Good point. We definitely don't want to do that.
FlexQoS FlexQoS 1.0 - Flexible QoS Enhancement Script for Adaptive QoS
- Thread starter dave14305
- Start date
Good point. We definitely don't want to do that.
Asus classifies first so only applications that they don't recognize would match. If someone finds an application that dose get classified by Asus and is HTTP over TLS/SSL it would need to be addressed. I have not seen this on my network. Furthermore, it would only matter if the application users a lot of bandwidth. If you see a way to address this better I'm all ears.
As of right now ive given up on flex and trying out cake. This is more then likely user-error, But I have 3 nvidia shields in the house (seldom used at same time). Doesnt seem to matter how I set streaming as the highest priority, if I start a download on a computer
(that i set as lowest). The download will consume all bandwidth.
(that i set as lowest). The download will consume all bandwidth.
brummygit
Very Senior Member
I'm trying to work out what I'm seeing in the connection tracking lists of both FlexQoS and the normal Classification tabs of the gui. I had a suspicion that I was seeing old connections which no longer existed so I have tried the following:
- Checked the connection list on the FlexQoS page with a filter on my laptop IP address - I see lots of connections
- Shutdown & powered off my laptop
- Waited a few mins (didn't measure but probably 2-3 mins)
- Ran conntrack -F
- I still see lots of connections in the FlexQoS and Classification tabs
- Checked the Connections tab of the System Log page filtered by my laptop IP address - there are no active connections listed
- Navigated to the FlexQoS connections list and scratched my head for a few minutes
- Magically the entries disappeared - somewhere 5-10 mins after my laptop was shut down
It comes from closed-source components, but the list is in /proc/bw_cte_dump (bwdpi related). Separate from conntrack.
Yes you are seeing old connections and it can be confusing.
brummygit
Very Senior Member
Thanks, that means I need to be careful when looking for where my traffic comes from as things may be waiting for the list to decay. Useful info
I agree Dave and we can't fix what's broken and the more I look the more I find. To get Asus to fix things requires reporting on there firmware so ether two routers or going back and forth.
QuikSilver
Very Senior Member
If you ever come back to flex....it sound like you might not have your QOS settings adjusted correctly. Whats your upload/download speed? What do you have set in those fields? Provide some screenshots and we can try to help.
Kanji-San
Regular Contributor
@dave14305 I am very thankful that you took over the development of FreshJr's QoS script and continue as FlexQOS I switched from FreshJr's version to yours today and observed that game downloads are not correctly classified. They are in the Gaming instead of the Game Downloading (Learn-From-Home) category. This is a bit a problem since Gaming has a very high priority and Game Downloading the lowest in my setup.
I browsed this thread and it seems like this very same issue was brought up at least twice by @pdc and @raion969.
I am coming from an RT-AC68U with FreshJr QoS and now migrated to RT-AX88U with FlexQoS. It's a bit confusing that the categories have changed: Learn-From-Home is the old Game Transferring and Work-From-Home is the former VoIP and Messaging categories. I hope I got that right.
With FreshJR QoS, game downloads from my Playstation 4 (Mark 08008E) landed in Game Transferring and online gaming in the high-priority Gaming category. Btw, I did fix the 433 bug in FreshJr's script.
When I installed your script, I left everything at default, even did a reset of the iptables Rules and AppDB Redirection Rules as you suggested before without any effect.
I thought that the default iptable rule for 80,443 08**** would reclassify these game downloads correctly but somehow this does not seem to work.
I attached several screenshots of my configuration. Could you please take a look if I made a mistake? If not, how come this traffic is not correctly classified?
Thank you very much for your help!
I switched from FreshJr's version to yours today and observed that game downloads are not correctly classified. They are in the Gaming instead of the Game Downloading (Learn-From-Home) category. This is a bit a problem since Gaming has a very high priority and Game Downloading the lowest in my setup.I browsed this thread and it seems like this very same issue was brought up at least twice by @pdc and @raion969.
I am coming from an RT-AC68U with FreshJr QoS and now migrated to RT-AX88U with FlexQoS. It's a bit confusing that the categories have changed: Learn-From-Home is the old Game Transferring and Work-From-Home is the former VoIP and Messaging categories. I hope I got that right.
With FreshJR QoS, game downloads from my Playstation 4 (Mark 08008E) landed in Game Transferring and online gaming in the high-priority Gaming category. Btw, I did fix the 433 bug in FreshJr's script.
When I installed your script, I left everything at default, even did a reset of the iptables Rules and AppDB Redirection Rules as you suggested before without any effect.
I thought that the default iptable rule for 80,443 08**** would reclassify these game downloads correctly but somehow this does not seem to work.
I attached several screenshots of my configuration. Could you please take a look if I made a mistake? If not, how come this traffic is not correctly classified?
Thank you very much for your help!
Kanji-San
Regular Contributor
@dave14305 Some debugging output:
Code:
FlexQoS v0.9.6 released 2020-07-28
Debug:
Log date: 2020-08-07 12:33:44-0700
Router Model: RT-AX88U
Firmware Ver: 384.19_beta1
tc WAN iface: eth0
Undf Prio: 2
Undf FlowID: 1:14
Classes Present: 8
Down Band: 94208
Up Band : 94208
***********
Net Control = 1:10
Work-From-Home = 1:12
Gaming = 1:11
Others = 1:13
Web Surfing = 1:14
Streaming = 1:15
Downloads = 1:16
Defaults = 1:17
***********
Downrates -- 4710, 14131, 18841, 9420, 9420, 28262, 4710, 4710
Downceils -- 94208, 94208, 94208, 94208, 94208, 94208, 94208, 94208
Downbursts -- 4798b, 22394b, 11193b, 4793b, 3196b, 3196b, 3198b, 3198b
DownCbursts -- 116759b, 116759b, 116759b, 116759b, 116759b, 116759b, 116759b, 116759b
DownQuantums -- default, default, 235512, default, default, 353275, default, default
***********
Uprates -- 4710, 14131, 18841, 28262, 9420, 9420, 4710, 4710
Upceils -- 94208, 94208, 94208, 94208, 94208, 94208, 94208, 94208
Upbursts -- 4798b, 22394b, 11193b, 4797b, 3193b, 3196b, 3198b, 3198b
UpCbursts -- 116759b, 116759b, 116759b, 116759b, 116759b, 116759b, 116759b, 116759b
UpQuantums -- default, default, 235512, 353275, default, default, default, default
iptables settings: <>>udp>>500,4500>>3<>>udp>16384:16415>>>3<>>tcp>>119,563>>5<>>tcp>>80,443>08****>7
iptables -D POSTROUTING -t mangle -o br0 -p udp -m multiport --sports 500,4500 -j MARK --set-mark 0x80060001 >/dev/null 2>&1
iptables -A POSTROUTING -t mangle -o br0 -p udp -m multiport --sports 500,4500 -j MARK --set-mark 0x80060001
iptables -D POSTROUTING -t mangle -o eth0 -p udp -m multiport --dports 500,4500 -j MARK --set-mark 0x40060001 >/dev/null 2>&1
iptables -A POSTROUTING -t mangle -o eth0 -p udp -m multiport --dports 500,4500 -j MARK --set-mark 0x40060001
iptables -D POSTROUTING -t mangle -o br0 -p udp --dport 16384:16415 -j MARK --set-mark 0x80060001 >/dev/null 2>&1
iptables -A POSTROUTING -t mangle -o br0 -p udp --dport 16384:16415 -j MARK --set-mark 0x80060001
iptables -D POSTROUTING -t mangle -o eth0 -p udp --sport 16384:16415 -j MARK --set-mark 0x40060001 >/dev/null 2>&1
iptables -A POSTROUTING -t mangle -o eth0 -p udp --sport 16384:16415 -j MARK --set-mark 0x40060001
iptables -D POSTROUTING -t mangle -o br0 -p tcp -m multiport --sports 119,563 -j MARK --set-mark 0x80030001 >/dev/null 2>&1
iptables -A POSTROUTING -t mangle -o br0 -p tcp -m multiport --sports 119,563 -j MARK --set-mark 0x80030001
iptables -D POSTROUTING -t mangle -o eth0 -p tcp -m multiport --dports 119,563 -j MARK --set-mark 0x40030001 >/dev/null 2>&1
iptables -A POSTROUTING -t mangle -o eth0 -p tcp -m multiport --dports 119,563 -j MARK --set-mark 0x40030001
iptables -D POSTROUTING -t mangle -o br0 -p tcp -m multiport --sports 80,443 -m mark --mark 0x80080000/0xc03f0000 -j MARK --set-mark 0x803f0001 >/dev/null 2>&1
iptables -A POSTROUTING -t mangle -o br0 -p tcp -m multiport --sports 80,443 -m mark --mark 0x80080000/0xc03f0000 -j MARK --set-mark 0x803f0001
iptables -D POSTROUTING -t mangle -o eth0 -p tcp -m multiport --dports 80,443 -m mark --mark 0x40080000/0xc03f0000 -j MARK --set-mark 0x403f0001 >/dev/null 2>&1
iptables -A POSTROUTING -t mangle -o eth0 -p tcp -m multiport --dports 80,443 -m mark --mark 0x40080000/0xc03f0000 -j MARK --set-mark 0x403f0001
appdb rules: <000000>6<00006B>6<0D0007>5<0D0086>5<0D00A0>5<12003F>4<13****>4<14****>4<1A****>5
realtc filter change dev br0 prio 2 protocol all handle 827::800 u32 flowid 1:13
realtc filter change dev eth0 prio 2 protocol all handle 827::800 u32 flowid 1:13
realtc filter add dev br0 protocol all prio 2 u32 match mark 0x8000006B 0xc03fffff flowid 1:13
realtc filter add dev eth0 protocol all prio 2 u32 match mark 0x4000006B 0xc03fffff flowid 1:13
realtc filter add dev br0 protocol all prio 15 u32 match mark 0x800D0007 0xc03fffff flowid 1:16
realtc filter add dev eth0 protocol all prio 15 u32 match mark 0x400D0007 0xc03fffff flowid 1:16
realtc filter add dev br0 protocol all prio 15 u32 match mark 0x800D0086 0xc03fffff flowid 1:16
realtc filter add dev eth0 protocol all prio 15 u32 match mark 0x400D0086 0xc03fffff flowid 1:16
realtc filter add dev br0 protocol all prio 15 u32 match mark 0x800D00A0 0xc03fffff flowid 1:16
realtc filter add dev eth0 protocol all prio 15 u32 match mark 0x400D00A0 0xc03fffff flowid 1:16
realtc filter add dev br0 protocol all prio 20 u32 match mark 0x8012003F 0xc03fffff flowid 1:14
realtc filter add dev eth0 protocol all prio 20 u32 match mark 0x4012003F 0xc03fffff flowid 1:14
realtc filter change dev br0 prio 22 protocol all handle 802::800 u32 flowid 1:14
realtc filter change dev eth0 prio 22 protocol all handle 802::800 u32 flowid 1:14
realtc filter change dev br0 prio 23 protocol all handle 804::800 u32 flowid 1:14
realtc filter change dev eth0 prio 23 protocol all handle 804::800 u32 flowid 1:14
realtc filter change dev br0 prio 2 protocol all handle 827::802 u32 flowid 1:16
realtc filter change dev eth0 prio 2 protocol all handle 827::802 u32 flowid 1:16
realtc class change dev br0 parent 1:1 classid 1:10 htb overhead 4 linklayer ethernet prio 0 rate 4710Kbit ceil 94208Kbit burst 4798b cburst 116759b
realtc class change dev br0 parent 1:1 classid 1:11 htb overhead 4 linklayer ethernet prio 1 rate 14131Kbit ceil 94208Kbit burst 22394b cburst 116759b
realtc class change dev br0 parent 1:1 classid 1:12 htb overhead 4 linklayer ethernet prio 2 rate 18841Kbit ceil 94208Kbit burst 11193b cburst 116759b quantum 235512
realtc class change dev br0 parent 1:1 classid 1:13 htb overhead 4 linklayer ethernet prio 3 rate 9420Kbit ceil 94208Kbit burst 4793b cburst 116759b
realtc class change dev br0 parent 1:1 classid 1:14 htb overhead 4 linklayer ethernet prio 4 rate 9420Kbit ceil 94208Kbit burst 3196b cburst 116759b
realtc class change dev br0 parent 1:1 classid 1:15 htb overhead 4 linklayer ethernet prio 5 rate 28262Kbit ceil 94208Kbit burst 3196b cburst 116759b quantum 353275
realtc class change dev br0 parent 1:1 classid 1:16 htb overhead 4 linklayer ethernet prio 6 rate 4710Kbit ceil 94208Kbit burst 3198b cburst 116759b
realtc class change dev br0 parent 1:1 classid 1:17 htb overhead 4 linklayer ethernet prio 7 rate 4710Kbit ceil 94208Kbit burst 3198b cburst 116759b
realtc class change dev eth0 parent 1:1 classid 1:10 htb overhead 4 linklayer ethernet prio 0 rate 4710Kbit ceil 94208Kbit burst 4798b cburst 116759b
realtc class change dev eth0 parent 1:1 classid 1:11 htb overhead 4 linklayer ethernet prio 1 rate 14131Kbit ceil 94208Kbit burst 22394b cburst 116759b
realtc class change dev eth0 parent 1:1 classid 1:12 htb overhead 4 linklayer ethernet prio 2 rate 18841Kbit ceil 94208Kbit burst 11193b cburst 116759b quantum 235512
realtc class change dev eth0 parent 1:1 classid 1:13 htb overhead 4 linklayer ethernet prio 3 rate 28262Kbit ceil 94208Kbit burst 4797b cburst 116759b quantum 353275
realtc class change dev eth0 parent 1:1 classid 1:14 htb overhead 4 linklayer ethernet prio 4 rate 9420Kbit ceil 94208Kbit burst 3193b cburst 116759b
realtc class change dev eth0 parent 1:1 classid 1:15 htb overhead 4 linklayer ethernet prio 5 rate 9420Kbit ceil 94208Kbit burst 3196b cburst 116759b
realtc class change dev eth0 parent 1:1 classid 1:16 htb overhead 4 linklayer ethernet prio 6 rate 4710Kbit ceil 94208Kbit burst 3198b cburst 116759b
realtc class change dev eth0 parent 1:1 classid 1:17 htb overhead 4 linklayer ethernet prio 7 rate 4710Kbit ceil 94208Kbit burst 3198b cburst 116759bfilter parent 1: protocol all pref 11 u32 fh 805::800 order 2048 key ht 805 bkt 0 flowid 1:11 (rule hit 20495070 success 19349792)
mark 0x80080000 0xc03f0000 (success 19349792)
filter parent 1: protocol all pref 11 u32 fh 805::801 order 2049 key ht 805 bkt 0 flowid 1:11 (rule hit 1145115 success 0)
mark 0x80080000 0xc03f0000 (success 0)
filter parent 1: protocol all pref 11 u32 fh 805::802 order 2050 key ht 805 bkt 0 flowid 1:11 (rule hit 214504 success 0)
mark 0x80080000 0xc03f0000 (success 0)
filter parent 1: protocol all pref 11 u32 fh 805::803 order 2051 key ht 805 bkt 0 flowid 1:11 (rule hit 149620 success 0)
mark 0x80080000 0xc03f0000 (success 0)
filter parent 1: protocol all pref 11 u32 fh 805::804 order 2052 key ht 805 bkt 0 flowid 1:11 (rule hit 149100 success 0)
mark 0x80080000 0xc03f0000 (success 0)
filter parent 1: protocol all pref 11 u32 fh 805::805 order 2053 key ht 805 bkt 0 flowid 1:11 (rule hit 98131 success 0)
mark 0x80080000 0xc03f0000 (success 0)
mark 0x80080000 0xc03f0000 (success 19349792)
filter parent 1: protocol all pref 11 u32 fh 805::801 order 2049 key ht 805 bkt 0 flowid 1:11 (rule hit 1145115 success 0)
mark 0x80080000 0xc03f0000 (success 0)
filter parent 1: protocol all pref 11 u32 fh 805::802 order 2050 key ht 805 bkt 0 flowid 1:11 (rule hit 214504 success 0)
mark 0x80080000 0xc03f0000 (success 0)
filter parent 1: protocol all pref 11 u32 fh 805::803 order 2051 key ht 805 bkt 0 flowid 1:11 (rule hit 149620 success 0)
mark 0x80080000 0xc03f0000 (success 0)
filter parent 1: protocol all pref 11 u32 fh 805::804 order 2052 key ht 805 bkt 0 flowid 1:11 (rule hit 149100 success 0)
mark 0x80080000 0xc03f0000 (success 0)
filter parent 1: protocol all pref 11 u32 fh 805::805 order 2053 key ht 805 bkt 0 flowid 1:11 (rule hit 98131 success 0)
mark 0x80080000 0xc03f0000 (success 0)
First is to see if any traffic is really matching the Game Downloads rule:
Code:
iptables -t mangle -nvL POSTROUTING
Code:
tc -s filter show dev br0 | grep -B1 x803fKanji-San
Regular Contributor
Thanks for the quick reply. Here are the outputs:
Code:
>> iptables -t mangle -nvL POSTROUTING
Chain POSTROUTING (policy ACCEPT 326K packets, 199M bytes)
pkts bytes target prot opt in out source destination
81 13500 MARK udp -- * br0 0.0.0.0/0 0.0.0.0/0 multiport sports 500,4500 MARK set 0x80060001
392 31554 MARK udp -- * eth0 0.0.0.0/0 0.0.0.0/0 multiport dports 500,4500 MARK set 0x40060001
0 0 MARK udp -- * br0 0.0.0.0/0 0.0.0.0/0 udp dpts:16384:16415 MARK set 0x80060001
0 0 MARK udp -- * eth0 0.0.0.0/0 0.0.0.0/0 udp spts:16384:16415 MARK set 0x40060001
0 0 MARK tcp -- * br0 0.0.0.0/0 0.0.0.0/0 multiport sports 119,563 MARK set 0x80030001
0 0 MARK tcp -- * eth0 0.0.0.0/0 0.0.0.0/0 multiport dports 119,563 MARK set 0x40030001
630 74390 MARK tcp -- * br0 0.0.0.0/0 0.0.0.0/0 multiport sports 80,443 mark match 0x80080000/0xc03f0000 MARK set 0x803f0001
1068 79876 MARK tcp -- * eth0 0.0.0.0/0 0.0.0.0/0 multiport dports 80,443 mark match 0x40080000/0xc03f0000 MARK set 0x403f0001
Code:
>> tc -s filter show dev br0 | grep -B1 x803f
filter parent 1: protocol all pref 10 u32 fh 81d::802 order 2050 key ht 81d bkt 0 flowid 1:16 (rule hit 28339873 success 7798400)
mark 0x803f0001 0xc03fffff (success 7798400)Mechanically, the necessary pieces are there. What other connections are listed as Gaming when you see the high rate in Gaming? I think this is more likely to be a classification issue by Trend Micro.
Is there a reason you don't have a Gaming rule for the PS4 to ensure its traffic is marked as Gaming?
- Local IP/CIDR: 192.168.1.100 (use PS4 IP address)
- Remote IP/CIDR: blank
- Proto: BOTH
- Local Port: blank
- Remote Port: !80,443
- Mark: 000000
- Class: Gaming
Then re-create the Game Downloads rule to appear after the PS4 gaming rule in the iptables rules list.
And did you recently move the Learn-From-Home up in priority since your first post? It shows as 1:16 instead of 1:17 now.
Kanji-San
Regular Contributor
There are no other connections listed under Gaming except from the PS4 (see screenshot in original post).
Before, there was no need to have an extra rule for my PS4 however I just compared my old FreshJR QoS configuration with the FlexQoS and it seems like there was rule !80,443 (first in the list below) which is now missing from the default setup:
No, I did not move the Learn-From-Home category up since my first post.
You’re only showing 3 of 400+ connections in your screenshot. I’m looking for connections in Orange.
Since the IP wasn’t populated in FreshJR, it wasn’t migrated.
Can you post the file /tmp/bwdpi/qosd.conf ? Something is odd. Are you also still running FreshJR at the same time?
Kanji-San
Regular Contributor
I have never installed FreshJR on this new router (AX88). The screenshot was from the old router (AC68).
All these screenshots are from the new router with FlexQoS.
I changed the iprules tables:
Started a new PS4 game download:
The traffic has now moved to File Transferring!
Out of the total 368 connections, these 49 belong to the PS4 downloading. All of the traffic is accounted in the File Transferring category although there are plenty of connections in the Game Transferring category. How come?
Kanji-San
Regular Contributor
Code:
>> cat /tmp/bwdpi/qosd.conf
ceil_down=11776.000kbps
ceil_up=11776.000kbps
[0, 5%]
rule=18
rule=19
rule=9
rule=20
[1, 20%]
rule=8
[2, 10%]
rule=0
rule=5
rule=6
rule=15
rule=17
[3, 5%]
rule=7
rule=10
rule=11
rule=21
rule=23
[4, 4%]
rule=28
rule=29
rule=30
rule=31
rule=32
rule=33
rule=34
rule=35
rule=36
rule=37
rule=38
rule=39
rule=40
rule=41
rule=42
rule=43
rule=13
rule=24
[5, 3%]
rule=12
rule=4
[6, 2%]
rule=1
rule=3
rule=14
[7, 1%]
rule=4
rule=13
{0}
{1}
{2}
fam=1
fam=2
fam=3
fam=4
fam=5
fam=6
fam=7
fam=8
{3}
fam=na
{4}Kanji-San
Regular Contributor
What I don't understand is that in the tracked connections list there are two categories HTTP Protocol over TLS SSL (light blue) and Sony Playstation (brown) however the traffic is in the File Transferring (dark blue) category which does not even show up in the list for the PS4. Shouldn't the colors match?
And which rule move the PS4 traffic into the File Transferring category?
Is this statement about 384.15 right, or do I need 384.18 or higher as stated in the GitHub text?
Also, I currently have FreshJR QOS, but today on a Zoom call, my connection was stuttering. Would Flexible QoS fix that problem?
Similar threads
- Locked
Similar threads
Similar threads
-
FlexQoS FlexQoS 1.4.3 - Flexible QoS Enhancement Script for Adaptive QoS
- Started by dave14305
- Replies: 23
-
CAKEQOS/FLEXQOS Advise/Guidance/Best Practice
- Started by marcd5123
- Replies: 34
-
-
FlexQoS FlexQoS - Setting up a Multicast IPTV box- Started by poolbeetse7en
- Replies: 9
-
-
FlexQoS FlexQOS faulty insstallation instruction
- Started by Squall Leonhart
- Replies: 21
-
CakeQOS GT-AX11000 with 1.5gbit symmetrical fibre internet and QoS
- Started by dusan78
- Replies: 6
-
Tune flex qos speed to vpn or with out vpn enabled. Need the specifics.- Started by Jack-Sparr0w
- Replies: 5
-
CakeQOS Problem with Zoom sent video quality (Cake QoS is a solution, but why?)
- Started by Tom K.
- Replies: 8
-
[SOLVED] Turned off outbound filtering and qos for upload still incredibly slow upload speeds?
- Started by androsynth96
- Replies: 24
Latest threads
-
-
Gt-axe16000 good upgrade from AX-86U?
- Started by Mamba24
- Replies: 1
-
Please add Asuswrt-merlin to GT-BE98 (Non-pro) version
- Started by kaotic2499
- Replies: 5
-
Corrupted router specific partition on AX88U
- Started by nomad_surfer
- Replies: 1
-
Support SNBForums w/ Amazon
If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!
Sign Up For SNBForums Daily Digest
Get an update of what's new every day delivered to your mailbox. Sign up here!