes-dir both --connbytes-mode bytes -m dscp --dscp-class CS3 -j DSCP --set-dscp-class CS1 -m comment --comment "Downgrade CS3 to CS1 for bulk tcp traffic" iptmark -p udp -m multiport --port 60001 -j DSCP --set-dscp-class CS1 -m comment --comment "bulk torrent port UDP" #tcpdump rule, copy and paste this rule into terminal, this rule is used to capture realtime traffic, you can change ip to what you like #tcpdump -i br-lan host 192.168.1.126 and udp and portrange 1-65535 and !port 53 and ! port 80 and ! port 443 -vv -X -w /root/cap-name.pcap Then i add in dnsmasq configuration file these parameters ... ##video/audio streams # Youtube is also isolated by my isp ipset=/googlevideo.com/*.googlevideo.com/streaming # NetFlix ipset=/nflxvideo.net/streaming # AmazonVideo ipset=/s3.ll.dash.row.aiv-cdn.net/d25xi40x97liuc.cloudfront.net/aiv-delivery.net/streaming # Facebook ipset=/fbcdn.net/streaming # Twitch ipset=/ttvnw.net/streaming # VeVo ipset=/vevo.com/streaming # Spotify ipset=/audio-fa.scdn.cot/streaming # Deezer ipset=/deezer.com/streaming # SoundCloud ipset=/sndcdn.com/streaming # last.fm ipset=/last.fm/streaming #reddit videos ipset=/v.redd.it/streaming #twitch.tv ipset=/ttvnw.net/streaming ##i have isolated speed for those cdn's ipset=/googletagmanager.com/googleusercontent.com/*.googleusercontent.com/google.com/fbcdn.net/*.fbcdn.net/akamaihd.net/*.akamaihd.net/whatsapp.net/*.whatsapp.net/whatsapp.com/*.whatsapp.com/www-cdn.whatsapp.net/googleapis.com/*.googleapis.com/ucy.ac.cy/1e100.net/hwcdn.net/usrcdn ## Bulk downloads #qq download ipset=/download.qq.com/bulk # Steam Download ipset=/steamcontent.com/bulk # PSN Download ipset=/gs2.ww.prod.dl.playstation.net/bulk # DropBox ipset=/dropbox.com/dropboxstatic.com/dropbox-dns.com/log.getdropbox.com/bulk # Google Drive ipset=/drive.google.com/drive-thirdparty.googleusercontent.com/bulk # Google Docs ipset=/docs.google.com/docs.googleusercontent.com/bulk # PlayStore Download ipset=/gvt1.com/bulk # WhatsApp Files ipset=/mmg-fna.whatsapp.net/bulk # Youtube Upload ipset=/upload.youtube.com/upload.video.google.com/bulk # WindowsUpdate ipset=/windowsupdate.com/update.microsoft.com/bulk So when you see a video in Netflix etc. it falls in streaming ipset (ipset=/nflxvideo.net/streaming) by dnsmasq..and this traffic matching this rule... iptmark -m set --match-set streaming src,dst -j DSCP --set-dscp-class AF41 -m comment --comment "video audio stream ipset" It falls in video tin because i mark it as AF41 and according to tc-cake(8) — Linux manual page AF41 is "video" tin. Also you must use diffserv4. 😉 Kefirek 1 Link to comment Share on other sites More sharing options...
Knomax Posted October 14, 2020 Share Posted October 14, 2020 28 minutes ago, johnnytran said: I did notice when I look at the firewall stats down the bottom there was a section for the dscp markings. While playing I could see the count go up but I don't think this was reflected when I checked tc -s qdisc tc -s qdisc....you can see here if you use 3 or 4 tins or one tin... From firewall stats you can see if the traffic falls in firewall rules...if you see firewall rules counting packets so this rule is working normal. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now