Thanks Toastman.... I think I will experiment with deleting the Games class and putting all my VOIP stuff in the High class.
Use the games class for VOIP?
Another question though.... I notice the percentages in the Highest and High class are fairly low i.e. 5-20%. This runs very contrary to the default setting of Tomato which if I remember is Highest 80-100%, High 10-100%. In my case the 5-20% on a 1MB outbound line gives 42 - 170 kbit/s. My VOIP alone needs around 100kbit/sec.
Can you explain the reasoning around this relatively low figure for the high/highest categories, or direct me to a previous post that does? I don't doubt you, am just wondering how it works. Would I be safe to change it upwards, or how else should I guarantee bandwidth for my VOIP?
In my case VOIP isn't given any priority as we don't encourage people to use our bandwidth for phone calls in a shared environment. So it's sufficient. You can up this to suit your own use. My experiments in actually giving it priority have actually been quite positive, and I am adding VOIP to the Games class - which will now become Game/VOIP. Another important reason not to allow that class to take 100% if it's not needed, is that on occasions P2P can and will use those ports, and perhaps hog your bandwidth, without you realizing why.
Do you have any idea how best to classify Skype? Are the L7 rules effective? Or port-based ones? I used to use both a port-based rule for the Skype port and an L7 rule, high up on the list, but I'm not sure if it was effective or not.
Not too confident of this, as I don't use skype myself, but the L7 rules seem to work quite well these days. The skype-to-skype L7 rule is OK, but the skypeout filter (to POTS telephone) allows so much P2P past that it's useless, and has to be disabled. You just have to experiment. Note - on the ASUS RT-N16 quite a few L7 rules can be loaded without any problem, but on a WRT54GL etc. too many will result in a noticeable slowdown of the router.
Also, when I'm looking at the connections graphs under your setup, I'm seeing a lot of "unclassified" connections. I am pretty certain these are mostly bittorrent as most of them have 6881 as src or dst port. I tried to add a rule at the bottom TCP/UDP Src or Dst Port = 6881 > Class D. However I still see a lot of these connections unclassified. What I don't understand is if I can see the src or destination port as 6881 in the Graphs/Details.... then how come they're not getting classified? I hasten to say I had the same with my previous setup.
Normally most unclassified connections are incoming attempts to connect to ports that have already been closed. Remote P2P clients etc. keep trying to connect regardless. They eventually give up but there will always be more opening. There's nothing you can do to stop this, it's just how it is.
Be aware that some of these may be TEREDO or other connections associated with IPv6 (windows Vista, and 7) which is enabled by default. You should perhaps disable it on your PC by command line:
netsh
interface
teredo
set state disabled