Qos exempt class

General discussion about Gargoyle, OpenWrt or anything else even remotely related to the project

Moderator: Moderators

robnitro
Posts: 82
Joined: Sat Feb 26, 2011 4:50 pm

Re: Qos exempt class

Postby robnitro » Thu Dec 15, 2011 3:41 pm

Thanks a lot for this! I set the whole subnet for the traffic I see for VOD in the connection list with this rule and it even fixed another issue I had. As Video on demand is udp, it would stutter for some reason- even if traffic is low, just on a new dns lookup (like opening up a website address or pinging one I haven't been to). I suppose it was making qos "stutter"?

GoUser wrote:Temporary solution:
1. Login via ssh and do iptables -t mangle -L --line-numbers
Now we can see in Chain qos_ingress section line like:
2 IMQ all -- anywhere anywhere IMQ: todev 0
We need to change not mark traffic from 10.0.0.0/8 (because it is internal high-speed network), so we will replace this line:
2. iptables -t mangle -R qos_ingress 2 -s ! 10.0.0.0/8 -j IMQ --todev 0 (2 because line number was 2).

Do not know if this is good solution, but hey, it works! (Next reboot or change of settings via web interface resets it back)

Unfortunatelly now we have another problem: if users start many downloads ping time to router increases. So it slows down an internet access.

GoUser
Posts: 26
Joined: Tue Sep 06, 2011 2:05 pm

Re: Qos exempt class

Postby GoUser » Sun Mar 04, 2012 5:08 pm

You can try to add that line to /etc/firewall.user file, this way you may be able to make changes via web interface and not loose excempt rule.
TP-LINK TL-WR841ND v5 - Gargoyle 1.4.7
TP-LINK TL-WR841ND v7 - Original firmware
TP-LINK TL-WR941ND - Gargoyle 1.4.7
D-LINK DIR-825 b1 - Gargoyle 1.4.7

pigstacho
Posts: 16
Joined: Thu Jul 28, 2011 11:19 am

Re: Qos exempt class

Postby pigstacho » Wed Sep 26, 2012 5:31 pm

Hi,

Great info, I was a DD-WRT user and I did use the "Exempt" class to do what is described in this post and I was looking for a way to do the same in Gargoyle. I have just tried the command iptables -t mangle -R qos_ingress 2 -s ! 10.0.0.0/8 -j IMQ --todev 0, replacing the IP address/Mask and Line Number to the correct ones for my case and it works really nice. Now I have a question, since this replace affect only qos_ingress, it will not mark the packages going into my network so the QoS will not apply to them, How can I do the same for the outgoing packets?

As you can imagine, I'm not an IP Tables guru :D

Regards,

GoUser
Posts: 26
Joined: Tue Sep 06, 2011 2:05 pm

Re: Qos exempt class

Postby GoUser » Thu Sep 27, 2012 3:17 am

Try to do iptables -t mangle -L --line-numbers and you'll see there is also Chain qos_egress so the command should be like iptables -t mangle -R qos_egress 2 -d ! 10.0.0.0/8 -j IMQ --todev 0 but there is no such line as in qos_ingress chain. Sorry but my knowledge also is not deep and it may need some time to play with it to discover where we need to place rule (maybe in different chain, maybe modify in qos_egress chain line which begins with return, to "drop" the packet). Maybe there is no need to replace rule, but insert new one. I think solution is still there but now I do not have time and need to investigate it.
If you find solution that works please post here.
TP-LINK TL-WR841ND v5 - Gargoyle 1.4.7
TP-LINK TL-WR841ND v7 - Original firmware
TP-LINK TL-WR941ND - Gargoyle 1.4.7
D-LINK DIR-825 b1 - Gargoyle 1.4.7

pigstacho
Posts: 16
Joined: Thu Jul 28, 2011 11:19 am

Re: Qos exempt class

Postby pigstacho » Mon Oct 29, 2012 12:31 pm

Hi,

Thanks GoUser for your collaboration.

Including the commands in firewall.user does not work, after a lot of testing I realized that even when the commands in firewall.user are executed during the router or firewall start-up the rules are rewritten after its executed when the router is starting up, so including the commands in firewall.user works nicely for a firewall restart but not for a router restart.

I ended up adding the following to /etc/rc.d/S99sysctl wich is the last script starting in rc.d:

#Wait 2 minutes for the router to finish creating QoS IPTables
sleep 120
#Add exemptions to qos_ingress (Download)
iptables -t mangle -I qos_ingress 1 -s 192.168.0.0/16 -j RETURN
iptables -t mangle -I qos_ingress 1 -s X.X.X.X -j RETURN

As you can see, I changed the REPLACE of the rule to couple of INSERTS that let me do any number of exemptions, the -j RETURN avoids the packet to be treated by the QoS chain (Replace de X.X.X.X for the IP you want to exclude).

Now I just have to test the method for the QoS_egress and it will work as a nice way to have exemptions in both Download and Upload QoS chains.

Regards

GoUser
Posts: 26
Joined: Tue Sep 06, 2011 2:05 pm

Re: Qos exempt class

Postby GoUser » Mon Oct 29, 2012 2:51 pm

Thanks for improvement and testing.
P.S: Would be great to see this included into Gargoyle by default.
TP-LINK TL-WR841ND v5 - Gargoyle 1.4.7
TP-LINK TL-WR841ND v7 - Original firmware
TP-LINK TL-WR941ND - Gargoyle 1.4.7
D-LINK DIR-825 b1 - Gargoyle 1.4.7

TVGUIDE-RUSS
Posts: 2
Joined: Wed May 29, 2013 2:21 pm

Re: Qos exempt class

Postby TVGUIDE-RUSS » Wed May 29, 2013 3:40 pm

Hi! Thanks alot for this thread and info. Was really cool to dig in router (via WinSCP) and add a stuff I dreamed for a year!!

Here is a code I added to my /etc/rc.d/S99sysctl to exclude Qwerty.ru ISP local traffic:

Code: Select all

#Wait 2 minutes for the router to finish creating QoS IPTables
sleep 120
#Add exemptions to qos_ingress (Download)
iptables -t mangle -I qos_ingress 1 -s 79.165.0.0/16 -j RETURN
iptables -t mangle -I qos_ingress 1 -s 79.164.0.0/16 -j RETURN
iptables -t mangle -I qos_ingress 1 -s 77.41.0.0/16 -j RETURN
iptables -t mangle -I qos_ingress 1 -s 90.154.0.0/16 -j RETURN

Works almost perfect.
Except what this is a "ugly gui workaround" :roll: and any change in settings via Gargoyle GUI wipes out my rules from iptables and router needs to be restarted. And this "sleep 120" gives 2 min delay in router work every boot. Can we use another command for this "pause"???

It gives me this on 12 Mbit downlink:
Pic1 -- 1.3 MB qos managed “real internet” torrent +2.8 MB on local ISP torrent
Pic2 -- 1.3 MB “real inet” and 1.4 from local ISP peers + 1.6 MB on local ISP torrent
Image

Lets move this to the GUI or plugin!
And will be great to have separate qos over this excluded local subnets!
;)

TVGUIDE-RUSS
Posts: 2
Joined: Wed May 29, 2013 2:21 pm

Re: Qos exempt class

Postby TVGUIDE-RUSS » Thu May 30, 2013 12:47 pm

Thread must be moved to -- Qos forum section -- viewforum.php?f=12&start=50


Return to “General Discussion”

Who is online

Users browsing this forum: No registered users and 6 guests