1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Multi-SSID with QoS

Discussion in 'Tomato Firmware' started by soapee01, Jul 19, 2012.

  1. soapee01

    soapee01 Networkin' Nut Member

    Hi,

    Running Sibby's excellent FW (Tomato Firmware 1.28.0000 MIPSR2-095 K26 USB AIO) on an Asus RT-N16. Multi-SSID works fine (WPA2 AES Personal on both AP's). When I enable QoS, wlan0/br0 are fine, but wlan0.1/br1lose internet access. All of the traffic gets labled Unclassified. I've gone through iptables, and the mangle table, but nothing is jumping out at me... Has anyone else run into this with a possible fix? If QoS is disabled internet access is okay for both vlan's

    iptables -t mangle -L
    http://pastebin.com/Y2H2LTpQ
    iptables -L
    http://pastebin.com/BNjrSvXA

    Regards,

    James
     
  2. hrvoje

    hrvoje Serious Server Member

    Have the same configuration (mine is little bit newer tomato-K26USB-1.28.RT-MIPSR2-097-Mega-VPN), but maybe the same, maybe the similar problem. All my transfer rates are 0, there is no graph for Bandwidth Distribution. Did you find the solution?
     
  3. soapee01

    soapee01 Networkin' Nut Member

    I'm still not sure what's going on with QoS, but I did get wireless working on guest by disabling Captive Portal. The rules that appear responsible are

    iptables -L -v -t mangle
    Code:
    Chain QOSO (2 references)[/SIZE]
    [SIZE=3]pkts bytes target    prot opt in    out    source              destination [/SIZE]
    [SIZE=3]  13  988 CONNMARK  udp  --  any    any    192.168.47.0/24      anywhere            CONNMARK set-return 0x100105/0xff [/SIZE][/SIZE]
    [SIZE=3]  63  3839 CONNMARK  tcp  --  any    any    192.168.47.0/24      anywhere            CONNMARK set-return 0x100105/0xff



    I tried deleting those with iptables -t mangle -D QOSO 5 (the rule number in above) but it didn't seem to make any difference. Guest wireless QOS is still labeled unclassified.

    I also added the following to disable guest access to the admin page/ssh/telnet (to the Admin->Scripts->Firewall)

    Code:
    iptables -I INPUT 1 -s 192.168.47.0/24 -p tcp --destination-port 80 -j DROP[/SIZE]
    [SIZE=3]iptables -I INPUT 2 -s 192.168.47.0/24 -p tcp --destination-port 22 -j DROP[/SIZE]
    [SIZE=3]iptables -I INPUT 3 -s 192.168.47.0/24 -p tcp --destination-port 23 -j DROP


    It's working, but I wish QoS was better for Guest, and that Captive portal was working. I may dig more into that later...
     
  4. hrvoje

    hrvoje Serious Server Member

    I fixed my problem. The problem was that I had Bandwidth Limiter turned on and then QoS didn't work. When I turned Bandwith Limiter off everything went well. I have the similar configuration and everything works well so if you need help I can send you my configuration.
     
  5. soapee01

    soapee01 Networkin' Nut Member

    Hmm. I have bandwidth limiter disabled as well, but QoS is still marking everything on the guest network unclassified (but that's fine for now). Did you play with captive portal on the guest network hrvoje?
     
  6. hrvoje

    hrvoje Serious Server Member

    No, I don't even know what's that for. :)
     
  7. fearz

    fearz Serious Server Member

    I have the same problem...Captive + BW Limiter will not work together unless QOS is disabled...Any solutions?
     

Share This Page