Purchasing a router mainly for QoS

[Samz]

Hello everyone. I'm here seeking advice before making a new router purchase. I apologize if this is in the wrong section. I'm a networking novice so I ask you to please be patient with me.

I currently have an old Netgear 3500l v2 running the latest Tomato and while it has been extremely stable it just can't keep up with the free speed upgrades that my ISP has been giving me. With a very basic QoS enabled in Tomato it can only achieve 40Mbps. Disabling QoS lets the whole 90Mbps of my plan through. I need QoS running because at my home it is common for two people to stream HD Netflix at the same time while another is competitively gaming and even with 90Mbps the gamer isn't too happy when his ping spikes up to 300ms or so.

I have been reading about many new QoS features that I want to take advantage of such as Streamboost or fq_codel. Now that you know my situation what would you suggest for me? DD-WRT with fq_codel? OpenWRT instead? Gargoyle? Which router for each that can handle applying QoS to a 90Mbps connection? Or should I just avoid third party firmwares and buy the D-Link DGL-5500 ($75) or the Zyxel NBG6716 ($108) Streamboost routers?

I would like to keep the price around $100 or lower with a little wiggle room if it's warranted.

 

[System Error Message]

The best router aside from a fully featured linux/unix server OS or OS like pfsense is mikrotik routerOS. RouterOS lets configure QoS in more complicated ways and you can get a dual core PPC routerboard for around $100.

RouterOS lets you change the que algorithm, que type, que size, have que parents and when combined with the firewall lets you specify whether a que is applied to an interface, host or traffic type.

 

[Billy69]

B1 router works very well and it's cheap. www.b1router.com

 

[Laserburn]

Don't buy Mikrotik if you expect reliability and predicable behavior. I have a
RB2011UiAS-2HnD-IN and I had to find a script on a 3rd party website for QoS in a home network situation. It would randomly decide which was more important, bittorrent traffic or http. We had frequent problems with wireless clients, where the signal levels were fine, but traffic would stop flowing until a reboot was performed. If you're like me, and need reliable HTTP for the family, prioritized gaming traffic, and bittorrent not to wreck the whole network, Mikrotik is not the answer.

 

[stevech]

My experience with Mikrotik (brief) was that it's a science experiment.

 

[htismaqe]

Applying ingress QoS on a downstream link isn't the magic bullet router manufacturers make it out to be. For QoS to truly be effective, it needs to be applied on egress at a minimum, or best case, both ways.

You're not likely to have consistent, predictable results trying to apply downstream QoS to a consumer broadband connection, regardless of what model of router you use.

 

[Samz]

The best router aside from a fully featured linux/unix server OS or OS like pfsense is mikrotik routerOS. RouterOS lets configure QoS in more complicated ways and you can get a dual core PPC routerboard for around $100.

RouterOS lets you change the que algorithm, que type, que size, have que parents and when combined with the firewall lets you specify whether a que is applied to an interface, host or traffic type.

As I said, I'm a novice and while it might be very powerful it looks like a really bad idea for me. I do appreciate the recommendation though.

Applying ingress QoS on a downstream link isn't the magic bullet router manufacturers make it out to be. For QoS to truly be effective, it needs to be applied on egress at a minimum, or best case, both ways.

You're not likely to have consistent, predictable results trying to apply downstream QoS to a consumer broadband connection, regardless of what model of router you use.

I have seen this mentioned many times but I haven't had any problems with Tomato's QoS and a few basic rules. Even when my connection speed was only 16Mbps I was able to see only a few ms of raised ping in game with two HD Netflix streams purposely started at the same time while neither stream encountered buffering problems. Tomato's QoS is also doing it's job now but I'm forced to cap it down to 40Mbps because the router cannot handle applying QoS at higher speeds.

 

[System Error Message]

Don't buy Mikrotik if you expect reliability and predicable behavior. I have a
RB2011UiAS-2HnD-IN and I had to find a script on a 3rd party website for QoS in a home network situation. It would randomly decide which was more important, bittorrent traffic or http. We had frequent problems with wireless clients, where the signal levels were fine, but traffic would stop flowing until a reboot was performed. If you're like me, and need reliable HTTP for the family, prioritized gaming traffic, and bittorrent not to wreck the whole network, Mikrotik is not the answer.

I think your configuration must be wrong somewhere.

I use QoS using mikrotik even more deeply by applying it at L2 as well. So far it has worked very effectively for me without using bandwidth control and applying it into a mixed application consisting of high bandwidth and time sensitive stuff ruinng such as combining streaming (upload) with VOIP, file syncs and gaming(hosting and playing) all at the same time on a limited bandwidth. The key to using mikrotik routerOS is to have knowledge on the type of network you are trying to build. If you have absolutely no networking knowledge than there are some consumer routers that do QoS well enough. As far as i have configured my QoS there has not been any instance where bittorent traffic causes a slow down in other applications and bittorrent runs as fast as ever when there is available bandwidth. What one person considers important another doesnt. Many examples in routerOS put a low priority on HTTP while i put HTTP priority as high as possible but below gaming, VOIP and such.

as a wired router mikrotik routerboards are very solid and so are many of their wireless routerboards although only some of their wireless models may have issues but i have yet to see any wireless device not have problems with wireless yet.

 

[htismaqe]

I have seen this mentioned many times but I haven't had any problems with Tomato's QoS and a few basic rules. Even when my connection speed was only 16Mbps I was able to see only a few ms of raised ping in game with two HD Netflix streams purposely started at the same time while neither stream encountered buffering problems. Tomato's QoS is also doing it's job now but I'm forced to cap it down to 40Mbps because the router cannot handle applying QoS at higher speeds.

I'm not intimately familiar with Netflix's underlying protocols, but it's entirely possible the two streams are doing all the flow control themselves within the application protocol (layer 7). I have a 30Mbps ethernet connection here and every night we have 2, and sometimes 3, Netflix streams running at once. I don't have any QoS enabled and they work fine. In fact, I see the bit rate on the streams drop when another starts. So it appears to me the streams/end devices are doing something on their own to accommodate for congestion.

There's a lot of misconceptions and misinformation about what is actually network QoS. I can tell you from 20 years of experience working on IP MPLS networks using DiffServ that network-layer QoS does not work on ingress only. It has to be applied on egress in order to prevent bandwidth saturation downstream. IP and most of the common layer 2 protocols (other than frame relay) have no mechanism for two-way notification of bandwidth congestion because there's no deterministic path through the network. Congestion control is applied at the interface level, per hop. That's not to say that you can't employ higher layer mechanisms for flow control (like TCP) or write intelligent applications that do their own QoS. In fact, you have to because you have to have some awareness of the end-to-end session in order for it to work properly.

 

[stevech]

I understand that Netflix adjust their video compression / bit rate on the fly as need be to avoid dropped frames.
I've seen my HD Netflix movie looking great on the HD TV, and router's flow loads say it's using 2Mbps or so.

 

[Laserburn]

I think your configuration must be wrong somewhere.

I use QoS using mikrotik even more deeply by applying it at L2 as well. So far it has worked very effectively for me without using bandwidth control and applying it into a mixed application consisting of high bandwidth and time sensitive stuff ruinng such as combining streaming (upload) with VOIP, file syncs and gaming(hosting and playing) all at the same time on a limited bandwidth. The key to using mikrotik routerOS is to have knowledge on the type of network you are trying to build. If you have absolutely no networking knowledge than there are some consumer routers that do QoS well enough. As far as i have configured my QoS there has not been any instance where bittorent traffic causes a slow down in other applications and bittorrent runs as fast as ever when there is available bandwidth. What one person considers important another doesnt. Many examples in routerOS put a low priority on HTTP while i put HTTP priority as high as possible but below gaming, VOIP and such.

as a wired router mikrotik routerboards are very solid and so are many of their wireless routerboards although only some of their wireless models may have issues but i have yet to see any wireless device not have problems with wireless yet.

Could you dump your mangle and QoS info here? I'm curious as to how yours might differ from mine.

 

[sfx2000]

I'm not intimately familiar with Netflix's underlying protocols, but it's entirely possible the two streams are doing all the flow control themselves within the application protocol (layer 7)

It's an adaptive feedback at the app layer - not saying that we optimize the heck out of it - Sandvine/Citrix-ByteMobile along with local CDN... lots of special sauce there...

 

[Nullity]

Just use any free, Linux-based router distribution on some old PC. IPFire is good. BSD-based router distributions are also good, but development is a but slower than Linux (I use pfSense myself because iptables is the devil).

If you want the most current CoDel implementation, you want "cake". http://www.bufferbloat.net/projects/codel/wiki/Cake


CoDel, in any form (codel/fq_codel/cake), makes a very noticeable difference, with no extra configuring. During a test where I fully saturate my upload, my ping without codel is ~600ms, and with codel it is ~50ms. My ping during idle is ~15ms.

Ingress limiting is a complex subject, but it can help as well.

Avoiding your ISP's buffers, and doing all the buffering yourself, is the objective, more or less.

 

[System Error Message]

Could you dump your mangle and QoS info here? I'm curious as to how yours might differ from mine.

Although my network isnt fully completed my router does work mostly because my ISP does the NAT so my network is complicated because i have 3 different LANs running on the same wire, 2 of them belonging to my ISP. theres a 10.x authenticated network and 10.x unauthenticated network and on top of that i have VPN and a 192.x network as well. Internet uses the 10.x authenticated network but everything passes through my router first and i use a lot of L2 filters too. I am also unable to use normal routing or even NAT (double NAT) since that is blocked by my ISP since they are student ISP.

mangle
0 chain=prerouting action=mark-packet new-packet-mark=ping passthrough=no
protocol=icmp log=no log-prefix=""

1 chain=prerouting action=mark-packet new-packet-mark=teamspeak
passthrough=no protocol=udp src-address=x.x.x.x src-port=xxxx
log=no log-prefix=""

2 chain=output action=mark-packet new-packet-mark=proxy passthrough=no
protocol=tcp src-port=8080 log=no log-prefix=""

3 chain=prerouting action=mark-packet new-packet-mark=http passthrough=no
protocol=tcp dst-port=80,443 log=no log-prefix=""

4 chain=prerouting action=mark-packet new-packet-mark=http passthrough=no
protocol=tcp src-port=80,443 log=no log-prefix=""

5 chain=prerouting action=mark-packet new-packet-mark=torrent
passthrough=no p2p=bit-torrent log=no log-prefix=""

6 chain=prerouting action=mark-packet new-packet-mark=p2p passthrough=no
p2p=all-p2p log=no log-prefix=""


Simple Queues
# jun/12/2015 5:50:51 by RouterOS 6.26
# software id = ATRZ-3PVJ
#
Flags: X - disabled, I - invalid, D - dynamic
name="incoming broadcast" target=switch parent=none
packet-marks=broadcast priority=8/8 queue=default-small/default-small
limit-at=0/0 max-limit=64k/64k burst-limit=0/0 burst-threshold=0/0
burst-time=0s/0s

name="pings" target=switch parent=none packet-marks=ping priority=6/6
queue=default-small/default-small limit-at=0/0 max-limit=0/0
burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s
total-queue=default

name="Uploads" target=ether8 parent=none packet-marks=upload priority=1/1
queue=upload normal/upload normal limit-at=0/0 max-limit=0/0
burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s

name="Normal traffic" target=switch parent=none packet-marks=""
priority=4/4 queue=download normal/download normal limit-at=0/0
max-limit=0/0 burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s

name="Other traffic" target=switch parent=Normal traffic
packet-marks=no-mark priority=7/7 queue=default/default limit-at=0/0
max-limit=0/0 burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s
total-queue=default

name="web" target=switch parent=Normal traffic packet-marks=""
priority=3/3 queue=default/default limit-at=0/0 max-limit=0/0
burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s

name="queue1" target=192.168.88.0/24 parent=Normal traffic
packet-marks=proxy priority=8/8 queue=default/default limit-at=0/0
max-limit=0/0 burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s
total-queue=default

name="torrent" target=switch parent=none packet-marks=torrent
priority=8/8 queue=default/default limit-at=0/0 max-limit=0/0
burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s

name="p2p" target=switch parent=none packet-marks=p2p priority=7/7
queue=default/default limit-at=0/0 max-limit=0/0 burst-limit=0/0
burst-threshold=0/0 burst-time=0s/0s

name="teamspeak" target=switch parent=none packet-marks=teamspeak
priority=2/2 queue=default-small/default-small limit-at=0/0
max-limit=0/0 burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s

So while i cannot control download i can control uploads. Fully configuring it would be too long to list and im not sure if you can understand much since i am using the interfaces inefficiently but a single TILE core doesnt use any CPU to max out my connection. If you are having trouble with your mikrotik why not list it and i can help you with it. You can also send me a PM instead of listing it here. I probably should make a guide. You were saying that mikrotik is unreliable when it really depends on the skill of the person that configures it. There are many people who use it for harder things and are doing much better with it. Even though i have low expectations of consumer hardware i dont go saying that a particular brand is unreliable or unstable. Theres even clear evidence that Ubiquiti edgeOS doesnt work properly configuration wise to get hardware acceleration for NAT working but no one bashes their brand for it.

you cant just copy paste these rules as they arent designed for a standard home network. For your information netduma uses mikrotik routerboards with their own web interfaces and has been receiving positive feedback from gamers.