What's new

Interaction between Cake-QOS and OpenVPN

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Find some hook to restart QoS once the VPN client is up. Outside of my expertise.

Thanks - got it based on the wiki:

Code:
admin@RT-AX86U-4168:/tmp/home/root# cat /jffs/scripts/openvpn-event
#!/bin/sh
service restart_qos

All works well now it seems.

By the way, did my calculation of WAN packet overhead of 53 as determined above look right to you?

Do you not think it would be fair to classify this experiment as a success? My bufferbloat seems to be well handled now, even up to 40/20 on my LTE 4G connection with VPN active:



I hope this thread might be helpful for anyone else in a similar boat to me.

Regarding the bandwidth sacrifice, sacrificing the 10-20 / 5 bandwidth in exchange for this stability seems OK. Perhaps I could squeeze yet more out of this though.

On that point, has anyone had much success with 'autorate-ingress' on an LTE connection I wonder?
 
Last edited:
Thanks all.

Am I correct in thinking the overhead as calculated above should be applied to both 'tun11' and 'br0'? I checked and the packet lengths are consistent when generated from ping commands from router and from entities connected to router. From router I get difference (137-84=53); from entities connected to router I get difference (113-60=53).

Should 'nat' be applied on 'tun11' and 'nonat' applied on 'br0'?

So to sum up, does:
qdisc cake 8014: dev br0 root refcnt 2 bandwidth 40960Kbit besteffort dual-dsthost nonat wash ingress no-ack-filter split-gso rtt 100ms noatm overhead 53
qdisc cake 8013: dev tun11 root refcnt 2 bandwidth 20480Kbit diffserv3 dual-srchost nat nowash no-ack-filter split-gso rtt 100ms noatm overhead 53
look right?

Finally, ought not really an ifb4tun11 interface to be created? That seems to be how it is done in SQM on OpenWRT. Or is there some benefit in working on br0? I notice that ping commands issues on router do not seem to appear on br0.
 
Last edited:
Hello,

I hope I can use this thread to add my question, because the topic is nearly the same, but from another point of view. :)
I would like to know if connected vpn clients (open vpn server running on router) which are transferring data from/to the home network and also use the home internet link (pppoe) for surfing/streaming are automatically included in cake, or if they could saturate the internet and there is manual interaction required to also include them in cakes internet up/down shaping. Does anybode know how to check or, if needed, how to configure it to do so? I read this thread but honestly only understand very little of it, seems it is primarily addressing the other way round, router connecting to a vpn server on the internet.

Thank you, best wishes,
chris
 

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top