FlexQoS FlexQoS 1.0 - Flexible QoS Enhancement Script for Adaptive QoS

[chris.at]

I switched it locally on my router to display only the IP in the list and I hated it because I had to think every time I looked at the list (What device is 192.168.1.245?). I didn’t feel like looking for the tooltip.

I would have left the FreshJR method of IP plus a small yellow device name, except one of my goals was to extend IPv6 support to the connection list and IPv6 is too long to have both showing at once. Yet in the current state of Asus firmware, IPv6 is not fully throttled by A.QoS, so what’s the point?

Well, in general the names would be fine but maybe I have a special case in my environment, that's why I was opting for the IPs followed by the name as a tooltip:
First of all I don't use static dhcp assignments, devices that need fixed IPs have them set manually (and I know them). So I don't even know what device hides behind cryptic names given by the manufacturer when they obtain a dhcp address (if they even have one). Next thing is that I have a media gateway (RP-AC68U) and devices communicating over this path get mixed up with their names regularly (not a FlexQOS or Merlin flaw, just how the router maps names to IPs internally). Only the IPs are unique so it's not possible to separate them in the overview by name (which isn't unique anymore - right now I have 2 identical names with different IPs in the list).

But: After thinking about it now I'd say you can safely leave it like it is and show the names. If I or someone else has to dig deeper we can focus on the device by selecting it in the dropdown where the name and IP are listed together and get filtered properly so that you only see connections coming from this single machine. At least I can live with it, yesterdays vote was too fast without thinking about it more extensive and having the gui in front of me.

The best way of course would be to see both of them in the list already, but as you said it's a space problem and so we have to deal with it.

 

[BikeHelmet]

I switched it locally on my router to display only the IP in the list and I hated it because I had to think every time I looked at the list (What device is 192.168.1.245?). I didn’t feel like looking for the tooltip.

I would have left the FreshJR method of IP plus a small yellow device name, except one of my goals was to extend IPv6 support to the connection list and IPv6 is too long to have both showing at once. Yet in the current state of Asus firmware, IPv6 is not fully throttled by A.QoS, so what’s the point?

Hehe, I have subnets for each device type, so I can immediately tell exactly what type of device it is, and the age of the device based on where it is within its limited subnet. That means I can logically deduce the device very quickly - typically a half second or so of thinking.

Hostname, though... oh my gosh!

My preference would be to show both IP and hostname, or partial IP and hostname - and then stick IPv6 (long IPs) in tooltips. For me showing .1.102 or .2.118 or .1.184 is useful. More useful than "ASUS"

All of those devices have unique names set in the devices themselves, and in Merlin under LAN/DHCP, yet they just show "ASUS" in FlexQOS. I can use the filter box if I scroll to the top, but Ctrl+F (time saver) doesn't work since it can't search through tooltips.

 

[dave14305]

All of those devices have unique names set in the devices themselves, and in Merlin under LAN/DHCP, yet they just show "ASUS" in FlexQOS. I can use the filter box if I scroll to the top, but Ctrl+F (time saver) doesn't work since it can't search through tooltips.

Ultimately, the custom names in Network Map will override the DHCP names.

 

[rlj2]

For me while it may be useful, its not a deal breaker for me. I have 40+ devices with unique enough names that I know what they are and what IP range they should fall under. OCD at its finest.

I think everyone on this forum (including myself) has a bit of OCD, or we wouldnt spend hours tweaking a damn router.. or maybe we need hobbies?

 

[josh3003]

Thanks for this, just stumbled across it after having the FreshJR QoS on my Asus router. I've just upgraded and it seems to be pretty smooth so far. Just so I know if I customise my QOS categories I currently have WFH, Gaming, Others, Web Surfing, Video & Audio streaming, LFH, and file transferring in the last place. Is this pretty well correct or should categories be shuffled around? Thanks.

I've also got 100% of my bandwidth set under my upload and download speeds. I had 95% is this something I should set back or is this fine?

 

[Vexira]

Thanks for this, just stumbled across it after having the FreshJR QoS on my Asus router. I've just upgraded and it seems to be pretty smooth so far. Just so I know if I customise my QOS categories I currently have WFH, Gaming, Others, Web Surfing, Video & Audio streaming, LFH, and file transferring in the last place. Is this pretty well correct or should categories be shuffled around? Thanks.

I've also got 100% of my bandwidth set under my upload and download speeds. I had 95% is this something I should set back or is this fine?

Use 95% it's how you are supposed to set it.

 

[josh3003]

Use 95% it's how you are supposed to set it.

Thanks,

How about the categories?

 

[dave14305]

Thanks,

How about the categories?

They are fine. Just leave LFH lower than Streaming.

 

[josh3003]

They are fine. Just leave LFH lower than Streaming.

Which it is, it is before file transfer which is last. LFH being 2nd last

 

[QuikSilver]

I think everyone on this forum (including myself) has a bit of OCD, or we wouldnt spend hours tweaking a damn router.. or maybe we need hobbies?

 

[Theliel]

After many problems with Asus QoS I have chosen to give FlexQoS a chance. I have been able to solve some problems that I had, but I see that it does not finish classifying the traffic correctly... or so i think. My IPTV is broadcast in multicast by the ISP in VOD, and Unicast for Live TV. In both cases they use standard MPEG-TS streams.

1. It is an MPEG-TS streams, it seems to me curious that Asus does not classify it directly as Video and Audio Streaming class

2. When broadcast in multicast, the QoS gui gets messed up, the Local IP that appears is the source IP of the multicast stream, and the remote IP is the multicast group address. In my understanding it should be the opposite, the remote IP will be the broadcast IP. The IP does not appear in the drop-down either, although at least it allows filtering directly by the IP in the remote / local fields. Note that my Local network is 192.168.2.0/24, 172.16.0.0/16 is ISP private Network to broadcast the TV content.

3. In either case, I have added a custom rule to classify specific traffic, and classify at Video and Audio Streaming. Indeed, the "Untracked" label of the connection now changes from blue to the Video and Audio color, but in the graphs it can be seen perfectly that the traffic is still categorized as "Others" (It is a stream of about 6-7Mbps)

 

[dave14305]

3. In either case, I have added a custom rule to classify specific traffic, and classify at Video and Audio Streaming. Indeed, the "Untracked" label of the connection now changes from blue to the Video and Audio color, but in the graphs it can be seen perfectly that the traffic is still categorized as "Others" (It is a stream of about 6-7Mbps)

What output do you get from running this command in SSH?

tc filter show dev br0 | grep -B1 8004000

There are Asus issues with QoS on some AX routers on 384.19. You may have stale tc filter rules that only a reboot will resolve. Not sure yet.

The output of flexqos debug would also help confirm your setup.

 

[Theliel]

What output do you get from running this command in SSH?

tc filter show dev br0 | grep -B1 8004000

There are Asus issues with QoS on some AX routers on 384.19. You may have stale tc filter rules that only a reboot will resolve. Not sure yet.

The output of flexqos debug would also help confirm your setup.

Thank @dave14305

Some more test and finding:

1º. Bug? At least in the firewall-start, entry by FlexQoS. Im using my own stuff on firewall-start script, and FlexQoS entry is added directly in the final line, not in a new line. I probably didn't add a new line after the last one, and FlexQoS concatenated it directly. I have noticed because after reboot the FlexQoS gui was not loading and my last entry in the script was not running either. Easy solution, just adding a newline at the end of mine

2º. Bug? Like some others, I need a new "flexqos -check" after each reboot (about 1 minute later than the last one executed by flexqos) or rules dont work properly

3º. Now, my rules:
My VOD traffic (unicast) is not classify or not show in the FlexQoS gui. Is marked fine in the bottom list (like preview capture, yellow "untracked" tag"), but it is not "added" to any category in flexQoS gui total size or counters, neither to "others" nor to Voice / Video. Curiosly, In the "Classification" tab, the traffic can be seen in "Other" counter, but total traffic is not increased.

My LiveTV traffic (multicast) is completely a ghost, I can see it in the connection list of the FlexQoS interface too with the right tag, but it does not appear in any tab, in any counter. It doesn't even show up in the Bandwidth Monitor. Could it be because Asus IGMP Proxy adds the rule in iptables to directly allow traffic destined for 224.0.0.0/4?

tc filter show dev br0 | grep -B1 8004000
filter parent 1: protocol all pref 7 u32 fh 806::800 order 2048 key ht 806 bkt 0 flowid 1:12
  mark 0x80040000 0xc03f0000 (success 947)
filter parent 1: protocol all pref 7 u32 fh 806::801 order 2049 key ht 806 bkt 0 flowid 1:17
  mark 0x80040000 0xc03f0000 (success 0)

Spoiler: FlexQoS Debug

FlexQoS v1.0.0 released 2020-08-08

Debug:

Log date: 2020-09-05 21:45:20+0200
Router Model: RT-AX58U
Firmware Ver: 384.19_0
tc WAN iface: eth4
Undf Prio: 2
Undf FlowID: 1:14
Classes Present: 8
Down Band: 98304
Up Band  : 96256
***********
Net Control: 1:10
Work-From-Home: 1:13
Gaming: 1:11
Others: 1:14
Web Surfing: 1:15
Streaming: 1:12
File Downloads: 1:16
Game Downloads: 1:17
***********
Downrates: 4915, 14745, 29491, 19660, 9830, 9830, 4915, 4915
Downceils: 98304, 98304, 98304, 98304, 98304, 98304, 98304, 98304
Downbursts: 4798b, 23995b, 11191b, 4797b, 4797b, 3197b, 3197b, 3197b
DownCbursts: 121552b, 121552b, 121552b, 121552b, 121552b, 121552b, 121552b, 121552b
DownQuantums: default, default, 368637, 245750, default, default, default, default
***********
Uprates: 4812, 14438, 9625, 19251, 28876, 9625, 4812, 4812
Upceils: 96256, 96256, 96256, 96256, 96256, 96256, 96256, 96256
Upbursts: 4797b, 23995b, 11196b, 4793b, 4793b, 3196b, 3198b, 3198b
UpCbursts: 119959b, 119959b, 119959b, 119959b, 119959b, 119959b, 119959b, 119959b
UpQuantums: default, default, default, 240637, 360950, default, default, default
***********
iptables settings: <>>udp>>500,4500>>3<>>udp>16384:16415>>>3<>>tcp>>119,563>>5<>>tcp>>80,443>08****>7<>172.16.0.0/12>udp>>>000000>2<172.16.0.0/12>>udp>>>000000>2
-o br0 -p udp -m multiport --sports 500,4500 -j MARK --set-mark 0x80060001
-o eth4 -p udp -m multiport --dports 500,4500 -j MARK --set-mark 0x40060001
-o br0 -p udp --dport 16384:16415 -j MARK --set-mark 0x80060001
-o eth4 -p udp --sport 16384:16415 -j MARK --set-mark 0x40060001
-o br0 -p tcp -m multiport --sports 119,563 -j MARK --set-mark 0x80030001
-o eth4 -p tcp -m multiport --dports 119,563 -j MARK --set-mark 0x40030001
-o br0 -p tcp -m multiport --sports 80,443 -m mark --mark 0x80080000/0xc03f0000 -j MARK --set-mark 0x803f0001
-o eth4 -p tcp -m multiport --dports 80,443 -m mark --mark 0x40080000/0xc03f0000 -j MARK --set-mark 0x403f0001
-o br0 -s 172.16.0.0/12 -p udp -m mark --mark 0x80000000/0xc03fffff -j MARK --set-mark 0x80040001
-o eth4 -d 172.16.0.0/12 -p udp -m mark --mark 0x40000000/0xc03fffff -j MARK --set-mark 0x40040001
-o br0 -d 172.16.0.0/12 -p udp -m mark --mark 0x80000000/0xc03fffff -j MARK --set-mark 0x80040001
-o eth4 -s 172.16.0.0/12 -p udp -m mark --mark 0x40000000/0xc03fffff -j MARK --set-mark 0x40040001
***********
appdb rules: <000000>6<00006B>6<0D0007>5<0D0086>5<0D00A0>5<12003F>4<13****>4<14****>4<1A****>5
filter change dev br0 prio 2 protocol all handle 827::800 u32 flowid 1:14
filter change dev eth4 prio 2 protocol all handle 827::800 u32 flowid 1:14
filter add dev br0 protocol all prio 2 u32 match mark 0x8000006B 0xc03fffff flowid 1:14
filter add dev eth4 protocol all prio 2 u32 match mark 0x4000006B 0xc03fffff flowid 1:14
filter add dev br0 protocol all prio 15 u32 match mark 0x800D0007 0xc03fffff flowid 1:16
filter add dev eth4 protocol all prio 15 u32 match mark 0x400D0007 0xc03fffff flowid 1:16
filter add dev br0 protocol all prio 15 u32 match mark 0x800D0086 0xc03fffff flowid 1:16
filter add dev eth4 protocol all prio 15 u32 match mark 0x400D0086 0xc03fffff flowid 1:16
filter add dev br0 protocol all prio 15 u32 match mark 0x800D00A0 0xc03fffff flowid 1:16
filter add dev eth4 protocol all prio 15 u32 match mark 0x400D00A0 0xc03fffff flowid 1:16
filter add dev br0 protocol all prio 20 u32 match mark 0x8012003F 0xc03fffff flowid 1:15
filter add dev eth4 protocol all prio 20 u32 match mark 0x4012003F 0xc03fffff flowid 1:15
filter change dev br0 prio 22 protocol all handle 802::800 u32 flowid 1:15
filter change dev eth4 prio 22 protocol all handle 802::800 u32 flowid 1:15
filter change dev br0 prio 23 protocol all handle 804::800 u32 flowid 1:15
filter change dev eth4 prio 23 protocol all handle 804::800 u32 flowid 1:15
filter change dev br0 prio 2 protocol all handle 827::802 u32 flowid 1:16
filter change dev eth4 prio 2 protocol all handle 827::802 u32 flowid 1:16

At least, the TTL/SSL traffic is not more in network control class, so my downloads dont kill my IPTV

 

[dave14305]

2º. Bug? Like some others, I need a new "flexqos -check" after each reboot (about 1 minute later than the last one executed by flexqos) or rules dont work properly

Post a syslog that includes an example of this. Thanks.

I can look at the newline issue. Multicast is probably beyond my ability to test since I don’t have such a setup. But if it works on Merlin’s Classification tab, but not FlexQoS then I might have something I can look at.

 

[Livin]

Just installed FlexQOS but dont see anything explaining if we need to turn off, or set something specific in the native QOS tab?

 

[dave14305]

Just installed FlexQOS but dont see anything explaining if we need to turn off, or set something specific in the native QOS tab?

See if the docs on github address your thirst for knowledge.

FlexQoS/README.md at master · dave14305/FlexQoS

FlexQoS - Flexible QoS Enhancement Script for Adaptive QoS on ASUSWRT-Merlin - dave14305/FlexQoS

github.com

 

[dave14305]

Version 1.0.1 released on this fine Labor Day (before I forget how to use git).

• NEW: Added ability to set custom iptables rule names (27 char max)
• NEW: Added ability to force update when switching branches (@maghuro)
• NEW: WebUI appdb search will pre-fill Class with original Class value
• NEW: Added bandwidth utilization meters per class
• CHANGED: Reduced the number of slow tc calls
• CHANGED: Improved appdb and iptables rule validation during start and check functions
• CHANGED: Flush conntrack table by default (disable with flexqos noflushct)
• CHANGED: Simplified Tracked Connections sorting code by adopting Merlin's approach
• CHANGED: Increased webui Apply wait time from 15-30 seconds since QoS can be slow to initialize
• FIXED: Renamed VoIP to Work-From-Home in appdb CLI output

Update via amtm or flexqos update. If you were testing the develop branch, it may be wiser to now switch back to stable with flexqos stable.

If you have made a backup of your rules, it would be a good idea to back them up again after you fix the new iptables rule names in the WebUI, so that the names become part of the backup file.

This was a long time coming from the 1.0.0 release, so there may have been bugs I forgot to fix, or didn't notice I added. Appreciate your feedback!

 

[andresmorago]

Version 1.0.1 released on this fine Labor Day (before I forget how to use git).

• NEW: Added ability to set custom iptables rule names (27 char max)
• NEW: Added ability to force update when switching branches (@maghuro)
• NEW: WebUI appdb search will pre-fill Class with original Class value
• NEW: Added bandwidth utilization meters per class
• CHANGED: Reduced the number of slow tc calls
• CHANGED: Improved appdb and iptables rule validation during start and check functions
• CHANGED: Flush conntrack table by default (disable with flexqos noflushct)
• CHANGED: Simplified Tracked Connections sorting code by adopting Merlin's approach
• CHANGED: Increased webui Apply wait time from 15-30 seconds since QoS can be slow to initialize
• FIXED: Renamed VoIP to Work-From-Home in appdb CLI output

Update via amtm or flexqos update. If you were testing the develop branch, it may be wiser to now switch back to stable with flexqos stable.

If you have made a backup of your rules, it would be a good idea to back them up again after you fix the new iptables rule names in the WebUI, so that the names become part of the backup file.

This was a long time coming from the 1.0.0 release, so there may have been bugs I forgot to fix, or didn't notice I added. Appreciate your feedback!

thanks dave.
im running the develop branch.
should i first go to stable branch and then update? will i lose the develop setting when going back to stable?
i currently have both develop and stable backups on file.

EDIT:
just ran flexqos stable and worked well

 

[Morris]

Version 1.0.1 released on this fine Labor Day (before I forget how to use git).

• NEW: Added ability to set custom iptables rule names (27 char max)
• NEW: Added ability to force update when switching branches (@maghuro)
• NEW: WebUI appdb search will pre-fill Class with original Class value
• NEW: Added bandwidth utilization meters per class
• CHANGED: Reduced the number of slow tc calls
• CHANGED: Improved appdb and iptables rule validation during start and check functions
• CHANGED: Flush conntrack table by default (disable with flexqos noflushct)
• CHANGED: Simplified Tracked Connections sorting code by adopting Merlin's approach
• CHANGED: Increased webui Apply wait time from 15-30 seconds since QoS can be slow to initialize
• FIXED: Renamed VoIP to Work-From-Home in appdb CLI output

Update via amtm or flexqos update. If you were testing the develop branch, it may be wiser to now switch back to stable with flexqos stable.

If you have made a backup of your rules, it would be a good idea to back them up again after you fix the new iptables rule names in the WebUI, so that the names become part of the backup file.

This was a long time coming from the 1.0.0 release, so there may have been bugs I forgot to fix, or didn't notice I added. Appreciate your feedback!

Thank you Dave,

Glad to see you implemented my suggestion to name rules. It will keep things in order.
The bar graph is real nice as it makes it possible to see what is happening in a glance.

Upgrade went smoothly and I've observed no issues.

Morris

 

[dave14305]

thanks dave.
im running the develop branch.
should i first go to stable branch and then update? will i lose the develop setting when going back to stable?
i currently have both develop and stable backups on file.

Switching to stable should update automatically to the latest stable version (now 1.0.1).