Please bring back the VOIP and instant messaging adaptive QOS category

[eastavin]

Earlier this year Asus changed the category names on the Adaptive QOS categories to things like work-from-home, learn-from-home etc. It looks like this was a marketing department attempt to make Asus look like the product to buy during the Covid-19 pandemic. Long standing important category called VOIP and Instant Messaging was abandoned.

Unfortunately in this knee-jerk reaction an error was made. That error was lumping the VOIP category together with everything else that falls into the catch all grab bag called Work-from-home. The unintended consquence of this action is that VOIP calls now have to fight for bandwidth with STEAM game downloads. Overnight one of the world's best routers has become unreliable for VOIP users because of this. It appears ASUS made an error in judgement here. 911 calls and other emergency VOIP calls need to be guaranteed the highest priority or at least guaranteed to be in a category that is suitable to the router owner. THey cannot be blown away by little Johnny downloading a STEAM game update as is happening now when Work-From-home is positioned as the highest qos category and VOIP and STEAM get the same priority.

I am very surprised that the GAMING qos category does not capture STEAM game download activity and throttle it when gaming is a lower category than work from home in CUSTOMIZE. The fix to this is to bring back the VOIP and instant messaging QOS category please in the ADAPTIVE QOS CUSTOMIZE settings screen.

 

[dave14305]

VoIP was simply renamed to Work-From-Home. Nothing about the category actually changed except the name. But what also changed at the same time was the removal of the underlying tc filter rule that sent all “Untracked/unmarked” traffic to the lowest priority bucket (formerly called Default). Due to unfortunate coincidence of category 0 being “Instant messengers” and untracked traffic getting a default mark of 000000, that unmarked traffic now gets caught up in the IM category.

This is what the relevant tc filters used to look like before WFH/LFH were introduced:

filter parent 1: protocol all pref 2 u32 fh 827::800 order 2048 key ht 827 bkt 0 flowid 1:17
  mark 0x80000000 0xc000ffff (success 8143)
filter parent 1: protocol all pref 3 u32 fh 806::800 order 2048 key ht 806 bkt 0 flowid 1:12
  mark 0x80000000 0xc03f0000 (success 8)

Unidentified traffic marked with 000000 would be sent to the bottom priority in stock firmware. IM traffic marked 000001 through 00FFFF would get sent to the VOIP priority.

Now, the first entry is no longer present, presumably because the old Default class (1:17) is now used as the slot for the Learn-From-Home class, or however the user sets their priority list.

FlexQoS (for ASUSWRT-Merlin only) will restore the filter for Unmarked traffic so that it’s independent of the IM category within Work-From-Home.

What we really need is a fix from Trend Micro on correctly handling Unidentified traffic.

 

[eastavin]

So where do we have to report this stuff to get it looked at by Asus? Is this the place?

 

[RMerlin]

So where do we have to report this stuff to get it looked at by Asus? Is this the place?

Use the Feedback form on your router's web interface.

 

[Vimes]

Use the Feedback form on your router's web interface.

@RMerlin is that feature removed from your firmware...?

When I first got my AX88U I did use it to request a type of "VPN Fusion" for routers other than their GT range.
Now I would like to make them aware of the "feature or bug" when you have a VPN client and trying to use QOS means that the download is counted as an upload.
Unless I'm missing it I guess that the feedback option is removed due to now using the 384.19 firmware for the AX88U...?

If that is the case do you have a suggestion where it would be best feeding that back to the most appropriate section for Asus to note....?

Thanks

I did create a thread on this forum in regards to the above problem where I could have linked Asus to it. But it seems to have been deleted.

 

[RMerlin]

@RMerlin is that feature removed from your firmware...?

Yes, because it makes no sense to send Asus feedback while running a non-Asus firmware.

 

[cplay]

VoIP was simply renamed to Work-From-Home. Nothing about the category actually changed except the name. But what also changed at the same time was the removal of the underlying tc filter rule that sent all “Untracked/unmarked” traffic to the lowest priority bucket (formerly called Default). Due to unfortunate coincidence of category 0 being “Instant messengers” and untracked traffic getting a default mark of 000000, that unmarked traffic now gets caught up in the IM category.

This is what the relevant tc filters used to look like before WFH/LFH were introduced:

filter parent 1: protocol all pref 2 u32 fh 827::800 order 2048 key ht 827 bkt 0 flowid 1:17
  mark 0x80000000 0xc000ffff (success 8143)
filter parent 1: protocol all pref 3 u32 fh 806::800 order 2048 key ht 806 bkt 0 flowid 1:12
  mark 0x80000000 0xc03f0000 (success 8)

Unidentified traffic marked with 000000 would be sent to the bottom priority in stock firmware. IM traffic marked 000001 through 00FFFF would get sent to the VOIP priority.

Now, the first entry is no longer present, presumably because the old Default class (1:17) is now used as the slot for the Learn-From-Home class, or however the user sets their priority list.

FlexQoS (for ASUSWRT-Merlin only) will restore the filter for Unmarked traffic so that it’s independent of the IM category within Work-From-Home.

What we really need is a fix from Trend Micro on correctly handling Unidentified traffic.

Could you elaborate on what these class mark codes refer to?

In your set up guide for gaming any gaming device is meant to have mark 000000, why?

if I am using a specific IP address for gaming only on my Xbox, would it not make more sense to not include any mark number so that all traffic for this IP is categorised as gaming?

is there a table anywhere showing what all these different 6 digit mark codes refer to?

Does setting a traffic type category for the device in the filter table such as gaming overrule mark setting 000000?

All the best,
Cplay

 

[dave14305]

Could you elaborate on what these class mark codes refer to?

They refer to the hexadecimal codes the Trend Micro engine assigns after it has identified traffic as belonging to a certain application. Each application they are aware of has a unique code. Traffic they cannot classify ends up as 000000.

In your set up guide for gaming any gaming device is meant to have mark 000000, why?

The Gaming rule only changes unidentified traffic with the 000000 mark. That assumes that most non-gaming traffic is correctly identified, so you wouldn’t want to put non-gaming traffic in the gaming priority level. But it’s probably safe to assume any unidentified traffic could be gaming traffic.

if I am using a specific IP address for gaming only on my Xbox, would it not make more sense to not include any mark number so that all traffic for this IP is categorised as gaming?

You can do that by customizing the rule and removing the mark 000000, or by replacing it with !08**** (anything not already classified in the Gaming category 08).

is there a table anywhere showing what all these different 6 digit mark codes refer to?

Not easily viewable in a complete list in the hexadecimal format, but they are stored in decimal format with descriptions in the text file /tmp/bwdpi/bwdpi.app.db

Does setting a traffic type category for the device in the filter table such as gaming overrule mark setting 000000?

I don’t think I understand what you’re asking here. Please elaborate and perhaps post a screenshot of what you mean.

 

[rlj2]

They refer to the hexadecimal codes the Trend Micro engine assigns after it has identified traffic as belonging to a certain application. Each application they are aware of has a unique code. Traffic they cannot classify ends up as 000000.

The Gaming rule only changes unidentified traffic with the 000000 mark. That assumes that most non-gaming traffic is correctly identified, so you wouldn’t want to put non-gaming traffic in the gaming priority level. But it’s probably safe to assume any unidentified traffic could be gaming traffic.

You can do that by customizing the rule and removing the mark 000000, or by replacing it with !08**** (anything not already classified in the Gaming category 08).

Not easily viewable in a complete list in the hexadecimal format, but they are stored in decimal format with descriptions in the text file /tmp/bwdpi/bwdpi.app.db

I don’t think I understand what you’re asking here. Please elaborate and perhaps post a screenshot of what you mean.

sounds like he may want to do how I had my shields setup, iptables rule just classifying that ip as streaming. Currently broke in 386 on my ax86

 

[cplay]

You can do that by customizing the rule and removing the mark 000000, or by replacing it with !08**** (anything not already classified in the Gaming category 08).

Is one better than the other or does it not matter what one I use?

thank you for such a good explanation of the mark feature.

two additional questions:

1. what would be the best way to make sure Speedtest and dsl reports and fast.com get the full bandwidth when being run on a device?

As expected, with qos on they are providing reading way lower than what is set in the bandwidth limiter download and upload settings - is there a way to make sure these 3 services get treated differently from other file transfers?

2. is there anyway to fix this bug?

the bandwidth limiter settings on the main adaptive qos page (where you set download , upload rate, turn qos on and off and select fq codel) work correctly UNTILL I go to flexqos, customise, edit any of the tables and then click apply.

after clicking apply the download and upload bandwidth limiter no longer works until I restart the router or turn the wan connection on and off via the homepage.

I run two opvn vpn tunnels on the router at all times so I don’t know if they are related or not.

All the best and thanks again!

great qos!

 

[cplay]

sounds like he may want to do how I had my shields setup, iptables rule just classifying that ip as streaming. Currently broke in 386 on my ax86

I have set up one rule to make all traffic on one device pertain to the gaming category.

for streaming I have 5 rules for 5 different devices all pertaining to the streaming category.

I am running an 86u on 384.18 and have only noticed the issue listed in my recent reply with the bandwidth limiter breaking.

what issueare you experiencing on your 88u with flexqos?

 

[rlj2]

I have set up one rule to make all traffic on one device pertain to the gaming category.

for streaming I have 5 rules for 5 different devices all pertaining to the streaming category.

I am running an 86u on 384.18 and have only noticed the issue listed in my recent reply with the bandwidth limiter breaking.

what issueare you experiencing on your 88u with flexqos?

When i ran .18 or .19 on my ac86u Same kind of rules you mention. I dont remember having a issue with changing the manual speed settings.I do tweak those to help with bufferbloat. Have you tried a full factory reset?
With my ax86u and 386 (it is beta) , when i set the rules like we both are doing, they are totally ignored. Actually any iptables rule is. You can see the device classified how I set it, but then that devices bandwidth doesnt even show on the graphs.. Someday that will be fixed.
386 on the AC86u seems fine. My vpn runs on each device and not the router. So I can actually set a appDB rule for vpn/tunneling towards a classification if I want. That works pretty well.

 

[dave14305]

Is one better than the other or does it not matter what one I use?

Personally, using !08**** is preferable so that you don’t waste cycles changing packets that are already categorized as gaming.

1. what would be the best way to make sure Speedtest and dsl reports and fast.com get the full bandwidth when being run on a device?

I don’t know the answer. It’s not possible to bypass QoS through FlexQoS.

the bandwidth limiter settings on the main adaptive qos page (where you set download , upload rate, turn qos on and off and select fq codel) work correctly UNTILL I go to flexqos, customise, edit any of the tables and then click apply.

after clicking apply the download and upload bandwidth limiter no longer works until I restart the router or turn the wan connection on and off via the homepage.

“Bandwidth limiter” usually refers to the third QoS type (Adaptive QoS, Traditional QoS, Bandwidth Limiter). Bandwidth Limiter isn’t compatible with Adaptive QoS and FlexQoS. Is this what you mean?

 

[cplay]

When i ran .18 or .19 on my ac86u Same kind of rules you mention. I dont remember having a issue with changing the manual speed settings.I do tweak those to help with bufferbloat. Have you tried a full factory reset?
With my ax86u and 386 (it is beta) , when i set the rules like we both are doing, they are totally ignored. Actually any iptables rule is. You can see the device classified how I set it, but then that devices bandwidth doesnt even show on the graphs.. Someday that will be fixed.
386 on the AC86u seems fine. My vpn runs on each device and not the router. So I can actually set a appDB rule for vpn/tunneling towards a classification if I want. That works pretty well.

Aye, resetting does not fix the issue.

Only way to fix the issue is by restarting router or turning the wan connection switch on the homepage on and off.

Yeah, I would do it your way but I run VPN on all my devices on the network.

Good luck getting a fix!

All the best,
Adam

 

[cplay]

Personally, using !08**** is preferable so that you don’t waste cycles changing packets that are already categorized as gaming.

Perfect, will use that then for the gaming device rule.

Would I be correct for the 5 streaming devices I use to have a rule for each device with !04**** mark that I force to be in the video and streaming category?

Please see where I have uploaded a screenshot of my IP tables so you can check if I have done them correctly for the one gaming device in the gaming category (I only game on my xbox) and 5 rules for 5 streaming devices I am forcing to be in the video and streaming category:

I don’t know the answer. It’s not possible to bypass QoS through FlexQoS.

I am not looking to bypass the QOS - I was looking for a way to make sure all traffic for fast.com, dsl reports, and speedtest goes into my most important category: Work from Home.

I currently have my priority settings as follows below but that means currently the aforementioned 3 services fall into the file transferring category which is not high on the priority list and thus is not likely to receive prioritised bandwidth:

“Bandwidth limiter” usually refers to the third QoS type (Adaptive QoS, Traditional QoS, Bandwidth Limiter). Bandwidth Limiter isn’t compatible with Adaptive QoS and FlexQoS. Is this what you mean?

I am referring to the manual bandwidth setting below - it works correctly UNTILL I complete the following sequence: go to flexqos, then customise, then edit any of the tables and finally, click apply.

After clicking apply, the download and upload bandwidth limiter no longer works until I restart the router or turn the wan connection switch on and off via the homepage.

I run two opvn vpn tunnels on the router at all times so I don’t know if devices in the tunnel are correctly getting the new qos rules and qos max download and upload bandwidth limits applied to them AFTER clicking apply in flexqos settings as the tunnel is already established.

 

[cplay]

Any idea's @dave14305 ?

 

[dave14305]

Would I be correct for the 5 streaming devices I use to have a rule for each device with !04**** mark that I force to be in the video and streaming category?

Please see where I have uploaded a screenshot of my IP tables so you can check if I have done them correctly for the one gaming device in the gaming category (I only game on my xbox) and 5 rules for 5 streaming devices I am forcing to be in the video and streaming category:

You could combine the 5 streaming devices into one rule with a CIDR block (e.g. 192.168.1.8/29) instead of individual rules for a single IP. You'd have to be sure nothing is using .8, .9, .15 since those would be part of the CIDR as well.

I am not looking to bypass the QOS - I was looking for a way to make sure all traffic for fast.com, dsl reports, and speedtest goes into my most important category: Work from Home.

Fast.com shows up as Netflix (for me), so it really belongs in Streaming. Speedtest is part of the default appdb rules you can change however you like.

I am referring to the manual bandwidth setting below - it works correctly UNTILL I complete the following sequence: go to flexqos, then customise, then edit any of the tables and finally, click apply.

After clicking apply, the download and upload bandwidth limiter no longer works until I restart the router or turn the wan connection switch on and off via the homepage.

Would need to see your syslog to understand what you're trying to explain. Unless your stock QoS is broken in 384.18.

 

[cplay]

You could combine the 5 streaming devices into one rule with a CIDR block (e.g. 192.168.1.8/29) instead of individual rules for a single IP. You'd have to be sure nothing is using .8, .9, .15 since those would be part of the CIDR as well.

Got it.

Was I correct in noting !04**** as the mark for all things in the video and streaming category?

Speedtest is part of the default appdb rules you can change however you like.

Got it - is there anyway to do the same for dsl report speedtest (best for bufferfloat) - it currently shows up with a "web file transfer" mark which is quite generic so creating a rule like the speedtest one would simply move anything name web file transfer to a different category?

cplay said:
I am referring to the manual bandwidth setting below - it works correctly UNTILL I complete the following sequence: go to flexqos, then customise, then edit any of the tables and finally, click apply.

After clicking apply, the download and upload bandwidth limiter no longer works until I restart the router or turn the wan connection switch on and off via the homepage.

Would need to see your syslog to understand what you're trying to explain. Unless your stock QoS is broken in 384.18.

I'll send over the log tomorrow and replicate the error for you.


Thanks again for all your help

 

[dave14305]

Was I correct in noting !04**** as the mark for all things in the video and streaming category?

That would work fine.

is there anyway to do the same for dsl report speedtest (best for bufferfloat) - it currently shows up with a "web file transfer" mark which is quite generic so creating a rule like the speedtest one would simply move anything name web file transfer to a different category?

Not that I can think of, since it would also capture unintended traffic.

 

[cplay]

cplay said:
I am referring to the manual bandwidth setting below - it works correctly UNTILL I complete the following sequence: go to flexqos, then customise, then edit any of the tables and finally, click apply.

After clicking apply, the download and upload bandwidth limiter no longer works until I restart the router or turn the wan connection switch on and off via the homepage.

Would need to see your syslog to understand what you're trying to explain. Unless your stock QoS is broken in 384.18.

@dave14305 I have started a conversation with you and sent you a link to the video of me replicating the issue for you (didn't want to post wan IP etc publically).

This is what thesystem log says below after clicking "apply" in flexQOS:

Jan 21 11:38:11 rc_service: httpd 1261:notify_rc restart_qos
Jan 21 11:38:11 custom_script: Running /jffs/scripts/service-event (args: restart qos)
Jan 21 11:38:11 kernel: Ebtables v2.0 registered
Jan 21 11:38:13 BWDPI: fun bitmap = 83
Jan 21 11:38:13 A.QoS: qos_count=0, qos_check=0
Jan 21 11:38:16 custom_script: Running /jffs/scripts/service-event-end (args: restart qos)
Jan 21 11:38:16 FlexQoS: /jffs/addons/flexqos/flexqos.sh (pid=11105) called in unattended mode with 1 args: -start
Jan 21 11:38:17 FlexQoS: Applying iptables static rules
Jan 21 11:38:17 FlexQoS: Applying iptables custom rules
Jan 21 11:38:17 FlexQoS: Flushing conntrack table
Jan 21 11:38:17 FlexQoS: Applying AppDB rules and TC rates
Jan 21 11:38:30 dnsmasq-dhcp[1252]: DHCPDISCOVER(br0) 52:c6:6a:6c:5e:c3
Jan 21 11:38:30 dnsmasq-dhcp[1252]: DHCPOFFER(br0) 192.168.1.33 52:c6:6a:6c:5e:c3
Jan 21 11:38:30 dnsmasq-dhcp[1252]: DHCPDISCOVER(br0) 52:c6:6a:6c:5e:c3
Jan 21 11:38:30 dnsmasq-dhcp[1252]: DHCPOFFER(br0) 192.168.1.33 52:c6:6a:6c:5e:c3
Jan 21 11:38:31 dnsmasq-dhcp[1252]: DHCPREQUEST(br0) 192.168.1.33 52:c6:6a:6c:5e:c3
Jan 21 11:38:31 dnsmasq-dhcp[1252]: DHCPACK(br0) 192.168.1.33 52:c6:6a:6c:5e:c3 Megans-iPhone
Jan 21 11:38:44 dnsmasq-dhcp[1252]: DHCPREQUEST(br0) 192.168.1.207 f0:d1:a9:35:66:32
Jan 21 11:38:44 dnsmasq-dhcp[1252]: DHCPACK(br0) 192.168.1.207 f0:d1:a9:35:66:32 Adams-iPad
Jan 21 11:42:50 kernel: htb: htb qdisc 16: is non-work-conserving?
Jan 21 11:43:00 FlexQoS: /jffs/addons/flexqos/flexqos.sh (pid=14536) called in unattended mode with 1 args: -check
Jan 21 11:43:00 FlexQoS: iptables rules already present
Jan 21 11:43:01 FlexQoS: No TC modifications necessary

Download limiter does not work again for adaptive QOS unless I restart VPN clients on router (I have sent in a separate private message the system log of me stopping and starting both clients which fixes issue), restart router, and/or turn internet connection of on router homepage (internet connection ON:OFF switch).

Notice anything strange in the logs (in this message AND the two I sent you via private message)?

Why does simply restarting VPN tunnels rectify the issue?