Gargoyle Forum

I am new to Gargoyle AND QOS, but here goes.

I have box that downloaded from newsgroups. It uses SSL on port 563 to any news server.

I'd like to enable QOS for download (only?) and ensure that traffic from a particular IP on my network (192.168.1.120 - which the the box that downloads) is bottom of the food chain.

So, I select QOS Download, and enable QOS. It has a few defaults. 80, 443 and 53 (Why 53?).

So, I add a new rule.

Now I get confused. Surely destination port should be set to 563... but the defaults have "source IP" set for the defaults. Do I not connect TO 563, which is the destination? Or, is it saying that we are SOURCING the data from 563 (on the destination server - the news server)?

Bottom line - do I set the Source Port to 563, the Destination IP to 192.168.1.120 (My download box), and the class to Slow? Will the ensure that any news server downloads get throttled when browsing?

When you are downloading, SOURCE is the port used by the server, DESTINATION is the port used by your device. Same rule applies for up IP addresses.

Your idea of how to setup the rule makes sense to me

As for the default rule of 53, that is the port used for DNS. We want DNS requests to be quick and snappy.

Ah, that does make sense. I guess I am SOURCING data from the news server. So the destination IP will be the LAN IP of my downloading box (192.168.x.x), destination IP is blank, Source IP is 563... And I could set the source IP as the IP of each news server, but that limits me to only those server, so will leave the blank.

Thanks for the help, assuming my understanding above is correct.

Thanks.

Lantis wrote:As for the default rule of 53, that is the port used for DNS. We want DNS requests to be quick and snappy.

I deleted all the default profiles off my QoS though. Should i add them back in if it helps with making QoS better?

Looks like the defaults are pretty good ones to have. I'd get them back.

The default rules are designed to make pages load faster be prioritising DNS and small size transfers (web page loading).
Large transfers like downloads get a lower priority.

I have a bit more of a confusing situation and could use some claraifcation on src and dest ports for QOS.

Example... I run a bitcoin full node inside my network. Therfore I have bi directional traffic going on... essentially BOTH client and server are operating on the same ports in reverse directions, because I am running BOTH a client and a server simultaneously, with separate connections on each.

for my "client" software.. the src port is random, dest port is 8333
for my "server" software.. the src port is random, dest port if 8333

For remote "server" and "client" this is of course, the same.

So when I set "download QOS rules", do I use src or dest port or both? if both, which is the local server and which is the local client?

Same for upload rules?

I suppose I am asking, are qos rules to be set so that direction top set (up/down) is the direction that the router sees the traffic flowing, but IP/Port are the actual numbers from the connection that is create with?

for example, to cover client & server in both directions:
Rules for local server:
download : dst ip = local IP, dst port = 8333
upload : dst IP = local IP, dst port = 8333

Rules for local client:
download: src ip = local IP, dst port = 8333
upload: src ip = local IP, dst port = 8333


is that correct?

When you are downloading, you are the destination and the internet is the source.
When you are uploading you are the source and the internet is the destination.


I don't think your 4 rules are quite right.

Ok.. so I am confused...

Does "src" and "dst" mean the second and destination at the tcp/ip level?

If a stream is originated inside, the src is a local ip, and the local port is random. Is that the src IP and src port?

It would seem that "source" is the creator or instigator of the stream. Is that incorrect?

How do we define src and dst?

Lantis wrote:When you are downloading, you are the destination and the internet is the source.
When you are uploading you are the source and the internet is the destination.


I don't think your 4 rules are quite right.

Let's say your application runs on
192.168.1.100:8888
And the remote server is
100.100.100.100:1010

For download traffic:
Src ip = 100.100.100.100
src port = 1010
dst ip = 19.168.1.100
dst port = 8888

The inverse for upload also applies.

Is this clearer?